From 0abfb2b7e01ca07efe1be16a1a5bd8925340dc41 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Fri, 10 Jul 2015 11:56:31 +0200
Subject: tests: validate generated netlink instructions

compare netlink instructions generated by given nft command line
with recorded version.

Example: udp dport 80 accept in ip family should look like

ip test-ip4 input
  [ payload load 1b @ network header + 9 => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00005000 ]
  [ immediate reg 0 accept ]

This is stored in udp.t.payload.ip

Other suffixes:
.payload.ip6
.payload.inet
.payload ('any')

The test script first looks for 'testname.t.payload.$family', if that
doesn't exist 'testname.t.payload' is used.

This allows for family independent test (e.g. meta), where we don't
expect/have any family specific expressions.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 tests/regression/ip6/hbh.t.payload.ip6 | 94 ++++++++++++++++++++++++++++++++++
 1 file changed, 94 insertions(+)
 create mode 100644 tests/regression/ip6/hbh.t.payload.ip6

(limited to 'tests/regression/ip6/hbh.t.payload.ip6')

diff --git a/tests/regression/ip6/hbh.t.payload.ip6 b/tests/regression/ip6/hbh.t.payload.ip6
new file mode 100644
index 00000000..a201ef56
--- /dev/null
+++ b/tests/regression/ip6/hbh.t.payload.ip6
@@ -0,0 +1,94 @@
+# hbh hdrlength 22
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 1 => reg 1 ]
+  [ cmp eq reg 1 0x00000016 ]
+
+# hbh hdrlength != 233
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 1 => reg 1 ]
+  [ cmp neq reg 1 0x000000e9 ]
+
+# hbh hdrlength 33-45
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 1 => reg 1 ]
+  [ cmp gte reg 1 0x00000021 ]
+  [ cmp lte reg 1 0x0000002d ]
+
+# hbh hdrlength != 33-45
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 1 => reg 1 ]
+  [ cmp lt reg 1 0x00000021 ]
+  [ cmp gt reg 1 0x0000002d ]
+
+# hbh hdrlength {33, 55, 67, 88}
+set%d test-ip6 3
+set%d test-ip6 0
+	element 00000021  : 0 [end]	element 00000037  : 0 [end]	element 00000043  : 0 [end]	element 00000058  : 0 [end]
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 1 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# hbh hdrlength { 33-55}
+set%d test-ip6 7
+set%d test-ip6 0
+	element 00000000  : 1 [end]	element 00000021  : 0 [end]	element 00000038  : 1 [end]
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 1 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# hbh nexthdr {esp, ah, comp, udp, udplite, tcp, dccp, sctp, icmpv6}
+set%d test-ip6 3
+set%d test-ip6 0
+	element 00000032  : 0 [end]	element 00000033  : 0 [end]	element 0000006c  : 0 [end]	element 00000011  : 0 [end]	element 00000088  : 0 [end]	element 00000006  : 0 [end]	element 00000021  : 0 [end]	element 00000084  : 0 [end]	element 0000003a  : 0 [end]
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# hbh nexthdr 22
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ cmp eq reg 1 0x00000016 ]
+
+# hbh nexthdr != 233
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ cmp neq reg 1 0x000000e9 ]
+
+# hbh nexthdr 33-45
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ cmp gte reg 1 0x00000021 ]
+  [ cmp lte reg 1 0x0000002d ]
+
+# hbh nexthdr != 33-45
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ cmp lt reg 1 0x00000021 ]
+  [ cmp gt reg 1 0x0000002d ]
+
+# hbh nexthdr {33, 55, 67, 88}
+set%d test-ip6 3
+set%d test-ip6 0
+	element 00000021  : 0 [end]	element 00000037  : 0 [end]	element 00000043  : 0 [end]	element 00000058  : 0 [end]
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# hbh nexthdr { 33-55}
+set%d test-ip6 7
+set%d test-ip6 0
+	element 00000000  : 1 [end]	element 00000021  : 0 [end]	element 00000038  : 1 [end]
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ lookup reg 1 set set%d ]
+
+# hbh nexthdr ip
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ cmp eq reg 1 0x00000000 ]
+
+# hbh nexthdr != ip
+ip6 test-ip6 filter-input
+  [ exthdr load 1b @ 0 + 0 => reg 1 ]
+  [ cmp neq reg 1 0x00000000 ]
+
-- 
cgit v1.2.3