diff options
Diffstat (limited to 'tests/py/ip/ip.t.payload')
-rw-r--r-- | tests/py/ip/ip.t.payload | 386 |
1 files changed, 386 insertions, 0 deletions
diff --git a/tests/py/ip/ip.t.payload b/tests/py/ip/ip.t.payload new file mode 100644 index 00000000..da2dc218 --- /dev/null +++ b/tests/py/ip/ip.t.payload @@ -0,0 +1,386 @@ +# ip length 232 +ip test-ip4 input + [ payload load 2b @ network header + 2 => reg 1 ] + [ cmp eq reg 1 0x0000e800 ] + +# ip length != 233 +ip test-ip4 input + [ payload load 2b @ network header + 2 => reg 1 ] + [ cmp neq reg 1 0x0000e900 ] + +# ip length 333-435 +ip test-ip4 input + [ payload load 2b @ network header + 2 => reg 1 ] + [ cmp gte reg 1 0x00004d01 ] + [ cmp lte reg 1 0x0000b301 ] + +# ip length != 333-453 +ip test-ip4 input + [ payload load 2b @ network header + 2 => reg 1 ] + [ cmp lt reg 1 0x00004d01 ] + [ cmp gt reg 1 0x0000c501 ] + +# ip length { 333, 553, 673, 838} +set%d test-ip4 3 +set%d test-ip4 0 + element 00004d01 : 0 [end] element 00002902 : 0 [end] element 0000a102 : 0 [end] element 00004603 : 0 [end] +ip test-ip4 input + [ payload load 2b @ network header + 2 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip length { 333-535} +set%d test-ip4 7 +set%d test-ip4 0 + element 00000000 : 1 [end] element 00004d01 : 0 [end] element 00001802 : 1 [end] +ip test-ip4 input + [ payload load 2b @ network header + 2 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip id 22 +ip test-ip4 input + [ payload load 2b @ network header + 4 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip id != 233 +ip test-ip4 input + [ payload load 2b @ network header + 4 => reg 1 ] + [ cmp neq reg 1 0x0000e900 ] + +# ip id 33-45 +ip test-ip4 input + [ payload load 2b @ network header + 4 => reg 1 ] + [ cmp gte reg 1 0x00002100 ] + [ cmp lte reg 1 0x00002d00 ] + +# ip id != 33-45 +ip test-ip4 input + [ payload load 2b @ network header + 4 => reg 1 ] + [ cmp lt reg 1 0x00002100 ] + [ cmp gt reg 1 0x00002d00 ] + +# ip id { 33, 55, 67, 88} +set%d test-ip4 3 +set%d test-ip4 0 + element 00002100 : 0 [end] element 00003700 : 0 [end] element 00004300 : 0 [end] element 00005800 : 0 [end] +ip test-ip4 input + [ payload load 2b @ network header + 4 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip id { 33-55} +set%d test-ip4 7 +set%d test-ip4 0 + element 00000000 : 1 [end] element 00002100 : 0 [end] element 00003800 : 1 [end] +ip test-ip4 input + [ payload load 2b @ network header + 4 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip frag-off 222 accept +ip test-ip4 input + [ payload load 2b @ network header + 6 => reg 1 ] + [ cmp eq reg 1 0x0000de00 ] + [ immediate reg 0 accept ] + +# ip frag-off != 233 +ip test-ip4 input + [ payload load 2b @ network header + 6 => reg 1 ] + [ cmp neq reg 1 0x0000e900 ] + +# ip frag-off 33-45 +ip test-ip4 input + [ payload load 2b @ network header + 6 => reg 1 ] + [ cmp gte reg 1 0x00002100 ] + [ cmp lte reg 1 0x00002d00 ] + +# ip frag-off != 33-45 +ip test-ip4 input + [ payload load 2b @ network header + 6 => reg 1 ] + [ cmp lt reg 1 0x00002100 ] + [ cmp gt reg 1 0x00002d00 ] + +# ip frag-off { 33, 55, 67, 88} +set%d test-ip4 3 +set%d test-ip4 0 + element 00002100 : 0 [end] element 00003700 : 0 [end] element 00004300 : 0 [end] element 00005800 : 0 [end] +ip test-ip4 input + [ payload load 2b @ network header + 6 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip frag-off { 33-55} +set%d test-ip4 7 +set%d test-ip4 0 + element 00000000 : 1 [end] element 00002100 : 0 [end] element 00003800 : 1 [end] +ip test-ip4 input + [ payload load 2b @ network header + 6 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip ttl 0 drop +ip test-ip4 input + [ payload load 1b @ network header + 8 => reg 1 ] + [ cmp eq reg 1 0x00000000 ] + [ immediate reg 0 drop ] + +# ip ttl 233 log +ip test-ip4 