Module Name: src
Committed By: martin
Date: Thu Sep 5 09:27:13 UTC 2024
Modified Files:
src/distrib/sets/lists/tests [netbsd-10]: mi
src/sbin/brconfig [netbsd-10]: brconfig.8 brconfig.c
src/sys/net [netbsd-10]: if_bridge.c if_bridgevar.h
src/tests/net/if_bridge [netbsd-10]: Makefile t_bridge.sh
Added Files:
src/tests/net/if_bridge [netbsd-10]: broadcast.pcap.uue
unicast.pcap.uue
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #818):
sys/net/if_bridgevar.h: revision 1.39
sbin/brconfig/brconfig.c: revision 1.18
tests/net/if_bridge/unicast.pcap.uue: revision 1.1
tests/net/if_bridge/t_bridge.sh: revision 1.20
sbin/brconfig/brconfig.8: revision 1.21
tests/net/if_bridge/t_bridge.sh: revision 1.21
sys/net/if_bridge.c: revision 1.194
tests/net/if_bridge/Makefile: revision 1.4
distrib/sets/lists/tests/mi: revision 1.1336
tests/net/if_bridge/broadcast.pcap.uue: revision 1.1
bridge: implement interface protection
It enables a feature similar to "protected-port" or "isolation" in some
router products by marking member interfaces protected; when a frame
arrives on a protected interface and is being forwarded to another
protected interface, the frame will be discarded.
The code is developed by the SEIL team at IIJ.
tests: dedup test scripts like others
brconfig: add protect/-protect commands
It marks/clears a specified interface "protected".
tests, bridge: add tests for interface protection
The original author of the test is k-goda@IIJ. ozaki-r improved
the test slightly.
distrib: install uuencoded pcap files for testing
To generate a diff of this commit:
cvs rdiff -u -r1.1238.2.10 -r1.1238.2.11 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.20 -r1.20.6.1 src/sbin/brconfig/brconfig.8
cvs rdiff -u -r1.17 -r1.17.26.1 src/sbin/brconfig/brconfig.c
cvs rdiff -u -r1.189.4.1 -r1.189.4.2 src/sys/net/if_bridge.c
cvs rdiff -u -r1.37 -r1.37.4.1 src/sys/net/if_bridgevar.h
cvs rdiff -u -r1.3 -r1.3.22.1 src/tests/net/if_bridge/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/tests/net/if_bridge/broadcast.pcap.uue \
src/tests/net/if_bridge/unicast.pcap.uue
cvs rdiff -u -r1.19 -r1.19.8.1 src/tests/net/if_bridge/t_bridge.sh
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/sets/lists/tests/mi
diff -u src/distrib/sets/lists/tests/mi:1.1238.2.10 src/distrib/sets/lists/tests/mi:1.1238.2.11
--- src/distrib/sets/lists/tests/mi:1.1238.2.10 Thu Sep 5 09:22:44 2024
+++ src/distrib/sets/lists/tests/mi Thu Sep 5 09:27:13 2024
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.1238.2.10 2024/09/05 09:22:44 martin Exp $
+# $NetBSD: mi,v 1.1238.2.11 2024/09/05 09:27:13 martin Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
#
@@ -4250,8 +4250,10 @@
./usr/tests/net/if_bridge tests-net-tests compattestfile,atf
./usr/tests/net/if_bridge/Atffile tests-net-tests atf,rump
./usr/tests/net/if_bridge/Kyuafile tests-net-tests atf,rump,kyua
+./usr/tests/net/if_bridge/broadcast.pcap.uue tests-net-tests compattestfile,atf
./usr/tests/net/if_bridge/t_bridge tests-net-tests atf,rump
./usr/tests/net/if_bridge/t_rtable tests-net-tests atf,rump
+./usr/tests/net/if_bridge/unicast.pcap.uue tests-net-tests compattestfile,atf
./usr/tests/net/if_gif tests-net-tests compattestfile,atf
./usr/tests/net/if_gif/Atffile tests-net-tests atf,rump
./usr/tests/net/if_gif/Kyuafile tests-net-tests atf,rump,kyua
Index: src/sbin/brconfig/brconfig.8
diff -u src/sbin/brconfig/brconfig.8:1.20 src/sbin/brconfig/brconfig.8:1.20.6.1
--- src/sbin/brconfig/brconfig.8:1.20 Sun Jul 19 14:43:35 2020
+++ src/sbin/brconfig/brconfig.8 Thu Sep 5 09:27:12 2024
@@ -1,4 +1,4 @@
-.\" $NetBSD: brconfig.8,v 1.20 2020/07/19 14:43:35 wiz Exp $
+.\" $NetBSD: brconfig.8,v 1.20.6.1 2024/09/05 09:27:12 martin Exp $
.\"
.\" Copyright 2001 Wasabi Systems, Inc.
.\" All rights reserved.
