test/test_trace_filter.py

#!/usr/bin/env python3

import unittest

from framework import VppTestCase, VppTestRunner
from vpp_ip_route import VppIpTable, VppIpRoute, VppRoutePath

from scapy.contrib.geneve import GENEVE
from scapy.packet import Raw
from scapy.layers.l2 import Ether
from scapy.layers.inet import IP, UDP
from scapy.layers.vxlan import VXLAN
from scapy.compat import raw
from scapy.utils import rdpcap


class TestTracefilter(VppTestCase):
    """ Packet Tracer Filter Test """

    @classmethod
    def setUpClass(cls):
        super(TestTracefilter, cls).setUpClass()

    @classmethod
    def tearDownClass(cls):
        super(TestTracefilter, cls).tearDownClass()

    def setUp(self):
        super(TestTracefilter, self).setUp()
        self.create_pg_interfaces(range(2))
        self.pg0.generate_remote_hosts(11)
        for i in self.pg_interfaces:
            i.admin_up()
            i.config_ip4()
            i.resolve_arp()

    def tearDown(self):
        super(TestTracefilter, self).tearDown()
        for i in self.pg_interfaces:
            i.unconfig()
            i.admin_down()

    def cli(self, cmd):
        r = self.vapi.cli_return_response(cmd)
        if r.retval != 0:
            s = "reply '%s'" % r.reply if hasattr(
                r, "reply") else "retval '%s'" % r.retval
            raise RuntimeError("cli command '%s' FAIL with %s" % (cmd, s))
        return r

    # check number of hits for classifier
    def assert_hits(self, n):
        r = self.cli("show classify table verbose")
        self.assertTrue(r.reply.find("hits %i" % n) != -1)

    def add_trace_filter(self, mask, match):
        self.cli("classify filter trace mask %s match %s" % (mask, match))
        self.cli("clear trace")
        self.cli("trace add pg-input 1000 filter")

    def del_trace_filters(self):
        self.cli("classify filter trace del")
        r = self.cli("show classify filter")
        s = "packet tracer:                 first table none"
        self.assertTrue(r.reply.find(s) != -1)

    def del_pcap_filters(self):
        self.cli("classify filter pcap del")
        r = self.cli("show classify filter")
        s = "pcap rx/tx/drop:               first table none"
        self.assertTrue(r.reply.find(s) != -1)

    def test_basic(self):
        """ Packet Tracer Filter Test """
        self.add_trace_filter(
            "l3 ip4 src",
            "l3 ip4 src %s" %
            self.pg0.remote_hosts[5].ip4)
        self.add_trace_filter(
            "l3 ip4 proto l4 src_port",
            "l3 ip4 proto 17 l4 src_port 2345")
        # the packet we are trying to match
        p = list()
        for i in range(100):
            src = self.pg0.remote_hosts[i % len(self.pg0.remote_hosts)].ip4
            p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                      IP(src=src, dst=self.pg1.remote_ip4) /
                      UDP(sport=1234, dport=2345) / Raw('\xa5' * 100)))
        for i in range(17):
            p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                      IP(src=self.pg0.remote_hosts[0].ip4,
                         dst=self.pg1.remote_ip4) /
                      UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))

        self.send_and_expect(self.pg0, p, self.pg1, trace=False)

        # Check for 9 and 17 classifier hits, which is the right answer
        self.assert_hits(9)
        self.assert_hits(17)

        self.del_trace_filters()

    # install a classify rule, inject traffic and check for hits
    def assert_classify(self, mask, match, packets, n=None):
        self.add_trace_filter("hex %s" % mask, "hex %s" % match)
        self.send_and_expect(self.pg0, packets, self.pg1, trace=False)
        self.assert_hits(n if n is not None else len(packets))
        self.del_trace_filters()

    def test_encap(self):
        """ Packet Tracer Filter Test with encap """

        # the packet we are trying to match
        p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
             IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) /
             UDP() /
             VXLAN() /
             Ether() /
             IP() /
             UDP() /
             GENEVE(vni=1234) /
             Ether() /
             IP(src='192.168.4.167') /
             UDP() /
             Raw('\xa5' * 100))

