From nobody Sun Jan 29 07:50:50 2023 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4P4Nlv2Jxhz3bVpt; Sun, 29 Jan 2023 07:50:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4P4Nlv1KwBz4PWW; Sun, 29 Jan 2023 07:50:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674978651; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LMwpeRDGMgqfT0V4DooPlys7YrqxhS2Qf4uGzLjx/7k=; b=uC528t5iyNUBFA2Wme3hzD0Jj8kjQ5nlwUyJ0OkLoaOa4ceoqtvF/M9gjfCdyHiLf4lgVY MVMGrEpCPgVJHD6cFKJlTj72NL4kQgvJZNq49MEF86otfUPckz3K3vw240QvT4BdA/ncA5 0S7HOMMUfJwlh/pDWPuMHvoHHsIglQ+ZHt+kvkEQTStW7KJze8xDgwPMD6twytnzRhTf0H eujO9od/2ZzMifQDybNpaxNObruAoPdVj/++J3XHov5LNREblE7/35N7RdgzxUgo5z6d8g lFQGrPVULzJd6QiEz27xLOjfu0tTwgB2WIFZGmEOK4rNVKic11TOJ7CW1mEH4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1674978651; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LMwpeRDGMgqfT0V4DooPlys7YrqxhS2Qf4uGzLjx/7k=; b=TRrgCHXvKbI7c+vchkkpflUoaR4woIX+QJAPv2ginxaEujUOTc/NF6EtUuulXLgNjT7rbJ MW/ik6eAL8bSIlXZ3YCEBVvXg5HplYNtBWZKMkUnk1H1yt4xLTntbsBL7Y3cXf+BX4URsM 9WtOph/rqr1iv7nzm7EPZO/i0mu9+uglibD7fyQ2co7x1DkDYWCq4+1ViyULob02nVMK2I SrrsmYk2i3amWweXH2WzipNTNF5gw00MMZj8oFFWtpG0L5cxrrpZB1embvdN6vBuFt2Ffd rYhsZTY8wSv2dtbnR3Aki+oTGbM/4NzvIz7yPmEYVZXgpFCSgKp0v15wk6jTcg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1674978651; a=rsa-sha256; cv=none; b=URwu6KWSh+t8Uou/BTlg50bt7ZmbYfYmqM98P+HacbwAkLtANjVGTrp8EfPT4YXD/xYGG7 bDSs5tDxhdzQ8fWIW5hfe88QicHF86Xju0YL4v/xgLFf+3i/ahCB9nFQr5Jl5iEDwFX4jI h67tL5kCpERlM2uvT07ybB0oXggcWsLNenRjqA9iAwSw7wdRHN6lkWV92BCFGzDNhLCmFa Dejb0OGYloejWofbQBpYaUatkZZ8TnJCpbQ/uTzD2bVnO95kvD2dMLYnPQ0fbS+NO2vyFz FCFdnQ22UDa6nVYFkpSc5Q30bxxQOBFkVTeTdKgkC3cQiVGo2V/2MHUT25TArA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4P4Nlv0RqXzLkX; Sun, 29 Jan 2023 07:50:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30T7ooaN047131; Sun, 29 Jan 2023 07:50:50 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30T7ooWl047119; Sun, 29 Jan 2023 07:50:50 GMT (envelope-from git) Date: Sun, 29 Jan 2023 07:50:50 GMT Message-Id: <202301290750.30T7ooWl047119@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: e2be74cff37a - stable/12 - netpfil tests: improve sniffer.py List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: e2be74cff37aa46695838bcede8eb4b7d32f31f2 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=e2be74cff37aa46695838bcede8eb4b7d32f31f2 commit e2be74cff37aa46695838bcede8eb4b7d32f31f2 Author: Kajetan Staszkiewicz AuthorDate: 2023-01-20 01:40:34 +0000 Commit: Kristof Provost CommitDate: 2023-01-29 01:47:18 +0000 netpfil tests: improve sniffer.py Multiple improvements to sniffer.py: * Remove ambiguity of configuring recvif, it must be now explicitly specified. * Don't catch exceptions around creating the sniffer, let it properly fail and display the whole stack trace. * Count correct packets so that duplicates can be found. MFC after: 1 week Sponsored by: InnoGames GmbH Differential Revision: https://reviews.freebsd.org/D38120 (cherry picked from commit a39dedeb31052ec74b0cd394d56f8d7cc8534645) --- tests/sys/net/pcp.py | 4 ++-- tests/sys/net/stp.py | 4 ++-- tests/sys/netpfil/common/pft_icmp_check.py | 4 ++-- tests/sys/netpfil/common/pft_ping.py | 10 +++++----- tests/sys/netpfil/common/sniffer.py | 20 +++++++------------- tests/sys/netpfil/pf/CVE-2019-5598.py | 4 ++-- 6 files changed, 20 insertions(+), 26 deletions(-) diff --git a/tests/sys/net/pcp.py b/tests/sys/net/pcp.py index cea88faaf438..c0b6d4efc3b0 100644 --- a/tests/sys/net/pcp.py +++ b/tests/sys/net/pcp.py @@ -61,11 +61,11 @@ def main(): args = parser.parse_args() - sniffer = Sniffer(args, check_pcp, recvif=args.recvif[0], timeout=20) + sniffer = Sniffer(args, check_pcp, args.recvif[0], timeout=20) sniffer.join() - if sniffer.foundCorrectPacket: + if sniffer.correctPackets: sys.exit(0) sys.exit(1) diff --git a/tests/sys/net/stp.py b/tests/sys/net/stp.py index 3e7d011efdd1..dc6634fb7279 100644 --- a/tests/sys/net/stp.py +++ b/tests/sys/net/stp.py @@ -100,14 +100,14 @@ def main(): args = parser.parse_args() - sniffer = Sniffer(args, check_stp) + sniffer = Sniffer(args, check_stp, args.recvif[0]) invalid_stp(args.sendif[0]) sniffer.join() # The 'correct' packet is a corrupt STP packet, so it shouldn't turn up. - if sniffer.foundCorrectPacket: + if sniffer.correctPackets: sys.exit(1) if __name__ == '__main__': diff --git a/tests/sys/netpfil/common/pft_icmp_check.py b/tests/sys/netpfil/common/pft_icmp_check.py index e3c5b927aa63..070465a198f7 100644 --- a/tests/sys/netpfil/common/pft_icmp_check.py +++ b/tests/sys/netpfil/common/pft_icmp_check.py @@ -96,14 +96,14 @@ def main(): args = parser.parse_args() sniffer = None if not args.recvif is None: - sniffer = Sniffer(args, check_icmp_too_big) + sniffer = Sniffer(args, check_icmp_too_big, args.recvif[0]) ping(args.sendif[0], args.to[0], args) if sniffer: sniffer.join() - if sniffer.foundCorrectPacket: + if sniffer.correctPackets: sys.exit(0) else: sys.exit(1) diff --git a/tests/sys/netpfil/common/pft_ping.py b/tests/sys/netpfil/common/pft_ping.py index ff4f19f43af7..5421eb38e36c 100644 --- a/tests/sys/netpfil/common/pft_ping.py +++ b/tests/sys/netpfil/common/pft_ping.py @@ -264,16 +264,16 @@ def main(): if args.tcpsyn: checkfn=check_tcpsyn - sniffer = Sniffer(args, checkfn) + sniffer = Sniffer(args, checkfn, args.recvif[0]) replysniffer = None if not args.replyif is None: checkfn=check_ping_reply - replysniffer = Sniffer(args, checkfn, recvif=args.replyif[0]) + replysniffer = Sniffer(args, checkfn, args.replyif[0]) dupsniffer = None if args.checkdup is not None: - dupsniffer = Sniffer(args, check_dup, recvif=args.checkdup[0]) + dupsniffer = Sniffer(args, check_dup, args.checkdup[0]) if args.tcpsyn: tcpsyn(args.sendif[0], args.to[0], args) @@ -291,7 +291,7 @@ def main(): if sniffer: sniffer.join() - if sniffer.foundCorrectPacket: + if sniffer.correctPackets: sys.exit(0) else: sys.exit(1) @@ -299,7 +299,7 @@ def main(): if replysniffer: replysniffer.join() - if replysniffer.foundCorrectPacket: + if replysniffer.correctPackets: sys.exit(0) else: sys.exit(1) diff --git a/tests/sys/netpfil/common/sniffer.py b/tests/sys/netpfil/common/sniffer.py index 5e09a2e4db37..cee6f73e22dc 100644 --- a/tests/sys/netpfil/common/sniffer.py +++ b/tests/sys/netpfil/common/sniffer.py @@ -31,18 +31,15 @@ import scapy.all as sp import sys class Sniffer(threading.Thread): - def __init__(self, args, check_function, recvif=None, timeout=3): + def __init__(self, args, check_function, recvif, timeout=3): threading.Thread.__init__(self) self._sem = threading.Semaphore(0) self._args = args self._timeout = timeout - if recvif is not None: - self._recvif = recvif - else: - self._recvif = args.recvif[0] + self._recvif = recvif self._check_function = check_function - self.foundCorrectPacket = False + self.correctPackets = 0 self.start() if not self._sem.acquire(timeout=30): @@ -51,7 +48,7 @@ class Sniffer(threading.Thread): def _checkPacket(self, packet): ret = self._check_function(self._args, packet) if ret: - self.foundCorrectPacket = True + self.correctPackets += 1 return ret def _startedCb(self): @@ -59,9 +56,6 @@ class Sniffer(threading.Thread): def run(self): self.packets = [] - try: - self.packets = sp.sniff(iface=self._recvif, - stop_filter=self._checkPacket, timeout=self._timeout, - started_callback=self._startedCb) - except Exception as e: - print(e, file=sys.stderr) + self.packets = sp.sniff(iface=self._recvif, + stop_filter=self._checkPacket, timeout=self._timeout, + started_callback=self._startedCb) diff --git a/tests/sys/netpfil/pf/CVE-2019-5598.py b/tests/sys/netpfil/pf/CVE-2019-5598.py index 603a1aef376f..b72c04c5e19b 100644 --- a/tests/sys/netpfil/pf/CVE-2019-5598.py +++ b/tests/sys/netpfil/pf/CVE-2019-5598.py @@ -72,7 +72,7 @@ def main(): sp.sendp(udp, iface=args.sendif[0], verbose=False) # Start sniffing on recvif - sniffer = Sniffer(args, check_icmp_error) + sniffer = Sniffer(args, check_icmp_error, args.recvif[0]) # Send the bad error packet icmp_reachable = sp.Ether() / \ @@ -83,7 +83,7 @@ def main(): sp.sendp(icmp_reachable, iface=args.sendif[0], verbose=False) sniffer.join() - if sniffer.foundCorrectPacket: + if sniffer.correctPackets: sys.exit(1) sys.exit(0)