qa: build unshared nfct environment

nssocket forks and change netns pre-establishd by ip(8), serves its socket descriptor to parent via nssocket(). Since this socket is isolated, it can be used to create regression tests for conntrack. This also adds a conntrack event testcase as a first user. A ct_echo_event.sh script is provided to build and run this test automatically: # ./qa/ct_echo_event.sh make: Entering directory... ...debug output like: [NEW] tcp 6 2 SYN_SENT src=10.255.255.249 dst=10.255.255.250 sport... [UPDATE] tcp 6 2 SYN_RECV src=10.255.255.249 dst=10.255.255.250 sport... ... [DESTROY] icmp 1 src=10.255.255.249 dst=10.255.255.250 type=8 code=0... # echo $? 0 Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp> Signed-off-by: Florian Westphal <fw@strlen.de>
author: Ken-ichirou MATSUZAWA <chamaken@gmail.com> 2014-10-07 13:40:08 +0900
committer: Florian Westphal <fw@strlen.de> 2014-10-14 13:18:52 +0200
commit: 871cd53f8f9b8c36eacbdfd546a0a4acba29e53b (patch)
tree: 1b22ab1e86adf78bb62e6e4e69f0f49db06623af /qa/nssocket_env.sh
parent: 8cf7c41709c949d1472f030e78ab50b5f9c6bcc6 (diff)
1 files changed, 87 insertions, 0 deletions
diff --git a/qa/nssocket_env.sh b/qa/nssocket_env.sh
new file mode 100644
index 0000000..2bcd74d
--- /dev/null
+++ b/qa/nssocket_env.sh
@@ -0,0 +1,87 @@
+#!/bin/sh
+
+NETNS="lnfct_qa"
+VETH_NAME="veth_qa0"
+VETH_PEER="veth_qa1"
+DUMMY_DEV="dummy_qa0"
+VETH_PARENT_ADDR="10.255.255.249"
+VETH_CHILD_ADDR="10.255.255.250"
+VETH_MASK="30"
+DSTPORT="7"
+ICMP_TYPE="8"
+ICMP_CODE="0"
+NF_TIMEOUT=2
+INIT_TIMEOUT=4
+
+dname=`dirname $0`
+bname=`basename $0`
+qname=${bname%.sh}
+
+PRE_FIFO="$dname/qa_pre_fifo"
+POST_FIFO="$dname/qa_post_fifo"
+
+[ -z `which ip` ]       && echo "ip(8) required"    >&2 && exit 1
+[ -z `which inetd` ]    && echo "inetd required"    >&2 && exit 1
+[ -z `which nc` ]       && echo "nc required"       >&2 && exit 1
+[ -z `which iptables` ] && echo "iptables required" >&2 && exit 1
+modprobe nf_conntrack_ipv4	|| exit 1
+modprobe nfnetlink_cttimeout	|| exit 1
+
+make -C $dname \
+    CFLAGS="-DVETH_PARENT_ADDR=\\\"$VETH_PARENT_ADDR\\\" \
+            -DVETH_CHILD_ADDR=\\\"$VETH_CHILD_ADDR\\\" \
+            -DDSTPORT=$DSTPORT -DICMP_TYPE=$ICMP_TYPE -DICMP_CODE=$ICMP_CODE \
+            -DINIT_TIMEOUT=$INIT_TIMEOUT" \
+    $qname || exit 1
+
+# parent / client
+ip netns add $NETNS
+trap "ip netns del $NETNS; exit 1" 1 2 15
+ip link ls $VETH_NAME > /dev/null 2>&1 && ip link del $VETH_NAME
+ip link add $VETH_NAME type veth peer name $VETH_PEER
+ip link set $VETH_PEER netns $NETNS
+ip link set $VETH_NAME up
+ip addr add ${VETH_PARENT_ADDR}/${VETH_MASK} dev $VETH_NAME
+
+# child / server
+ip netns exec $NETNS sh <<EOF
+echo 1 > /proc/sys/net/ipv4/ip_forward
+for f in /proc/sys/net/netfilter/*timeout*; do echo $NF_TIMEOUT > "\$f"; done
+ip link set lo up
+ip link set $VETH_PEER up
+ip addr add ${VETH_CHILD_ADDR}/${VETH_MASK} dev $VETH_PEER
+ip link add ${DUMMY_DEV} up type dummy
+ip route add default dev ${DUMMY_DEV}
+EOF
+ip netns exec $NETNS inetd -d $dname/inetd.conf > /dev/null 2>&1 &
+server_pid=$!
+
+rm -f $PRE_FIFO $POST_FIFO
+mkfifo $PRE_FIFO  || exit 1
+mkfifo $POST_FIFO || exit 1
+
+${dname}/${qname} $NETNS $PRE_FIFO $POST_FIFO &
+qa_pid=$!
+
+trap_handle() {
+    rm -f $PRE_FIFO $POST_FIFO
+    kill $server_pid > /dev/null 2>&1
+    kill -6 $qa_pid > /dev/null 2>&1
+    ip netns del $NETNS > /dev/null 2>&1
+}
+trap "trap_handle; exit 1" 1 2 15
+
+fin() {
+    wait $qa_pid
+    trap_handle
+}
+
+pre_sync() {
+    8< $PRE_FIFO || kill $$
+    8>&-
+}
+
+post_sync() {
+    8< $POST_FIFO || kill $$
+    8>&-
+}
author	Ken-ichirou MATSUZAWA <chamaken@gmail.com>	2014-10-07 13:40:08 +0900
committer	Florian Westphal <fw@strlen.de>	2014-10-14 13:18:52 +0200
commit	871cd53f8f9b8c36eacbdfd546a0a4acba29e53b (patch)
tree	1b22ab1e86adf78bb62e6e4e69f0f49db06623af /qa/nssocket_env.sh
parent	8cf7c41709c949d1472f030e78ab50b5f9c6bcc6 (diff)