Bash程序  |  234行  |  4.85 KB

#!/bin/bash
# SPDX-License-Identifier: GPL-2.0

ALL_TESTS="ping_ipv4"
NUM_NETIFS=6
source lib.sh

h1_create()
{
	vrf_create "vrf-h1"
	ip link set dev $h1 master vrf-h1

	ip link set dev vrf-h1 up
	ip link set dev $h1 up

	ip address add 192.0.2.2/24 dev $h1

	ip route add 198.51.100.0/24 vrf vrf-h1 nexthop via 192.0.2.1
	ip route add 198.51.200.0/24 vrf vrf-h1 nexthop via 192.0.2.1
}

h1_destroy()
{
	ip route del 198.51.200.0/24 vrf vrf-h1
	ip route del 198.51.100.0/24 vrf vrf-h1

	ip address del 192.0.2.2/24 dev $h1

	ip link set dev $h1 down
	vrf_destroy "vrf-h1"
}

h2_create()
{
	vrf_create "vrf-h2"
	ip link set dev $h2 master vrf-h2

	ip link set dev vrf-h2 up
	ip link set dev $h2 up

	ip address add 198.51.100.2/24 dev $h2

	ip route add 192.0.2.0/24 vrf vrf-h2 nexthop via 198.51.100.1
	ip route add 198.51.200.0/24 vrf vrf-h2 nexthop via 198.51.100.1
}

h2_destroy()
{
	ip route del 198.51.200.0/24 vrf vrf-h2
	ip route del 192.0.2.0/24 vrf vrf-h2

	ip address del 198.51.100.2/24 dev $h2

	ip link set dev $h2 down
	vrf_destroy "vrf-h2"
}

h3_create()
{
	vrf_create "vrf-h3"
	ip link set dev $h3 master vrf-h3

	ip link set dev vrf-h3 up
	ip link set dev $h3 up

	ip address add 198.51.200.2/24 dev $h3

	ip route add 192.0.2.0/24 vrf vrf-h3 nexthop via 198.51.200.1
	ip route add 198.51.100.0/24 vrf vrf-h3 nexthop via 198.51.200.1
}

h3_destroy()
{
	ip route del 198.51.100.0/24 vrf vrf-h3
	ip route del 192.0.2.0/24 vrf vrf-h3

	ip address del 198.51.200.2/24 dev $h3

	ip link set dev $h3 down
	vrf_destroy "vrf-h3"
}

router_create()
{
	ip link set dev $rp1 up
	ip link set dev $rp2 up
	ip link set dev $rp3 up

	ip address add 192.0.2.1/24 dev $rp1

	ip address add 198.51.100.1/24 dev $rp2
	ip address add 198.51.200.1/24 dev $rp3
}

router_destroy()
{
	ip address del 198.51.200.1/24 dev $rp3
	ip address del 198.51.100.1/24 dev $rp2

	ip address del 192.0.2.1/24 dev $rp1

	ip link set dev $rp3 down
	ip link set dev $rp2 down
	ip link set dev $rp1 down
}

setup_prepare()
{
	h1=${NETIFS[p1]}
	rp1=${NETIFS[p2]}

	rp2=${NETIFS[p3]}
	h2=${NETIFS[p4]}

	rp3=${NETIFS[p5]}
	h3=${NETIFS[p6]}

	vrf_prepare

	h1_create
	h2_create
	h3_create

	router_create

	forwarding_enable
}

cleanup()
{
	pre_cleanup

	forwarding_restore

	router_destroy

	h3_destroy
	h2_destroy
	h1_destroy

	vrf_cleanup
}

bc_forwarding_disable()
{
	sysctl_set net.ipv4.conf.all.bc_forwarding 0
	sysctl_set net.ipv4.conf.$rp1.bc_forwarding 0
}

bc_forwarding_enable()
{
	sysctl_set net.ipv4.conf.all.bc_forwarding 1
	sysctl_set net.ipv4.conf.$rp1.bc_forwarding 1
}

bc_forwarding_restore()
{
	sysctl_restore net.ipv4.conf.$rp1.bc_forwarding
	sysctl_restore net.ipv4.conf.all.bc_forwarding
}

ping_test_from()
{
	local oif=$1
	local dip=$2
	local from=$3
	local fail=${4:-0}

	RET=0

	log_info "ping $dip, expected reply from $from"
	ip vrf exec $(master_name_get $oif) \
	$PING -I $oif $dip -c 10 -i 0.1 -w 2 -b 2>&1 | grep $from &> /dev/null
	check_err_fail $fail $?
}

ping_ipv4()
{
	sysctl_set net.ipv4.icmp_echo_ignore_broadcasts 0

	bc_forwarding_disable
	log_info "bc_forwarding disabled on r1 =>"
	ping_test_from $h1 198.51.100.255 192.0.2.1
	log_test "h1 -> net2: reply from r1 (not forwarding)"
	ping_test_from $h1 198.51.200.255 192.0.2.1
	log_test "h1 -> net3: reply from r1 (not forwarding)"
	ping_test_from $h1 192.0.2.255 192.0.2.1
	log_test "h1 -> net1: reply from r1 (not dropping)"
	ping_test_from $h1 255.255.255.255 192.0.2.1
	log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"

	ping_test_from $h2 192.0.2.255 198.51.100.1
	log_test "h2 -> net1: reply from r1 (not forwarding)"
	ping_test_from $h2 198.51.200.255 198.51.100.1
	log_test "h2 -> net3: reply from r1 (not forwarding)"
	ping_test_from $h2 198.51.100.255 198.51.100.1
	log_test "h2 -> net2: reply from r1 (not dropping)"
	ping_test_from $h2 255.255.255.255 198.51.100.1
	log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
	bc_forwarding_restore

	bc_forwarding_enable
	log_info "bc_forwarding enabled on r1 =>"
	ping_test_from $h1 198.51.100.255 198.51.100.2
	log_test "h1 -> net2: reply from h2 (forwarding)"
	ping_test_from $h1 198.51.200.255 198.51.200.2
	log_test "h1 -> net3: reply from h3 (forwarding)"
	ping_test_from $h1 192.0.2.255 192.0.2.1 1
	log_test "h1 -> net1: no reply (dropping)"
	ping_test_from $h1 255.255.255.255 192.0.2.1
	log_test "h1 -> 255.255.255.255: reply from r1 (not forwarding)"

	ping_test_from $h2 192.0.2.255 192.0.2.2
	log_test "h2 -> net1: reply from h1 (forwarding)"
	ping_test_from $h2 198.51.200.255 198.51.200.2
	log_test "h2 -> net3: reply from h3 (forwarding)"
	ping_test_from $h2 198.51.100.255 198.51.100.1 1
	log_test "h2 -> net2: no reply (dropping)"
	ping_test_from $h2 255.255.255.255 198.51.100.1
	log_test "h2 -> 255.255.255.255: reply from r1 (not forwarding)"
	bc_forwarding_restore

	sysctl_restore net.ipv4.icmp_echo_ignore_broadcasts
}

trap cleanup EXIT

setup_prepare
setup_wait

tests_run

exit $EXIT_STATUS