        #
        # compute filter mask & value
        # we compute it by XOR'ing a template packet with a modified packet
        # we need to set checksums to 0 to make sure scapy will not recompute
        # them
        #
        tmpl = (Ether() /
                IP(chksum=0) /
                UDP(chksum=0) /
                VXLAN() /
                Ether() /
                IP(chksum=0) /
                UDP(chksum=0) /
                GENEVE(vni=0) /
                Ether() /
                IP(src='0.0.0.0', chksum=0))
        ori = raw(tmpl)

        # the mask
        tmpl[GENEVE].vni = 0xffffff
        user = tmpl[GENEVE].payload
        user[IP].src = '255.255.255.255'
        new = raw(tmpl)
        mask = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))

        # this does not match (wrong vni)
        tmpl[GENEVE].vni = 1
        user = tmpl[GENEVE].payload
        user[IP].src = '192.168.4.167'
        new = raw(tmpl)
        match = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))
        self.assert_classify(mask, match, [p] * 11, 0)

        # this must match
        tmpl[GENEVE].vni = 1234
        new = raw(tmpl)
        match = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))
        self.assert_classify(mask, match, [p] * 17)

    def test_pcap(self):
        """ Packet Capture Filter Test """
        self.cli(
            "classify filter pcap mask l3 ip4 src match l3 ip4 src %s" %
            self.pg0.remote_hosts[5].ip4)
        self.cli(
            "classify filter pcap "
            "mask l3 ip4 proto l4 src_port "
            "match l3 ip4 proto 17 l4 src_port 2345")
        self.cli(
            "pcap trace rx tx max 1000 intfc pg0 "
            "file vpp_test_trace_filter_test_pcap.pcap filter")
        # the packet we are trying to match
        p = list()
        for i in range(100):
            src = self.pg0.remote_hosts[i % len(self.pg0.remote_hosts)].ip4
            p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                      IP(src=src, dst=self.pg1.remote_ip4) /
                      UDP(sport=1234, dport=2345) / Raw('\xa5' * 100)))
        for i in range(17):
            p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                      IP(src=self.pg0.remote_hosts[0].ip4,
                         dst=self.pg1.remote_ip4) /
                      UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))

        self.send_and_expect(self.pg0, p, self.pg1, trace=False)

        # Check for 9 and 17 classifier hits, which is the right answer
        self.assert_hits(9)
        self.assert_hits(17)

        self.cli("pcap trace rx tx off")
        self.del_pcap_filters()

        # check captured pcap
        pcap = rdpcap("/tmp/vpp_test_trace_filter_test_pcap.pcap")
        self.assertEqual(len(pcap), 9 + 17)
        p_ = str(p[5])
        for i in range(9):
            self.assertEqual(str(pcap[i]), p_)
        p_ = str(p[100])
        for i in range(9, 9 + 17):
            self.assertEqual(str(pcap[i]), p_)

    def test_pcap_drop(self):
        """ Drop Packet Capture Filter Test """
        self.cli(
            "pcap trace drop max 1000 "
            "error {ip4-udp-lookup}.{no_listener} "
            "file vpp_test_trace_filter_test_pcap_drop.pcap")
        # the packet we are trying to match
        p = list()
        for i in range(17):
            # this packet should be forwarded
            p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                      IP(src=self.pg0.remote_hosts[0].ip4,
                         dst=self.pg1.remote_ip4) /
                      UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))
            # this packet should be captured (no listener)
            p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                      IP(src=self.pg0.remote_hosts[0].ip4,
                         dst=self.pg0.local_ip4) /
                      UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))
        # this packet will be blackholed but not captured
        p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /
                  IP(src=self.pg0.remote_hosts[0].ip4, dst="0.0.0.0") /
                  UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))

        self.send_and_expect(self.pg0, p, self.pg1, n_rx=17, trace=False)

        self.cli("pcap trace drop off")

