From 0abfb2b7e01ca07efe1be16a1a5bd8925340dc41 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Fri, 10 Jul 2015 11:56:31 +0200
Subject: tests: validate generated netlink instructions

compare netlink instructions generated by given nft command line
with recorded version.

Example: udp dport 80 accept in ip family should look like

ip test-ip4 input
  [ payload load 1b @ network header + 9 => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00005000 ]
  [ immediate reg 0 accept ]

This is stored in udp.t.payload.ip

Other suffixes:
.payload.ip6
.payload.inet
.payload ('any')

The test script first looks for 'testname.t.payload.$family', if that
doesn't exist 'testname.t.payload' is used.

This allows for family independent test (e.g. meta), where we don't
expect/have any family specific expressions.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 tests/regression/inet/sctp.t.payload.ip | 200 ++++++++++++++++++++++++++++++++
 1 file changed, 200 insertions(+)
 create mode 100644 tests/regression/inet/sctp.t.payload.ip

(limited to 'tests/regression/inet/sctp.t.payload.ip')

diff --git a/tests/regression/inet/sctp.t.payload.ip b/tests/regression/inet/sctp.t.payload.ip
new file mode 100644
index 00000000..053d319e
--- /dev/null
+++ b/tests/regression/inet/sctp.t.payload.ip
@@ -0,0 +1,200 @@
+# sctp sport 23
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 0 => reg 1 ]
+  [ cmp eq reg 1 0x00001700 ]
+
+# sctp sport != 23
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 0 => reg 1 ]
+  [ cmp neq reg 1 0x00001700 ]
+
+# sctp sport 23-44
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 0 => reg 1 ]
+  [ cmp gte reg 1 0x00001700 ]
+  [ cmp lte reg 1 0x00002c00 ]
+
+# sctp sport != 23-44
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 0 => reg 1 ]
+  [ cmp lt reg 1 0x00001700 ]
+  [ cmp gt reg 1 0x00002c00 ]
+
+# sctp sport { 23, 24, 25}
+set%d test-ip4 3
+set%d test-ip4 0
+	element 00001700  : 0 [end]	element 00001800  : 0 [end]	element 00001900  : 0 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 0 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# sctp sport { 23-44}
+set%d test-ip4 7
+set%d test-ip4 0
+	element 00000000  : 1 [end]	element 00001700  : 0 [end]	element 00002d00  : 1 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 0 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# sctp dport 23
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001700 ]
+
+# sctp dport != 23
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp neq reg 1 0x00001700 ]
+
+# sctp dport 23-44
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp gte reg 1 0x00001700 ]
+  [ cmp lte reg 1 0x00002c00 ]
+
+# sctp dport != 23-44
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp lt reg 1 0x00001700 ]
+  [ cmp gt reg 1 0x00002c00 ]
+
+# sctp dport { 23, 24, 25}
+set%d test-ip4 3
+set%d test-ip4 0
+	element 00001700  : 0 [end]	element 00001800  : 0 [end]	element 00001900  : 0 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# sctp dport { 23-44}
+set%d test-ip4 7
+set%d test-ip4 0
+	element 00000000  : 1 [end]	element 00001700  : 0 [end]	element 00002d00  : 1 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# sctp checksum 1111
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 8 => reg 1 ]
+  [ cmp eq reg 1 0x57040000 ]
+
+# sctp checksum != 11
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 8 => reg 1 ]
+  [ cmp neq reg 1 0x0b000000 ]
+
+# sctp checksum 21-333
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 8 => reg 1 ]
+  [ cmp gte reg 1 0x15000000 ]
+  [ cmp lte reg 1 0x4d010000 ]
+
+# sctp checksum != 32-111
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 8 => reg 1 ]
+  [ cmp lt reg 1 0x20000000 ]
+  [ cmp gt reg 1 0x6f000000 ]
+
+# sctp checksum { 22, 33, 44}
+set%d test-ip4 3
+set%d test-ip4 0
+	element 16000000  : 0 [end]	element 21000000  : 0 [end]	element 2c000000  : 0 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 8 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# sctp checksum { 22-44}
+set%d test-ip4 7
+set%d test-ip4 0
+	element 00000000  : 1 [end]	element 16000000  : 0 [end]	element 2d000000  : 1 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 8 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# sctp vtag 22
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 4 => reg 1 ]
+  [ cmp eq reg 1 0x16000000 ]
+
+# sctp vtag != 233
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 4 => reg 1 ]
+  [ cmp neq reg 1 0xe9000000 ]
+
+# sctp vtag 33-45
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 4 => reg 1 ]
+  [ cmp gte reg 1 0x21000000 ]
+  [ cmp lte reg 1 0x2d000000 ]
+
+# sctp vtag != 33-45
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 4 => reg 1 ]
+  [ cmp lt reg 1 0x21000000 ]
+  [ cmp gt reg 1 0x2d000000 ]
+
+# sctp vtag {33, 55, 67, 88}
+set%d test-ip4 3
+set%d test-ip4 0
+	element 21000000  : 0 [end]	element 37000000  : 0 [end]	element 43000000  : 0 [end]	element 58000000  : 0 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 4 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# sctp vtag { 33-55}
+set%d test-ip4 7
+set%d test-ip4 0
+	element 00000000  : 1 [end]	element 21000000  : 0 [end]	element 38000000  : 1 [end]
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000084 ]
+  [ payload load 4b @ transport header + 4 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
-- 
cgit v1.2.3