input + [ payload load 1b @ network header + 8 => reg 1 ] + [ cmp eq reg 1 0x000000e9 ] + [ log prefix (null) ] + +# ip ttl 33-55 +ip test-ip4 input + [ payload load 1b @ network header + 8 => reg 1 ] + [ cmp gte reg 1 0x00000021 ] + [ cmp lte reg 1 0x00000037 ] + +# ip ttl != 45-50 +ip test-ip4 input + [ payload load 1b @ network header + 8 => reg 1 ] + [ cmp lt reg 1 0x0000002d ] + [ cmp gt reg 1 0x00000032 ] + +# ip ttl {43, 53, 45 } +set%d test-ip4 3 +set%d test-ip4 0 + element 0000002b : 0 [end] element 00000035 : 0 [end] element 0000002d : 0 [end] +ip test-ip4 input + [ payload load 1b @ network header + 8 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip ttl { 33-55} +set%d test-ip4 7 +set%d test-ip4 0 + element 00000000 : 1 [end] element 00000021 : 0 [end] element 00000038 : 1 [end] +ip test-ip4 input + [ payload load 1b @ network header + 8 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip protocol tcp log +ip test-ip4 input + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ log prefix (null) ] + +# ip protocol != tcp log +ip test-ip4 input + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp neq reg 1 0x00000006 ] + [ log prefix (null) ] + +# ip protocol { icmp, esp, ah, comp, udp, udplite, tcp, dccp, sctp} accept +set%d test-ip4 3 +set%d test-ip4 0 + element 00000001 : 0 [end] element 00000032 : 0 [end] element 00000033 : 0 [end] element 0000006c : 0 [end] element 00000011 : 0 [end] element 00000088 : 0 [end] element 00000006 : 0 [end] element 00000021 : 0 [end] element 00000084 : 0 [end] +ip test-ip4 input + [ payload load 1b @ network header + 9 => reg 1 ] + [ lookup reg 1 set set%d ] + [ immediate reg 0 accept ] + +# ip checksum 13172 drop +ip test-ip4 input + [ payload load 2b @ network header + 10 => reg 1 ] + [ cmp eq reg 1 0x00007433 ] + [ immediate reg 0 drop ] + +# ip checksum 22 +ip test-ip4 input + [ payload load 2b @ network header + 10 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip checksum != 233 +ip test-ip4 input + [ payload load 2b @ network header + 10 => reg 1 ] + [ cmp neq reg 1 0x0000e900 ] + +# ip checksum 33-45 +ip test-ip4 input + [ payload load 2b @ network header + 10 => reg 1 ] + [ cmp gte reg 1 0x00002100 ] + [ cmp lte reg 1 0x00002d00 ] + +# ip checksum != 33-45 +ip test-ip4 input + [ payload load 2b @ network header + 10 => reg 1 ] + [ cmp lt reg 1 0x00002100 ] + [ cmp gt reg 1 0x00002d00 ] + +# ip checksum { 33, 55, 67, 88} +set%d test-ip4 3 +set%d test-ip4 0 + element 00002100 : 0 [end] element 00003700 : 0 [end] element 00004300 : 0 [end] element 00005800 : 0 [end] +ip test-ip4 input + [ payload load 2b @ network header + 10 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip checksum { 33-55} +set%d test-ip4 7 +set%d test-ip4 0 + element 00000000 : 1 [end] element 00002100 : 0 [end] element 00003800 : 1 [end] +ip test-ip4 input + [ payload load 2b @ network header + 10 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip saddr 192.168.2.0/24 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0x00ffffff ) ^ 0x00000000 ] + [ cmp eq reg 1 0x0002a8c0 ] + +# ip saddr != 192.168.2.0/24 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0x00ffffff ) ^ 0x00000000 ] + [ cmp neq reg 1 0x0002a8c0 ] + +# ip saddr 192.168.3.1 ip daddr 192.168.3.100 +ip test-ip4 input + [ payload load 8b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x0103a8c0 0x6403a8c0 ] + +# ip saddr != 1.1.1.1 log prefix giuseppe +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp neq reg 1 0x01010101 ] + [ log prefix giuseppe ] + +# ip saddr 1.1.1.1 log prefix example group 1 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x01010101 ] + [ log prefix example group 1 snaplen 0 qthreshold 0] + +# ip daddr 192.168.0.1-192.168.0.250 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp gte reg 1 