        # check captured pcap
        pcap = rdpcap("/tmp/vpp_test_trace_filter_test_pcap_drop.pcap")
        self.assertEqual(len(pcap), 17)


if __name__ == '__main__':
    unittest.main(testRunner=VppTestRunner)
classify: vpp packet tracer support Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 2019-12-04 17:19:12 -05:00			`#!/usr/bin/env python3`

			`import unittest`

tests: make tests less make dependent Implement command line argument parsing instead of passing arguments via environment variables. Add script for running tests without having to invoke make. Deprecate running tests via make. Type: improvement Change-Id: I2e3054a61a2ae25d460e9be00be7d7705fbf943e Signed-off-by: Klement Sekera <ksekera@cisco.com> Signed-off-by: Dave Wallace <dwallacelf@gmail.com> 2021-05-31 16:08:53 +02:00			`from framework import VppTestCase, VppTestRunner`
classify: vpp packet tracer support Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 2019-12-04 17:19:12 -05:00			`from vpp_ip_route import VppIpTable, VppIpRoute, VppRoutePath`

tests: fix import from change to scapy 2.4.3 Type: test Fixes: 8d27fa73f22803d518993090804724f76350cfcc Change-Id: I4656a9769011ed2399c1799f6f17520e44f375c7 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> 2019-12-17 18:02:54 -05:00			`from scapy.contrib.geneve import GENEVE`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`from scapy.packet import Raw`
			`from scapy.layers.l2 import Ether`
			`from scapy.layers.inet import IP, UDP`
			`from scapy.layers.vxlan import VXLAN`
			`from scapy.compat import raw`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`from scapy.utils import rdpcap`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00
classify: vpp packet tracer support Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 2019-12-04 17:19:12 -05:00
			`class TestTracefilter(VppTestCase):`
			`""" Packet Tracer Filter Test """`

			`@classmethod`
			`def setUpClass(cls):`
			`super(TestTracefilter, cls).setUpClass()`

			`@classmethod`
			`def tearDownClass(cls):`
			`super(TestTracefilter, cls).tearDownClass()`

			`def setUp(self):`
			`super(TestTracefilter, self).setUp()`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`self.create_pg_interfaces(range(2))`
			`self.pg0.generate_remote_hosts(11)`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`for i in self.pg_interfaces:`
			`i.admin_up()`
			`i.config_ip4()`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`i.resolve_arp()`
classify: vpp packet tracer support Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 2019-12-04 17:19:12 -05:00
			`def tearDown(self):`
			`super(TestTracefilter, self).tearDown()`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`for i in self.pg_interfaces:`
			`i.unconfig()`
			`i.admin_down()`

			`def cli(self, cmd):`
			`r = self.vapi.cli_return_response(cmd)`
			`if r.retval != 0:`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`s = "reply '%s'" % r.reply if hasattr(`
			`r, "reply") else "retval '%s'" % r.retval`
			`raise RuntimeError("cli command '%s' FAIL with %s" % (cmd, s))`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`return r`

			`# check number of hits for classifier`
			`def assert_hits(self, n):`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`r = self.cli("show classify table verbose")`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`self.assertTrue(r.reply.find("hits %i" % n) != -1)`
classify: vpp packet tracer support Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 2019-12-04 17:19:12 -05:00
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`def add_trace_filter(self, mask, match):`
			`self.cli("classify filter trace mask %s match %s" % (mask, match))`
			`self.cli("clear trace")`
			`self.cli("trace add pg-input 1000 filter")`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`def del_trace_filters(self):`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`self.cli("classify filter trace del")`
			`r = self.cli("show classify filter")`
			`s = "packet tracer: first table none"`
			`self.assertTrue(r.reply.find(s) != -1)`

classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`def del_pcap_filters(self):`
			`self.cli("classify filter pcap del")`
			`r = self.cli("show classify filter")`
			`s = "pcap rx/tx/drop: first table none"`
			`self.assertTrue(r.reply.find(s) != -1)`

classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`def test_basic(self):`
classify: vpp packet tracer support Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 2019-12-04 17:19:12 -05:00			`""" Packet Tracer Filter Test """`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`self.add_trace_filter(`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`"l3 ip4 src",`
			`"l3 ip4 src %s" %`
			`self.pg0.remote_hosts[5].ip4)`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`self.add_trace_filter(`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`"l3 ip4 proto l4 src_port",`
			`"l3 ip4 proto 17 l4 src_port 2345")`
			`# the packet we are trying to match`
			`p = list()`
			`for i in range(100):`
			`src = self.pg0.remote_hosts[i % len(self.pg0.remote_hosts)].ip4`
			`p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
			`IP(src=src, dst=self.pg1.remote_ip4) /`
			`UDP(sport=1234, dport=2345) / Raw('\xa5' * 100)))`
			`for i in range(17):`
			`p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
			`IP(src=self.pg0.remote_hosts[0].ip4,`
			`dst=self.pg1.remote_ip4) /`
			`UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))`

			`self.send_and_expect(self.pg0, p, self.pg1, trace=False)`

			`# Check for 9 and 17 classifier hits, which is the right answer`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`self.assert_hits(9)`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`self.assert_hits(17)`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`self.del_trace_filters()`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00
			`# install a classify rule, inject traffic and check for hits`
			`def assert_classify(self, mask, match, packets, n=None):`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`self.add_trace_filter("hex %s" % mask, "hex %s" % match)`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`self.send_and_expect(self.pg0, packets, self.pg1, trace=False)`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`self.assert_hits(n if n is not None else len(packets))`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`self.del_trace_filters()`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00
			`def test_encap(self):`
			`""" Packet Tracer Filter Test with encap """`

			`# the packet we are trying to match`
			`p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
classify: fix multiple filters support This fix the classify filter if we attach several different filters. This also fix some issues with l3 and l4 parsing. Type: fix Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-19 16:39:13 +01:00			`IP(src=self.pg0.remote_ip4, dst=self.pg1.remote_ip4) /`
classify: add complex encap packet tracing test Type: test Change-Id: I392975c00d7dae86dacedf7559aafa431e71cb14 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2019-12-10 12:48:26 +01:00			`UDP() /`
			`VXLAN() /`
			`Ether() /`
			`IP() /`
			`UDP() /`
			`GENEVE(vni=1234) /`
			`Ether() /`
			`IP(src='192.168.4.167') /`
			`UDP() /`
			`Raw('\xa5' * 100))`

			`#`
			`# compute filter mask & value`
			`# we compute it by XOR'ing a template packet with a modified packet`
			`# we need to set checksums to 0 to make sure scapy will not recompute`
			`# them`
			`#`
			`tmpl = (Ether() /`
			`IP(chksum=0) /`
			`UDP(chksum=0) /`
			`VXLAN() /`
			`Ether() /`
			`IP(chksum=0) /`
			`UDP(chksum=0) /`
			`GENEVE(vni=0) /`
			`Ether() /`
			`IP(src='0.0.0.0', chksum=0))`
			`ori = raw(tmpl)`

			`# the mask`
			`tmpl[GENEVE].vni = 0xffffff`
			`user = tmpl[GENEVE].payload`
			`user[IP].src = '255.255.255.255'`
			`new = raw(tmpl)`
			`mask = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))`

			`# this does not match (wrong vni)`
			`tmpl[GENEVE].vni = 1`
			`user = tmpl[GENEVE].payload`
			`user[IP].src = '192.168.4.167'`
			`new = raw(tmpl)`
			`match = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))`
			`self.assert_classify(mask, match, [p] * 11, 0)`

			`# this must match`
			`tmpl[GENEVE].vni = 1234`
			`new = raw(tmpl)`
			`match = "".join(("{:02x}".format(o ^ n) for o, n in zip(ori, new)))`
			`self.assert_classify(mask, match, [p] * 17)`

classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`def test_pcap(self):`
			`""" Packet Capture Filter Test """`
			`self.cli(`
			`"classify filter pcap mask l3 ip4 src match l3 ip4 src %s" %`
			`self.pg0.remote_hosts[5].ip4)`
			`self.cli(`
			`"classify filter pcap "`
			`"mask l3 ip4 proto l4 src_port "`
			`"match l3 ip4 proto 17 l4 src_port 2345")`
			`self.cli(`
			`"pcap trace rx tx max 1000 intfc pg0 "`
misc: add filter for specific error for pcap trace Type: feature Change-Id: I325257454df1cc22833fa6a1dedd4739d4d5a558 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-03-03 17:37:25 +01:00			`"file vpp_test_trace_filter_test_pcap.pcap filter")`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`# the packet we are trying to match`
			`p = list()`
			`for i in range(100):`
			`src = self.pg0.remote_hosts[i % len(self.pg0.remote_hosts)].ip4`
			`p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
			`IP(src=src, dst=self.pg1.remote_ip4) /`
			`UDP(sport=1234, dport=2345) / Raw('\xa5' * 100)))`
			`for i in range(17):`
			`p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
			`IP(src=self.pg0.remote_hosts[0].ip4,`
			`dst=self.pg1.remote_ip4) /`
			`UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))`

			`self.send_and_expect(self.pg0, p, self.pg1, trace=False)`

			`# Check for 9 and 17 classifier hits, which is the right answer`
			`self.assert_hits(9)`
			`self.assert_hits(17)`

			`self.cli("pcap trace rx tx off")`
			`self.del_pcap_filters()`

			`# check captured pcap`
misc: add filter for specific error for pcap trace Type: feature Change-Id: I325257454df1cc22833fa6a1dedd4739d4d5a558 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-03-03 17:37:25 +01:00			`pcap = rdpcap("/tmp/vpp_test_trace_filter_test_pcap.pcap")`
classify: honor pcap interface filter also when classify filter is used Type: fix Change-Id: Ic32550ee9c5d76d232d8b67a7810611f6c8b9177 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-02-26 13:47:41 +01:00			`self.assertEqual(len(pcap), 9 + 17)`
			`p_ = str(p[5])`
			`for i in range(9):`
			`self.assertEqual(str(pcap[i]), p_)`
			`p_ = str(p[100])`
			`for i in range(9, 9 + 17):`
			`self.assertEqual(str(pcap[i]), p_)`

misc: add filter for specific error for pcap trace Type: feature Change-Id: I325257454df1cc22833fa6a1dedd4739d4d5a558 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-03-03 17:37:25 +01:00			`def test_pcap_drop(self):`
			`""" Drop Packet Capture Filter Test """`
			`self.cli(`
			`"pcap trace drop max 1000 "`
udp: fix severity error info Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I415d68b39ecac546b531f6eb98bca51e7eb6f7f7 2021-10-06 12:48:34 +00:00			`"error {ip4-udp-lookup}.{no_listener} "`
misc: add filter for specific error for pcap trace Type: feature Change-Id: I325257454df1cc22833fa6a1dedd4739d4d5a558 Signed-off-by: Benoît Ganne <bganne@cisco.com> 2021-03-03 17:37:25 +01:00			`"file vpp_test_trace_filter_test_pcap_drop.pcap")`
			`# the packet we are trying to match`
			`p = list()`
			`for i in range(17):`
			`# this packet should be forwarded`
			`p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
			`IP(src=self.pg0.remote_hosts[0].ip4,`
			`dst=self.pg1.remote_ip4) /`
			`UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))`
			`# this packet should be captured (no listener)`
			`p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
			`IP(src=self.pg0.remote_hosts[0].ip4,`
			`dst=self.pg0.local_ip4) /`
			`UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))`
			`# this packet will be blackholed but not captured`
			`p.append((Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) /`
			`IP(src=self.pg0.remote_hosts[0].ip4, dst="0.0.0.0") /`
			`UDP(sport=2345, dport=1234) / Raw('\xa5' * 100)))`

			`self.send_and_expect(self.pg0, p, self.pg1, n_rx=17, trace=False)`

			`self.cli("pcap trace drop off")`

			`# check captured pcap`
			`pcap = rdpcap("/tmp/vpp_test_trace_filter_test_pcap_drop.pcap")`
			`self.assertEqual(len(pcap), 17)`

classify: vpp packet tracer support Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 2019-12-04 17:19:12 -05:00
			`if __name__ == '__main__':`
			`unittest.main(testRunner=VppTestRunner)`