reassembly: prevent long chain attack

limit max # of fragments to 3 per packet by default add API option to configure the limit at runtime Change-Id: Ie4b9507bf5c6095b9a5925972b37fe0032f4f9e8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-05-16 14:35:46 +02:00
parent b388e1a506
commit 3a343d42d7
11 changed files with 181 additions and 13 deletions
--- a/test/framework.py
+++ b/test/framework.py
@ -1000,6 +1000,19 @@ class VppTestCase(unittest.TestCase):
        if pkt.haslayer(ICMPv6EchoReply):
            self.assert_checksum_valid(pkt, 'ICMPv6EchoReply', 'cksum')

+    def get_packet_counter(self, counter):
+        if counter.startswith("/"):
+            counter_value = self.statistics.get_counter(counter)
+        else:
+            counters = self.vapi.cli("sh errors").split('\n')
+            counter_value = -1
+            for i in range(1, len(counters) - 1):
+                results = counters[i].split()
+                if results[1] == counter:
+                    counter_value = int(results[0])
+                    break
+        return counter_value
+
    def assert_packet_counter_equal(self, counter, expected_value):
        if counter.startswith("/"):
            counter_value = self.statistics.get_counter(counter)