1 run lua -- collectgarbage("stop")
4 run vppbuild stty -echo
5 run vppbuild sudo -u ubuntu -i bash -c "(cd vpp && make plugins && echo ALLGOOD)"
6 expect vppbuild ALLGOOD
26 function session_get_bash_pid(s)
27 if not has_session(s) then
30 local fname = "/tmp/lute-"..s.."-pid.txt"
32 session_exec(s, "echo $$ >" .. fname)
33 -- it's a dirty hack but it's quick
35 local pid = io.lines(fname)()
36 print("Got pid for " .. s .. " : " .. tostring(pid))
40 function session_connect_with(s0, s1)
41 -- local pid0 = tostring(session_get_bash_pid(s0))
42 local pid1 = tostring(session_get_bash_pid(s1))
43 local eth_options = { "rx", "tx", "sg", "tso", "ufo", "gso", "gro", "lro", "rxvlan", "txvlan", "rxhash" }
44 local this_end = s0 .. "_" .. s1
45 local other_end = s1 .. "_" .. s0
46 session_exec(s0, "ip link add name " .. this_end .. " type veth peer name " .. other_end)
47 session_exec(s0, "ip link set dev " .. this_end .. " up promisc on")
48 for i, option in ipairs(eth_options) do
49 session_exec(s0, "/sbin/ethtool --offload " .. this_end .. " " .. option .. " off")
50 session_exec(s0, "/sbin/ethtool --offload " .. other_end .. " " .. option .. " off")
52 session_exec(s0, "ip link set dev " .. other_end .. " up promisc on netns /proc/" .. pid1 .. "/ns/net")
57 run lua session_connect_with("s0", "s1")
58 run lua session_connect_with("s0", "s2")
61 ip -6 addr add dev s1_s0 2001:db8:1::1/64
62 ip -4 addr add dev s1_s0 192.0.2.1/24
63 ip link set dev s1_s0 up promisc on
67 ip -6 addr add dev s2_s0 2001:db8:1::2/64
68 ip -6 addr add dev s2_s0 2001:db8:1::3/64
69 ip -6 addr add dev s2_s0 2001:db8:1::4/64
70 ip -4 addr add dev s2_s0 192.0.2.2/24
71 ip -4 addr add dev s2_s0:1 192.0.2.3/24
72 ip -4 addr add dev s2_s0:2 192.0.2.4/24
73 ip link set dev s2_s0 up promisc on
87 -- Initialization of the Lua environment for talking to VPP
88 vpp = require("vpp-lapi")
89 root_dir = "/home/ubuntu/vpp"
90 pneum_path = root_dir .. "/build-root/install-vpp_debug-native/vpp-api/lib64/libpneum.so"
91 vpp:init({ pneum_path = pneum_path })
92 vpp:consume_api(root_dir .. "/build-root/install-vpp_debug-native/vlib-api/vlibmemory/memclnt.api")
93 vpp:consume_api(root_dir .. "/build-root/install-vpp_debug-native/vpp/vpp-api/vpe.api")
95 vpp:consume_api(root_dir .. "/plugins/acl-plugin/acl/acl.api", "acl")
101 reply = vpp:api_call("af_packet_create", { host_if_name = "s0_s1", hw_addr = "AAAAAA" })
102 vpp_if_to_s1 = reply[1].sw_if_index
104 reply = vpp:api_call("af_packet_create", { host_if_name = "s0_s2", hw_addr = "AAAAAA" })
105 vpp_if_to_s2 = reply[1].sw_if_index
107 ifaces = { vpp_if_to_s1, vpp_if_to_s2 }
109 reply = vpp:api_call("sw_interface_set_flags", { sw_if_index = vpp_if_to_s1, admin_up_down = 1, link_up_down = 1 })
110 print(vpp.dump(reply))
111 reply = vpp:api_call("sw_interface_set_flags", { sw_if_index = vpp_if_to_s2, admin_up_down = 1, link_up_down = 1 })
