From e02bd59c4009bedba89da88b199e715441975439 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Fri, 10 Mar 2017 18:13:51 +0100 Subject: exthdr: Implement existence check This allows to check for existence of an IPv6 extension or TCP option header by using the following syntax: | exthdr frag exists | tcpopt window exists Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- tests/py/inet/tcpopt.t | 3 ++ tests/py/inet/tcpopt.t.payload.inet | 14 +++++++++ tests/py/ip6/exthdr.t | 19 ++++++++++++ tests/py/ip6/exthdr.t.payload.ip6 | 60 +++++++++++++++++++++++++++++++++++++ 4 files changed, 96 insertions(+) create mode 100644 tests/py/ip6/exthdr.t create mode 100644 tests/py/ip6/exthdr.t.payload.ip6 (limited to 'tests') diff --git a/tests/py/inet/tcpopt.t b/tests/py/inet/tcpopt.t index 59452b48..a42ecd25 100644 --- a/tests/py/inet/tcpopt.t +++ b/tests/py/inet/tcpopt.t @@ -35,3 +35,6 @@ tcp option eol left 1;fail tcp option eol left 1;fail tcp option sack window;fail tcp option sack window 1;fail + +tcp option window exists;ok +tcp option window missing;ok diff --git a/tests/py/inet/tcpopt.t.payload.inet b/tests/py/inet/tcpopt.t.payload.inet index 12deab8c..0d14e779 100644 --- a/tests/py/inet/tcpopt.t.payload.inet +++ b/tests/py/inet/tcpopt.t.payload.inet @@ -179,3 +179,17 @@ inet test-inet input [ cmp eq reg 1 0x00000006 ] [ exthdr load tcpopt 4b @ 8 + 6 => reg 1 ] [ cmp eq reg 1 0x01000000 ] + +# tcp option window exists +inet test-inet input + [ meta load l4proto => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ exthdr load tcpopt 1b @ 3 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# tcp option window missing +inet test-inet input + [ meta load l4proto => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ exthdr load tcpopt 1b @ 3 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000000 ] diff --git a/tests/py/ip6/exthdr.t b/tests/py/ip6/exthdr.t new file mode 100644 index 00000000..a6c2d2be --- /dev/null +++ b/tests/py/ip6/exthdr.t @@ -0,0 +1,19 @@ +:input;type filter hook input priority 0 + +*ip6;test-ip6;input + +exthdr hbh exists;ok +exthdr rt exists;ok +exthdr frag exists;ok +exthdr dst exists;ok +exthdr mh exists;ok + +exthdr hbh missing;ok + +exthdr hbh == exists;ok;exthdr hbh exists +exthdr hbh == missing;ok;exthdr hbh missing +exthdr hbh != exists;ok +exthdr hbh != missing;ok + +exthdr hbh 1;ok;exthdr hbh exists +exthdr hbh 0;ok;exthdr hbh missing diff --git a/tests/py/ip6/exthdr.t.payload.ip6 b/tests/py/ip6/exthdr.t.payload.ip6 new file mode 100644 index 00000000..b45eb8e7 --- /dev/null +++ b/tests/py/ip6/exthdr.t.payload.ip6 @@ -0,0 +1,60 @@ +# exthdr hbh exists +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# exthdr rt exists +ip6 test-ip6 input + [ exthdr load 1b @ 43 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# exthdr frag exists +ip6 test-ip6 input + [ exthdr load 1b @ 44 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# exthdr dst exists +ip6 test-ip6 input + [ exthdr load 1b @ 60 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# exthdr mh exists +ip6 test-ip6 input + [ exthdr load 1b @ 135 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# exthdr hbh missing +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000000 ] + +# exthdr hbh == exists +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# exthdr hbh == missing +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000000 ] + +# exthdr hbh != exists +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp neq reg 1 0x00000001 ] + +# exthdr hbh != missing +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp neq reg 1 0x00000000 ] + +# exthdr hbh 1 +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000001 ] + +# exthdr hbh 0 +ip6 test-ip6 input + [ exthdr load 1b @ 0 + 0 => reg 1 ] + [ cmp eq reg 1 0x00000000 ] + -- cgit v1.2.3