git: a39dedeb3105 - main - netpfil tests: improve sniffer.py
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 22 Jan 2023 04:53:41 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=a39dedeb31052ec74b0cd394d56f8d7cc8534645
commit a39dedeb31052ec74b0cd394d56f8d7cc8534645
Author: Kajetan Staszkiewicz <vegeta@tuxpowered.net>
AuthorDate: 2023-01-20 01:40:34 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-01-22 03:26:32 +0000
netpfil tests: improve sniffer.py
Multiple improvements to sniffer.py:
* Remove ambiguity of configuring recvif, it must be now explicitly specified.
* Don't catch exceptions around creating the sniffer, let it properly
fail and display the whole stack trace.
* Count correct packets so that duplicates can be found.
MFC after: 1 week
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D38120
---
tests/sys/net/pcp.py | 4 ++--
tests/sys/net/stp.py | 4 ++--
tests/sys/netpfil/common/pft_icmp_check.py | 4 ++--
tests/sys/netpfil/common/pft_ping.py | 10 +++++-----
tests/sys/netpfil/common/sniffer.py | 20 +++++++-------------
tests/sys/netpfil/pf/CVE-2019-5598.py | 4 ++--
6 files changed, 20 insertions(+), 26 deletions(-)
diff --git a/tests/sys/net/pcp.py b/tests/sys/net/pcp.py
index cea88faaf438..c0b6d4efc3b0 100644
--- a/tests/sys/net/pcp.py
+++ b/tests/sys/net/pcp.py
@@ -61,11 +61,11 @@ def main():
args = parser.parse_args()
- sniffer = Sniffer(args, check_pcp, recvif=args.recvif[0], timeout=20)
+ sniffer = Sniffer(args, check_pcp, args.recvif[0], timeout=20)
sniffer.join()
- if sniffer.foundCorrectPacket:
+ if sniffer.correctPackets:
sys.exit(0)
sys.exit(1)
diff --git a/tests/sys/net/stp.py b/tests/sys/net/stp.py
index 3e7d011efdd1..dc6634fb7279 100644
--- a/tests/sys/net/stp.py
+++ b/tests/sys/net/stp.py
@@ -100,14 +100,14 @@ def main():
args = parser.parse_args()
- sniffer = Sniffer(args, check_stp)
+ sniffer = Sniffer(args, check_stp, args.recvif[0])
invalid_stp(args.sendif[0])
sniffer.join()
# The 'correct' packet is a corrupt STP packet, so it shouldn't turn up.
- if sniffer.foundCorrectPacket:
+ if sniffer.correctPackets:
sys.exit(1)
if __name__ == '__main__':
diff --git a/tests/sys/netpfil/common/pft_icmp_check.py b/tests/sys/netpfil/common/pft_icmp_check.py
index e3c5b927aa63..070465a198f7 100644
--- a/tests/sys/netpfil/common/pft_icmp_check.py
+++ b/tests/sys/netpfil/common/pft_icmp_check.py
@@ -96,14 +96,14 @@ def main():
args = parser.parse_args()
sniffer = None
if not args.recvif is None:
- sniffer = Sniffer(args, check_icmp_too_big)
+ sniffer = Sniffer(args, check_icmp_too_big, args.recvif[0])
ping(args.sendif[0], args.to[0], args)
if sniffer:
sniffer.join()
- if sniffer.foundCorrectPacket:
+ if sniffer.correctPackets:
sys.exit(0)
else:
sys.exit(1)
diff --git a/tests/sys/netpfil/common/pft_ping.py b/tests/sys/netpfil/common/pft_ping.py
index 9ed6a00cab34..ba64b9a0cb73 100644
--- a/tests/sys/netpfil/common/pft_ping.py
+++ b/tests/sys/netpfil/common/pft_ping.py
@@ -317,16 +317,16 @@ def main():