112 print(vpp.dump(reply))
116 reply = vpp:api_call("bridge_domain_add_del", { bd_id = bd_id, flood = 1, uu_flood = 1, forward = 1, learn = 1, arp_term = 0, is_add = 1 })
117 print(vpp.dump(reply))
119 for i, v in ipairs(ifaces) do
120 reply = vpp:api_call("sw_interface_set_l2_bridge", { rx_sw_if_index = v, bd_id = bd_id, shg = 0, bvi = 0, enable = 1 } )
121 print(vpp.dump(reply))
126 run s1 ping -c 3 192.0.2.2
127 expect s1 packet loss
128 run s1 ping -c 3 192.0.2.3
129 expect s1 packet loss
130 run s1 ping -c 3 192.0.2.4
131 expect s1 packet loss
132 run s1 ping6 -c 3 2001:db8:1::2
133 expect s1 packet loss
134 run s1 ping6 -c 3 2001:db8:1::3
135 expect s1 packet loss
136 run s1 ping6 -c 3 2001:db8:1::4
137 expect s1 packet loss
143 --[[ temporary comment out
145 reply = vpp:api_call("acl_del", { context = 42, acl_index = 230 })
146 print(vpp.dump(reply))
149 reply = vpp:api_call("acl_del", { context = 42, acl_index = 8 })
150 print(vpp.dump(reply))
153 reply = vpp:api_call("acl_del", { context = 42, acl_index = 15 })
154 print(vpp.dump(reply))
157 reply = vpp:api_call("acl_add", { context = 42, count = 2, r = { { is_permit = 1, is_ipv6 = 1 }, { is_permit = 0, is_ipv6 = 1 } } })
158 print(vpp.dump(reply))
160 interface_acl_in = reply[1].acl_index
162 reply = vpp:api_call("acl_add", { context = 42, count = 3, r = { { is_permit = 1, is_ipv6 = 1 }, { is_permit = 0, is_ipv6 = 1 }, { is_permit = 1, is_ipv6 = 0 } } })
163 print(vpp.dump(reply))
165 interface_acl_out = reply[1].acl_index
168 reply = vpp:api_call("acl_interface_add_del", { context = 42, sw_if_index = 0, is_add = 1, is_input = 1, acl_index = interface_acl_in })
169 print(vpp.dump(reply))
172 reply = vpp:api_call("acl_interface_add_del", { context = 42, sw_if_index = 0, is_add = 1, is_input = 1, acl_index = interface_acl_in })
173 print(vpp.dump(reply))
176 reply = vpp:api_call("acl_interface_add_del", { context = 42, sw_if_index = 0, is_add = 1, is_input = 0, acl_index = interface_acl_out })
177 print(vpp.dump(reply))
180 reply = vpp:api_call("acl_interface_add_del", { context = 42, sw_if_index = 0, is_add = 1, is_input = 0, acl_index = interface_acl_out })
181 print(vpp.dump(reply))
184 reply = vpp:api_call("acl_add", { context = 42, count = 0 })
185 print(vpp.dump(reply))
188 acl_index_to_delete = reply[1].acl_index
189 print("Deleting " .. tostring(acl_index_to_delete))
190 reply = vpp:api_call("acl_del", { context = 42, acl_index = acl_index_to_delete })
191 print(vpp.dump(reply))
194 reply = vpp:api_call("acl_dump", { context = 42, sw_if_index = 0})
195 for ri, rv in ipairs(reply) do
196 print("Reply message #" .. tostring(ri))
198 for ai, av in ipairs(rv.r) do
199 print("ACL rule #" .. tostring(ai) .. " : " .. vpp.dump(av))
205 reply = vpp:api_call("acl_del", { context = 42, acl_index = interface_acl_out })
206 print(vpp.dump(reply))
208 reply = vpp:api_call("acl_del", { context = 42, acl_index = interface_acl_in })
