You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58 lines
2.4 KiB
58 lines
2.4 KiB
#!/usr/bin/env python
|
|
# Copyright (c) PLUMgrid, Inc.
|
|
# Licensed under the Apache License, Version 2.0 (the "License")
|
|
|
|
from netaddr import IPAddress
|
|
from bcc import BPF
|
|
from pyroute2 import IPRoute, protocols
|
|
from socket import socket, AF_INET, SOCK_DGRAM
|
|
from subprocess import call
|
|
import sys
|
|
from time import sleep
|
|
from unittest import main, TestCase
|
|
|
|
arg1 = sys.argv.pop(1)
|
|
arg2 = ""
|
|
if len(sys.argv) > 1:
|
|
arg2 = sys.argv.pop(1)
|
|
|
|
class TestBPFFilter(TestCase):
|
|
def setUp(self):
|
|
b = BPF(arg1, arg2, debug=0)
|
|
fn = b.load_func("on_packet", BPF.SCHED_ACT)
|
|
ip = IPRoute()
|
|
ifindex = ip.link_lookup(ifname="eth0")[0]
|
|
# set up a network to change the flow:
|
|
# outside | inside
|
|
# 172.16.1.1 - 172.16.1.2 | 192.168.1.1 - 192.16.1.2
|
|
ip.addr("del", index=ifindex, address="172.16.1.2", mask=24)
|
|
ip.addr("add", index=ifindex, address="192.168.1.2", mask=24)
|
|
# add an ingress and egress qdisc
|
|
ip.tc("add", "ingress", ifindex, "ffff:")
|
|
ip.tc("add", "sfq", ifindex, "1:")
|
|
# add same program to both ingress/egress, so pkt is translated in both directions
|
|
action = {"kind": "bpf", "fd": fn.fd, "name": fn.name, "action": "ok"}
|
|
ip.tc("add-filter", "u32", ifindex, ":1", parent="ffff:", action=[action],
|
|
protocol=protocols.ETH_P_ALL, classid=1, target=0x10002, keys=['0x0/0x0+0'])
|
|
ip.tc("add-filter", "u32", ifindex, ":2", parent="1:", action=[action],
|
|
protocol=protocols.ETH_P_ALL, classid=1, target=0x10002, keys=['0x0/0x0+0'])
|
|
self.xlate = b.get_table("xlate")
|
|
|
|
def test_xlate(self):
|
|
key1 = self.xlate.Key(IPAddress("172.16.1.2").value, IPAddress("172.16.1.1").value)
|
|
leaf1 = self.xlate.Leaf(IPAddress("192.168.1.2").value, IPAddress("192.168.1.1").value, 0, 0)
|
|
self.xlate[key1] = leaf1
|
|
key2 = self.xlate.Key(IPAddress("192.168.1.1").value, IPAddress("192.168.1.2").value)
|
|
leaf2 = self.xlate.Leaf(IPAddress("172.16.1.1").value, IPAddress("172.16.1.2").value, 0, 0)
|
|
self.xlate[key2] = leaf2
|
|
call(["ping", "-c1", "192.168.1.1"])
|
|
leaf = self.xlate[key1]
|
|
self.assertGreater(leaf.ip_xlated_pkts, 0)
|
|
self.assertGreater(leaf.arp_xlated_pkts, 0)
|
|
leaf = self.xlate[key2]
|
|
self.assertGreater(leaf.ip_xlated_pkts, 0)
|
|
self.assertGreater(leaf.arp_xlated_pkts, 0)
|
|
|
|
if __name__ == "__main__":
|
|
main()
|