if args.tcpsyn:
checkfn=check_tcpsyn
- sniffer = Sniffer(args, checkfn)
+ sniffer = Sniffer(args, checkfn, args.recvif[0])
replysniffer = None
if not args.replyif is None:
checkfn=check_ping_reply
- replysniffer = Sniffer(args, checkfn, recvif=args.replyif[0])
+ replysniffer = Sniffer(args, checkfn, args.replyif[0])
dupsniffer = None
if args.checkdup is not None:
- dupsniffer = Sniffer(args, check_dup, recvif=args.checkdup[0])
+ dupsniffer = Sniffer(args, check_dup, args.checkdup[0])
if args.tcpsyn:
tcpsyn(args.sendif[0], args.to[0], args)
@@ -344,7 +344,7 @@ def main():
if sniffer:
sniffer.join()
- if sniffer.foundCorrectPacket:
+ if sniffer.correctPackets:
sys.exit(0)
else:
sys.exit(1)
@@ -352,7 +352,7 @@ def main():
if replysniffer:
replysniffer.join()
- if replysniffer.foundCorrectPacket:
+ if replysniffer.correctPackets:
sys.exit(0)
else:
sys.exit(1)
diff --git a/tests/sys/netpfil/common/sniffer.py b/tests/sys/netpfil/common/sniffer.py
index 5e09a2e4db37..cee6f73e22dc 100644
--- a/tests/sys/netpfil/common/sniffer.py
+++ b/tests/sys/netpfil/common/sniffer.py
@@ -31,18 +31,15 @@ import scapy.all as sp
import sys
class Sniffer(threading.Thread):
- def __init__(self, args, check_function, recvif=None, timeout=3):
+ def __init__(self, args, check_function, recvif, timeout=3):
threading.Thread.__init__(self)
self._sem = threading.Semaphore(0)
self._args = args
self._timeout = timeout
- if recvif is not None:
- self._recvif = recvif
- else:
- self._recvif = args.recvif[0]
+ self._recvif = recvif
self._check_function = check_function
- self.foundCorrectPacket = False
+ self.correctPackets = 0
self.start()
if not self._sem.acquire(timeout=30):
@@ -51,7 +48,7 @@ class Sniffer(threading.Thread):
def _checkPacket(self, packet):
ret = self._check_function(self._args, packet)
if ret:
- self.foundCorrectPacket = True
+ self.correctPackets += 1
return ret
def _startedCb(self):
@@ -59,9 +56,6 @@ class Sniffer(threading.Thread):
def run(self):
self.packets = []
- try:
- self.packets = sp.sniff(iface=self._recvif,
- stop_filter=self._checkPacket, timeout=self._timeout,
- started_callback=self._startedCb)
- except Exception as e:
- print(e, file=sys.stderr)
+ self.packets = sp.sniff(iface=self._recvif,
+ stop_filter=self._checkPacket, timeout=self._timeout,
+ started_callback=self._startedCb)
diff --git a/tests/sys/netpfil/pf/CVE-2019-5598.py b/tests/sys/netpfil/pf/CVE-2019-5598.py
index 603a1aef376f..b72c04c5e19b 100644
--- a/tests/sys/netpfil/pf/CVE-2019-5598.py
+++ b/tests/sys/netpfil/pf/CVE-2019-5598.py
@@ -72,7 +72,7 @@ def main():
sp.sendp(udp, iface=args.sendif[0], verbose=False)
# Start sniffing on recvif
- sniffer = Sniffer(args, check_icmp_error)
+ sniffer = Sniffer(args, check_icmp_error, args.recvif[0])
# Send the bad error packet
icmp_reachable = sp.Ether() / \
@@ -83,7 +83,7 @@ def main():
sp.sendp(icmp_reachable, iface=args.sendif[0], verbose=False)
sniffer.join()
- if sniffer.foundCorrectPacket:
+ if sniffer.correctPackets:
sys.exit(1)
sys.exit(0)