diff options
Diffstat (limited to 'tests/py')
-rw-r--r-- | tests/py/inet/ip_tcp.t | 18 | ||||
-rw-r--r-- | tests/py/inet/ip_tcp.t.payload | 42 | ||||
-rw-r--r-- | tests/py/inet/ip_tcp.t.payload.bridge | 42 | ||||
-rw-r--r-- | tests/py/inet/ip_tcp.t.payload.netdev | 42 |
4 files changed, 144 insertions, 0 deletions
diff --git a/tests/py/inet/ip_tcp.t b/tests/py/inet/ip_tcp.t new file mode 100644 index 00000000..828d9d92 --- /dev/null +++ b/tests/py/inet/ip_tcp.t @@ -0,0 +1,18 @@ +:input;type filter hook input priority 0 +:ingress;type filter hook ingress device lo priority 0 + +*inet;test-inet;input +*bridge;test-bridge;input +*netdev;test-netdev;ingress + +# must not remove ip dependency -- ONLY ipv4 packets should be matched +ip protocol tcp tcp dport 22;ok;ip protocol 6 tcp dport 22 + +# can remove it here, ip protocol is implied via saddr. +ip protocol tcp ip saddr 1.2.3.4 tcp dport 22;ok;ip saddr 1.2.3.4 tcp dport 22 + +# but not here. +ip protocol tcp counter ip saddr 1.2.3.4 tcp dport 22;ok;ip protocol 6 counter ip saddr 1.2.3.4 tcp dport 22 + +# or here. +ip protocol tcp counter tcp dport 22;ok;ip protocol 6 counter tcp dport 22 diff --git a/tests/py/inet/ip_tcp.t.payload b/tests/py/inet/ip_tcp.t.payload new file mode 100644 index 00000000..8bdc70c8 --- /dev/null +++ b/tests/py/inet/ip_tcp.t.payload @@ -0,0 +1,42 @@ +# ip protocol tcp tcp dport 22 +inet test-inet input + [ meta load nfproto => reg 1 ] + [ cmp eq reg 1 0x00000002 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp ip saddr 1.2.3.4 tcp dport 22 +inet test-inet input + [ meta load nfproto => reg 1 ] + [ cmp eq reg 1 0x00000002 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x04030201 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp counter ip saddr 1.2.3.4 tcp dport 22 +inet test-inet input + [ meta load nfproto => reg 1 ] + [ cmp eq reg 1 0x00000002 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ counter pkts 0 bytes 0 ] + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x04030201 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp counter tcp dport 22 +inet test-inet input + [ meta load nfproto => reg 1 ] + [ cmp eq reg 1 0x00000002 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ counter pkts 0 bytes 0 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + diff --git a/tests/py/inet/ip_tcp.t.payload.bridge b/tests/py/inet/ip_tcp.t.payload.bridge new file mode 100644 index 00000000..46d968d2 --- /dev/null +++ b/tests/py/inet/ip_tcp.t.payload.bridge @@ -0,0 +1,42 @@ +# ip protocol tcp tcp dport 22 +bridge test-bridge input + [ payload load 2b @ link header + 12 => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp ip saddr 1.2.3.4 tcp dport 22 +bridge test-bridge input + [ payload load 2b @ link header + 12 => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x04030201 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp counter ip saddr 1.2.3.4 tcp dport 22 +bridge test-bridge input + [ payload load 2b @ link header + 12 => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ counter pkts 0 bytes 0 ] + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x04030201 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp counter tcp dport 22 +bridge test-bridge input + [ payload load 2b @ link header + 12 => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ counter pkts 0 bytes 0 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + diff --git a/tests/py/inet/ip_tcp.t.payload.netdev b/tests/py/inet/ip_tcp.t.payload.netdev new file mode 100644 index 00000000..db6177c4 --- /dev/null +++ b/tests/py/inet/ip_tcp.t.payload.netdev @@ -0,0 +1,42 @@ +# ip protocol tcp tcp dport 22 +netdev test-netdev ingress + [ meta load protocol => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp ip saddr 1.2.3.4 tcp dport 22 +netdev test-netdev ingress + [ meta load protocol => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x04030201 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp counter ip saddr 1.2.3.4 tcp dport 22 +netdev test-netdev ingress + [ meta load protocol => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ counter pkts 0 bytes 0 ] + [ payload load 4b @ network header + 12 => reg 1 ] + [ cmp eq reg 1 0x04030201 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + +# ip protocol tcp counter tcp dport 22 +netdev test-netdev ingress + [ meta load protocol => reg 1 ] + [ cmp eq reg 1 0x00000008 ] + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ counter pkts 0 bytes 0 ] + [ payload load 2b @ transport header + 2 => reg 1 ] + [ cmp eq reg 1 0x00001600 ] + |