summaryrefslogtreecommitdiffstats
path: root/tests/py/ip6/redirect.t.payload.ip6
blob: 8731194f729e02d1deb37fd3834f8f29a8b5d8b1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
# redirect
ip6 test-ip6 output
  [ redir ]

# udp dport 954 redirect
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x0000ba03 ]
  [ redir ]

# ip6 saddr fe00::cafe counter redirect
ip6 test-ip6 output
  [ payload load 16b @ network header + 8 => reg 1 ]
  [ cmp eq reg 1 0x000000fe 0x00000000 0x00000000 0xfeca0000 ]
  [ counter pkts 0 bytes 0 ]
  [ redir ]

# udp dport 53 redirect random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x4 ]

# udp dport 53 redirect random,persistent
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0xc ]

# udp dport 53 redirect random,persistent,fully-random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x1c ]

# udp dport 53 redirect random,fully-random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x14 ]

# udp dport 53 redirect random,fully-random,persistent
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x1c ]

# udp dport 53 redirect persistent
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x8 ]

# udp dport 53 redirect persistent,random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0xc ]

# udp dport 53 redirect persistent,random,fully-random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x1c ]

# udp dport 53 redirect persistent,fully-random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x18 ]

# udp dport 53 redirect persistent,fully-random,random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ redir flags 0x1c ]

# udp dport 1234 redirect to :1234
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x0000d204 ]
  [ immediate reg 1 0x0000d204 ]
  [ redir proto_min reg 1 ]

# ip6 daddr fe00::cafe udp dport 9998 redirect to :6515
ip6 test-ip6 output
  [ payload load 16b @ network header + 24 => reg 1 ]
  [ cmp eq reg 1 0x000000fe 0x00000000 0x00000000 0xfeca0000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00000e27 ]
  [ immediate reg 1 0x00007319 ]
  [ redir proto_min reg 1 ]

# ip6 nexthdr tcp redirect to :100-200
ip6 test-ip6 output
  [ payload load 1b @ network header + 6 => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ immediate reg 1 0x00006400 ]
  [ immediate reg 2 0x0000c800 ]
  [ redir proto_min reg 1 proto_max reg 2 ]

# tcp dport 39128 redirect to :993
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x0000d898 ]
  [ immediate reg 1 0x0000e103 ]
  [ redir proto_min reg 1 ]

# tcp dport 9128 redirect to :993 random
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x0000a823 ]
  [ immediate reg 1 0x0000e103 ]
  [ redir proto_min reg 1 flags 0x4 ]

# tcp dport 9128 redirect to :993 fully-random,persistent
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x0000a823 ]
  [ immediate reg 1 0x0000e103 ]
  [ redir proto_min reg 1 flags 0x18 ]

# tcp dport { 1, 2, 3, 4, 5, 6, 7, 8, 101, 202, 303, 1001, 2002, 3003} redirect
__set%d test-ip6 3
__set%d test-ip6 0
	element 00000100  : 0 [end]	element 00000200  : 0 [end]	element 00000300  : 0 [end]	element 00000400  : 0 [end]	element 00000500  : 0 [end]	element 00000600  : 0 [end]	element 00000700  : 0 [end]	element 00000800  : 0 [end]	element 00006500  : 0 [end]	element 0000ca00  : 0 [end]	element 00002f01  : 0 [end]	element 0000e903  : 0 [end]	element 0000d207  : 0 [end]	element 0000bb0b  : 0 [end]
ip6 test-ip6 output
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ lookup reg 1 set __set%d ]
  [ redir ]

# ip6 daddr fe00::1-fe00::200 udp dport 53 counter redirect
ip6 test-ip6 output
  [ payload load 16b @ network header + 24 => reg 1 ]
  [ cmp gte reg 1 0x000000fe 0x00000000 0x00000000 0x01000000 ]
  [ cmp lte reg 1 0x000000fe 0x00000000 0x00000000 0x00020000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00003500 ]
  [ counter pkts 0 bytes 0 ]
  [ redir ]

# iifname eth0 ct state new,established tcp dport vmap {22 : drop, 222 : drop } redirect
__map%d test-ip6 b
__map%d test-ip6 0
	element 00001600  : 0 [end]	element 0000de00  : 0 [end]
ip6 test-ip6 output
  [ meta load iifname => reg 1 ]
  [ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
  [ ct load state => reg 1 ]
  [ bitwise reg 1 = (reg=1 & 0x0000000a ) ^ 0x00000000 ]
  [ cmp neq reg 1 0x00000000 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 0 ]
  [ redir ]

# ip6 nexthdr 6 redirect to : tcp dport map { 22 : 8000, 80 : 8080}
__map%d test-ip6 b
__map%d test-ip6 0
	element 00001600  : 0000401f 0 [end]	element 00005000  : 0000901f 0 [end]
ip6 test-ip6 output
  [ payload load 1b @ network header + 6 => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ redir proto_min reg 1 ]