summaryrefslogtreecommitdiffstats
path: root/tests/py/ip/snat.t.payload
blob: 71a5e2f1a54e0a80f0a230faba2660d5af8ed18c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
# iifname "eth0" tcp dport 80-90 snat to 192.168.3.2
ip test-ip4 postrouting
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp gte reg 1 0x00005000 ]
  [ cmp lte reg 1 0x00005a00 ]
  [ immediate reg 1 0x0203a8c0 ]
  [ nat snat ip addr_min reg 1 ]

# iifname "eth0" tcp dport != 80-90 snat to 192.168.3.2
ip test-ip4 postrouting
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ range neq reg 1 0x00005000 0x00005a00 ]
  [ immediate reg 1 0x0203a8c0 ]
  [ nat snat ip addr_min reg 1 ]

# iifname "eth0" tcp dport {80, 90, 23} snat to 192.168.3.2
__set%d test-ip4 3
__set%d test-ip4 0
	element 00005000  : 0 [end]	element 00005a00  : 0 [end]	element 00001700  : 0 [end]
ip test-ip4 postrouting
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ lookup reg 1 set __set%d ]
  [ immediate reg 1 0x0203a8c0 ]
  [ nat snat ip addr_min reg 1 ]

# iifname "eth0" tcp dport != {80, 90, 23} snat to 192.168.3.2
__set%d test-ip4 3
__set%d test-ip4 0
	element 00005000  : 0 [end]	element 00005a00  : 0 [end]	element 00001700  : 0 [end]
ip test-ip4 postrouting
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ lookup reg 1 set __set%d 0x1 ]
  [ immediate reg 1 0x0203a8c0 ]
  [ nat snat ip addr_min reg 1 ]

# iifname "eth0" tcp dport != 23-34 snat to 192.168.3.2
ip test-ip4 postrouting
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ range neq reg 1 0x00001700 0x00002200 ]
  [ immediate reg 1 0x0203a8c0 ]
  [ nat snat ip addr_min reg 1 ]

# iifname "eth0" tcp dport 80-90 snat to 192.168.3.0-192.168.3.255
ip
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp gte reg 1 0x00005000 ]
  [ cmp lte reg 1 0x00005a00 ]
  [ immediate reg 1 0x0003a8c0 ]
  [ immediate reg 2 0xff03a8c0 ]
  [ nat snat ip addr_min reg 1 addr_max reg 2 ]

# iifname "eth0" tcp dport 80-90 snat to 192.168.3.15-192.168.3.240
ip
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp gte reg 1 0x00005000 ]
  [ cmp lte reg 1 0x00005a00 ]
  [ immediate reg 1 0x0f03a8c0 ]
  [ immediate reg 2 0xf003a8c0 ]
  [ nat snat ip addr_min reg 1 addr_max reg 2 ]

# meta l4proto 17 snat ip to ip saddr map { 10.141.11.4 : 192.168.2.3 . 80 }
__map%d test-ip4 b size 1
__map%d test-ip4 0
	element 040b8d0a  : 0302a8c0 00005000 0 [end]
ip
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ nat snat ip addr_min reg 1 proto_min reg 9 ]

# snat ip to ip saddr map { 10.141.11.4 : 192.168.2.2-192.168.2.4 }
__map%d test-ip4 b size 1
__map%d test-ip4 0
	element 040b8d0a  : 0202a8c0 0402a8c0 0 [end]
ip 
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ nat snat ip addr_min reg 1 addr_max reg 9 ]

# snat ip prefix to ip saddr map { 10.141.11.0/24 : 192.168.2.0/24 }
__map%d test-ip4 f size 3
__map%d test-ip4 0
	element 00000000  : 1 [end]	element 000b8d0a  : 0002a8c0 ff02a8c0 0 [end]	element 000c8d0a  : 1 [end]
ip 
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ nat snat ip addr_min reg 1 addr_max reg 9 flags 0x40 ]

# snat ip to ip saddr map { 10.141.12.14 : 192.168.2.0/24 }
__map%d test-ip4 b size 1
__map%d test-ip4 0
        element 0e0c8d0a  : 0002a8c0 ff02a8c0 0 [end]
ip
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ nat snat ip addr_min reg 1 addr_max reg 9 ]

# meta l4proto { 6, 17} snat ip to ip saddr . th dport map { 10.141.11.4 . 20 : 192.168.2.3 . 80}
__set%d test-ip4 3 size 2
__set%d test-ip4 0
        element 00000006  : 0 [end]     element 00000011  : 0 [end]
__map%d test-ip4 b size 1
__map%d test-ip4 0
        element 040b8d0a 00001400  : 0302a8c0 00005000 0 [end]
ip
  [ meta load l4proto => reg 1 ]
  [ lookup reg 1 set __set%d ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ payload load 2b @ transport header + 2 => reg 9 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ nat snat ip addr_min reg 1 proto_min reg 9 ]

# ip daddr 192.168.0.1 dnat to tcp dport map { 443 : 10.141.10.4 . 8443, 80 : 10.141.10.4 . 8080 }
__map%d x b size 2
__map%d x 0
        element 0000bb01  : 040a8d0a 0000fb20 0 [end]   element 00005000  : 040a8d0a 0000901f 0 [end]
ip
  [ payload load 4b @ network header + 16 => reg 1 ]
  [ cmp eq reg 1 0x0100a8c0 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ nat dnat ip addr_min reg 1 proto_min reg 9 ]