From afc23cc91a5ac697e79c1fc7682bf670bb72d8f8 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Thu, 24 Sep 2015 22:39:20 +0200
Subject: tests: add tests matching on ether saddr for inet, bridge, ip, ip6

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 tests/regression/inet/ether.t                | 13 +++++++
 tests/regression/inet/ether.t.payload        | 55 ++++++++++++++++++++++++++++
 tests/regression/inet/ether.t.payload.bridge | 49 +++++++++++++++++++++++++
 tests/regression/inet/ether.t.payload.ip     | 55 ++++++++++++++++++++++++++++
 tests/regression/inet/ether.t.payload.ip6    | 55 ++++++++++++++++++++++++++++
 5 files changed, 227 insertions(+)
 create mode 100644 tests/regression/inet/ether.t
 create mode 100644 tests/regression/inet/ether.t.payload
 create mode 100644 tests/regression/inet/ether.t.payload.bridge
 create mode 100644 tests/regression/inet/ether.t.payload.ip
 create mode 100644 tests/regression/inet/ether.t.payload.ip6

(limited to 'tests')

diff --git a/tests/regression/inet/ether.t b/tests/regression/inet/ether.t
new file mode 100644
index 00000000..9d0f9729
--- /dev/null
+++ b/tests/regression/inet/ether.t
@@ -0,0 +1,13 @@
+*ip;test-ip4
+*ip6;test-ip6
+*inet;test-inet
+*bridge;test-bridge
+
+:input;type filter hook input priority 0
+
+tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 meta nfproto ipv4 accept;ok;tcp dport 22 ether saddr 00:0f:54:0c:11:04 meta nfproto ipv4 accept
+tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 accept;ok;tcp dport 22 ether saddr 00:0f:54:0c:11:04 accept
+tcp dport 22 ether saddr 00:0f:54:0c:11:04 accept;ok
+
+ether saddr 00:0f:54:0c:11:04 accept;ok
+ether saddr 00:0f:54:0c:11:04 meta nfproto ipv4;ok
diff --git a/tests/regression/inet/ether.t.payload b/tests/regression/inet/ether.t.payload
new file mode 100644
index 00000000..86f30c37
--- /dev/null
+++ b/tests/regression/inet/ether.t.payload
@@ -0,0 +1,55 @@
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 meta nfproto ipv4 accept
+inet test-inet input
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 accept
+inet test-inet input
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 ether saddr 00:0f:54:0c:11:04 accept
+inet test-inet input
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 accept
+inet test-inet input
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 meta nfproto ipv4
+inet test-inet input
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+
diff --git a/tests/regression/inet/ether.t.payload.bridge b/tests/regression/inet/ether.t.payload.bridge
new file mode 100644
index 00000000..4a6bccbe
--- /dev/null
+++ b/tests/regression/inet/ether.t.payload.bridge
@@ -0,0 +1,49 @@
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 meta nfproto ipv4 accept
+bridge test-bridge input
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 accept
+bridge test-bridge input
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 ether saddr 00:0f:54:0c:11:04 accept
+bridge test-bridge input
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 accept
+bridge test-bridge input
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 meta nfproto ipv4
+bridge test-bridge input
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+
diff --git a/tests/regression/inet/ether.t.payload.ip b/tests/regression/inet/ether.t.payload.ip
new file mode 100644
index 00000000..2d33f0ce
--- /dev/null
+++ b/tests/regression/inet/ether.t.payload.ip
@@ -0,0 +1,55 @@
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 meta nfproto ipv4 accept
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 accept
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 ether saddr 00:0f:54:0c:11:04 accept
+ip test-ip4 input
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 accept
+ip test-ip4 input
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 meta nfproto ipv4
+ip test-ip4 input
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+
diff --git a/tests/regression/inet/ether.t.payload.ip6 b/tests/regression/inet/ether.t.payload.ip6
new file mode 100644
index 00000000..9065952d
--- /dev/null
+++ b/tests/regression/inet/ether.t.payload.ip6
@@ -0,0 +1,55 @@
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 meta nfproto ipv4 accept
+ip6 test-ip6 input
+  [ payload load 1b @ network header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 iiftype ether ether saddr 00:0f:54:0c:11:4 accept
+ip6 test-ip6 input
+  [ payload load 1b @ network header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# tcp dport 22 ether saddr 00:0f:54:0c:11:04 accept
+ip6 test-ip6 input
+  [ payload load 1b @ network header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ payload load 2b @ transport header + 2 => reg 1 ]
+  [ cmp eq reg 1 0x00001600 ]
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 accept
+ip6 test-ip6 input
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ immediate reg 0 accept ]
+
+# ether saddr 00:0f:54:0c:11:04 meta nfproto ipv4
+ip6 test-ip6 input
+  [ meta load iiftype => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]
+  [ payload load 6b @ link header + 6 => reg 1 ]
+  [ cmp eq reg 1 0x0c540f00 0x00000411 ]
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+
-- 
cgit v1.2.3