5 from framework import VppTestCase, VppTestRunner, running_extended_tests
6 from vpp_ip_route import VppIpTable, VppIpRoute, VppRoutePath
8 from scapy.contrib.geneve import GENEVE
9 from scapy.packet import Raw
10 from scapy.layers.l2 import Ether
11 from scapy.layers.inet import IP, UDP
12 from scapy.layers.vxlan import VXLAN
13 from scapy.compat import raw
16 class TestTracefilter(VppTestCase):
17 """ Packet Tracer Filter Test """
21 super(TestTracefilter, cls).setUpClass()
24 def tearDownClass(cls):
25 super(TestTracefilter, cls).tearDownClass()
28 super(TestTracefilter, self).setUp()
29 self.create_pg_interfaces(range(2))
30 self.pg0.generate_remote_hosts(11)
31 for i in self.pg_interfaces:
37 super(TestTracefilter, self).tearDown()
38 for i in self.pg_interfaces:
43 r = self.vapi.cli_return_response(cmd)
45 s = "reply '%s'" % r.reply if hasattr(
46 r, "reply") else "retval '%s'" % r.retval
47 raise RuntimeError("cli command '%s' FAIL with %s" % (cmd, s))
50 # check number of hits for classifier
51 def assert_hits(self, n):
52 r = self.cli("show classify table verbose 2")
53 self.assertTrue(r.reply.find("hits %i" % n) != -1)
55 def add_filter(self, mask, match):
56 r = self.cli("classify filter trace mask %s match %s" % (mask, match))
57 self.vapi.cli("clear trace")
58 r = self.cli("trace add pg-input 1000 filter")
60 def del_all_filters(self):
61 self.cli("classify filter trace del")
62 r = self.cli("show classify filter")
63 s = "packet tracer: first table none"
64 self.assertTrue(r.reply.find(s) != -1)
67 """ Packet Tracer Filter Test """
71 self.pg0.remote_hosts[5].ip4)
73 "l3 ip4 proto l4 src_port",
74 "l3 ip4 proto 17 l4 src_port 2345")
75 # the packet we are trying to match
78 src = self.pg0.remote_hosts[i % len(self.pg0.remote_hosts)].ip4
79 p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
80 IP(src=src, dst=self.pg1.remote_ip4) /
81 UDP(sport=1234, dport=2345) / Raw('\xa5' * 100)))
83 p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
84 IP(src=self.pg0.remote_hosts[0].ip4,
85 dst=self.pg1.remote_ip4) /
86 UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))
88 self.send_and_expect(self.pg0, p, self.pg1, trace=False)
90 # Check for 9 and 17 classifier hits, which is the right answer
94 self.del_all_filters()
96 # install a classify rule, inject traffic and check for hits
97 def assert_classify(self, mask, match, packets, n=None):
98 self.add_filter("hex %s" % mask, "hex %s" % match)
99 self.send_and_expect(self.pg0, packets, self.pg1, trace=False)
100 self.assert_hits(n if n is not None else len(packets))
101 self.del_all_filters()
103 def test_encap(self):
104 """ Packet Tracer Filter Test with encap """
106 # the packet we are trying to match
107 p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
108 IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) /
116 IP(src='192.168.4.167') /
121 # compute filter mask & value
122 # we compute it by XOR'ing a template packet with a modified packet
123 # we need to set checksums to 0 to make sure scapy will not recompute
135 IP(src='0.0.0.0', chksum=0))
139 tmpl[GENEVE].vni = 0xffffff
140 user = tmpl[GENEVE].payload
141 user[IP].src = '255.255.255.255'
143 mask = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))
145 # this does not match (wrong vni)
147 user = tmpl[GENEVE].payload
148 user[IP].src = '192.168.4.167'
150 match = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))
151 self.assert_classify(mask, match, [p] * 11, 0)
154 tmpl[GENEVE].vni = 1234
156 match = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))
157 self.assert_classify(mask, match, [p] * 17)
160 if __name__ == '__main__':
161 unittest.main(testRunner=VppTestRunner)