209 print(vpp.dump(reply))
212 reply = vpp:api_call("acl_dump", { context = 42, sw_if_index = 0})
213 print(vpp.dump(reply))
216 reply = vpp:api_call("acl_dump", { context = 42, sw_if_index = 4294967295 })
217 print(vpp.dump(reply))
221 ]] -- end of comment out
223 ---- Should be nothing ^^
225 { is_permit = 1, is_ipv6 = 1, dst_ip_addr = ip46("2001:db8:1::2"), dst_ip_prefix_len = 128 },
226 { is_permit = 0, is_ipv6 = 1, dst_ip_addr = ip46("2001:db8:1::3"), dst_ip_prefix_len = 128 },
227 { is_permit = 1, is_ipv6 = 1, dst_ip_addr = ip46("2001:db8::"), dst_ip_prefix_len = 32 },
228 { is_permit = 1, is_ipv6 = 0, dst_ip_addr = ip46("192.0.2.2"), dst_ip_prefix_len = 32},
229 { is_permit = 0, is_ipv6 = 0, dst_ip_addr = ip46("192.0.2.3"), dst_ip_prefix_len = 32 },
232 reply = vpp:api_call("acl_add", { context = 42, count = 5, r = r })
233 print(vpp.dump(reply))
235 interface_acl_in = reply[1].acl_index
237 reply = vpp:api_call("acl_add", { context = 42, count = 3, r = { { is_permit = 1, is_ipv6 = 1 }, { is_permit = 0, is_ipv6 = 1 }, { is_permit = 1, is_ipv6 = 0 } } })
238 print(vpp.dump(reply))
240 interface_acl_out = reply[1].acl_in
242 reply = vpp:api_call("acl_interface_add_del", { context = 42, sw_if_index = vpp_if_to_s1, is_add = 1, is_input = 1, acl_index = interface_acl_in })
243 print(vpp.dump(reply))
246 --- TEST OUTBOUND ACL
249 { is_permit = 1, is_ipv6 = 1, src_ip_addr = ip46("2001:db8:1::1"), src_ip_prefix_len = 128, dst_ip_addr = ip46("2001:db8:1::2"), dst_ip_prefix_len = 128 },
250 { is_permit = 0, is_ipv6 = 1, src_ip_addr = ip46("2001:db8:1::1"), src_ip_prefix_len = 128, dst_ip_addr = ip46("2001:db8:1::4"), dst_ip_prefix_len = 128 },
251 { is_permit = 2, is_ipv6 = 0 }
254 reply = vpp:api_call("acl_add", { context = 42, count = 3, r = r1 })
255 print(vpp.dump(reply))
257 interface_acl_out = reply[1].acl_index
259 reply = vpp:api_call("acl_interface_add_del", { context = 42, sw_if_index = vpp_if_to_s2, is_add = 1, is_input = 0, acl_index = interface_acl_out })
260 print(vpp.dump(reply))
264 { is_permit = 1, is_ipv6 = 1 },
265 { is_permit = 0, is_ipv6 = 0 }
268 reply = vpp:api_call("acl_add", { context = 42, count = 2, r = r2 })
269 print(vpp.dump(reply))
271 second_interface_acl_in = reply[1].acl_index
273 reply = vpp:api_call("acl_interface_add_del", { context = 42, sw_if_index = vpp_if_to_s2, is_add = 1, is_input = 1, acl_index = second_interface_acl_in })
274 print(vpp.dump(reply))
279 run VPP show classify tables
281 run VPP trace add af-packet-input 100
282 run s2 nc -v -l -p 22
283 run s1 nc 192.0.2.2 22
289 expect VPP match: outacl 2 rule 2
290 run VPP show classify tables
293 run VPP show classify tables
295 run VPP trace add af-packet-input 100
296 run s2 nc -v -l -p 22
297 run s1 nc 192.0.2.2 22
303 expect VPP match: outacl 2 rule 2
304 run VPP show classify tables
307 run lua print("ALL GOOD!")