0x0100a8c0 ] + [ cmp lte reg 1 0xfa00a8c0 ] + +# ip daddr 10.0.0.0-10.255.255.255 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp gte reg 1 0x0000000a ] + [ cmp lte reg 1 0xffffff0a ] + +# ip daddr 172.16.0.0-172.31.255.255 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp gte reg 1 0x000010ac ] + [ cmp lte reg 1 0xffff1fac ] + +# ip daddr 192.168.3.1-192.168.4.250 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp gte reg 1 0x0103a8c0 ] + [ cmp lte reg 1 0xfa04a8c0 ] + +# ip daddr != 192.168.0.1-192.168.0.250 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp lt reg 1 0x0100a8c0 ] + [ cmp gt reg 1 0xfa00a8c0 ] + +# ip daddr { 192.168.0.1-192.168.0.250} +set%d test-ip4 7 +set%d test-ip4 0 + element 00000000 : 1 [end] element 0100a8c0 : 0 [end] element fb00a8c0 : 1 [end] +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ lookup reg 1 set set%d ] + +# ip daddr { 192.168.5.1, 192.168.5.2, 192.168.5.3 } accept +set%d test-ip4 3 +set%d test-ip4 0 + element 0105a8c0 : 0 [end] element 0205a8c0 : 0 [end] element 0305a8c0 : 0 [end] +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ lookup reg 1 set set%d ] + [ immediate reg 0 accept ] + +# ip daddr 192.168.1.2-192.168.1.55 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp gte reg 1 0x0201a8c0 ] + [ cmp lte reg 1 0x3701a8c0 ] + +# ip daddr != 192.168.1.2-192.168.1.55 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp lt reg 1 0x0201a8c0 ] + [ cmp gt reg 1 0x3701a8c0 ] + +# ip saddr 192.168.1.3-192.168.33.55 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp gte reg 1 0x0301a8c0 ] + [ cmp lte reg 1 0x3721a8c0 ] + +# ip saddr != 192.168.1.3-192.168.33.55 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp lt reg 1 0x0301a8c0 ] + [ cmp gt reg 1 0x3721a8c0 ] + +# ip daddr 192.168.0.1 +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp eq reg 1 0x0100a8c0 ] + +# ip daddr 192.168.0.1 drop +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp eq reg 1 0x0100a8c0 ] + [ immediate reg 0 drop ] + +# ip daddr 192.168.0.2 log +ip test-ip4 input + [ payload load 4b @ network header + 16 => reg 1 ] + [ cmp eq reg 1 0x0200a8c0 ] + [ log prefix (null) ] + +# ip saddr \& 0xff == 1 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0xff000000 ) ^ 0x00000000 ] + [ cmp eq reg 1 0x01000000 ] + +# ip saddr \& 0.0.0.255 \< 0.0.0.127 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0xff000000 ) ^ 0x00000000 ] + [ cmp lt reg 1 0x7f000000 ] + +# ip saddr \& 0xffff0000 == 0xffff0000 +ip test-ip4 input + [ payload load 4b @ network header + 12 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0x0000ffff ) ^ 0x00000000 ] + [ cmp eq reg 1 0x0000ffff ] + +# ip saddr . ip daddr . ip protocol { 1.1.1.1 . 2.2.2.2 . tcp, 1.1.1.1 . 3.3.3.3 . udp} +set%d test-ip 3 +set%d test-ip 0 + element 01010101 02020202 00000006 : 0 [end] element 01010101 03030303 00000011 : 0 [end] +ip test-ip input + [ payload load 4b @ network header + 12 => reg 1 ] + [ payload load 4b @ network header + 16 => reg 9 ] + [ payload load 1b @ network header + 9 => reg 10 ] + [ lookup reg 1 set set%d ] + +# ip version 4 ip hdrlength 5 +ip test-ip4 input + [ payload load 1b @ network header + 0 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0x000000f0 ) ^ 0x00000000 ] + [ cmp eq reg 1 0x00000040 ] + [ payload load 1b @ network header + 0 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0x0000000f ) ^ 0x00000000 ] + [ cmp eq reg 1 0x00000005 ] + +# ip hdrlength 0 +ip test-ip4 input + [ payload load 1b @ network header + 0 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0x0000000f ) ^ 0x00000000 ] + [ cmp eq reg 1 0x00000000 ] + +# ip hdrlength 15 +ip test-ip4 input + [ payload load 1b @ network header + 0 => reg 1 ] + [ bitwise reg 1 = (reg=1 & 0x0000000f ) ^ 0x00000000 ] + [ cmp eq reg 1 0x0000000f ] + |