@@ -33,7 +33,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd July 19, 2020
+.Dd August 29, 2024
.Dt BRCONFIG 8
.Os
.Sh NAME
@@ -165,6 +165,19 @@ This is the default for all interfaces a
Clear the
.Dq learning
attribute on a member interface.
+.It Cm protect Ar interface
+Mark an interface as a
+.Dq protected
+interface.
+When a packet arrives on a
+.Dq protected
+interface and is being forwarded to another
+.Dq protected
+interface, the packet will be discarded.
+.It Cm -protect Ar interface
+Clear the
+.Dq protected
+attribute on a member interface.
.It Cm static Ar interface address
Add a static entry into the address cache pointing to
.Ar interface .
Index: src/sbin/brconfig/brconfig.c
diff -u src/sbin/brconfig/brconfig.c:1.17 src/sbin/brconfig/brconfig.c:1.17.26.1
--- src/sbin/brconfig/brconfig.c:1.17 Mon Jun 1 06:15:18 2015
+++ src/sbin/brconfig/brconfig.c Thu Sep 5 09:27:12 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: brconfig.c,v 1.17 2015/06/01 06:15:18 matt Exp $ */
+/* $NetBSD: brconfig.c,v 1.17.26.1 2024/09/05 09:27:12 martin Exp $ */
/*
* Copyright 2001 Wasabi Systems, Inc.
@@ -43,7 +43,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: brconfig.c,v 1.17 2015/06/01 06:15:18 matt Exp $");
+__RCSID("$NetBSD: brconfig.c,v 1.17.26.1 2024/09/05 09:27:12 martin Exp $");
#endif
@@ -95,6 +95,7 @@ static void cmd_ifpathcost(const struct
static void cmd_timeout(const struct command *, int, const char *, char **);
static void cmd_stp(const struct command *, int, const char *, char **);
static void cmd_ipf(const struct command *, int, const char *, char **);
+static void cmd_protect(const struct command *, int, const char *, char **);
static const struct command command_table[] = {
{ "add", 1, 0, cmd_add },
@@ -131,6 +132,9 @@ static const struct command command_tabl
{ "ipf", 0, 0, cmd_ipf },
{ "-ipf", 0, CMD_INVERT, cmd_ipf },
+ { "protect", 1, 0, cmd_protect },
+ { "-protect", 1, CMD_INVERT, cmd_protect },
+
{ NULL, 0, 0, NULL },
};
@@ -625,6 +629,15 @@ cmd_stp(const struct command *cmd, int s
}
static void
+cmd_protect(const struct command *cmd, int sock, const char *bridge,
+ char **argv)
+{
+
+ do_bridgeflag(sock, bridge, argv[0], IFBIF_PROTECTED,
+ (cmd->cmd_flags & CMD_INVERT) ? 0 : 1);
+}
+
+static void
cmd_flush(const struct command *cmd, int sock, const char *bridge,
char **argv)
{
Index: src/sys/net/if_bridge.c
diff -u src/sys/net/if_bridge.c:1.189.4.1 src/sys/net/if_bridge.c:1.189.4.2
--- src/sys/net/if_bridge.c:1.189.4.1 Sat Jul 20 15:54:10 2024
+++ src/sys/net/if_bridge.c Thu Sep 5 09:27:12 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: if_bridge.c,v 1.189.4.1 2024/07/20 15:54:10 martin Exp $ */
+/* $NetBSD: if_bridge.c,v 1.189.4.2 2024/09/05 09:27:12 martin Exp $ */
/*
* Copyright 2001 Wasabi Systems, Inc.
@@ -80,7 +80,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_bridge.c,v 1.189.4.1 2024/07/20 15:54:10 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_bridge.c,v 1.189.4.2 2024/09/05 09:27:12 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -102,6 +102,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_bridge.c,
#include <sys/cprng.h>
#include <sys/mutex.h>
#include <sys/kmem.h>
+#include <sys/syslog.h>
#include <net/bpf.h>
#include <net/if.h>
@@ -250,7 +251,7 @@ static void bridge_forward(struct bridge
static void bridge_timer(void *);
-static void bridge_broadcast(struct bridge_softc *, struct ifnet *,
+static void bridge_broadcast(struct bridge_softc *, struct ifnet *, bool,
struct mbuf *);
static int bridge_rtupdate(struct bridge_softc *, const uint8_t *,
@@ -1017,6 +1018,18 @@ bridge_ioctl_sifflags(struct bridge_soft
}
}
+ if (bif->bif_flags & IFBIF_PROTECTED) {
+ if ((req->ifbr_ifsflags & IFBIF_PROTECTED) == 0) {
+ log(LOG_INFO, "%s: disabling protection on %s\n",
+ sc->sc_if.if_xname, bif->bif_ifp->if_xname);
+ }
+ } else {
+ if (req->ifbr_ifsflags & IFBIF_PROTECTED) {
+ log(LOG_INFO, "%s: enabling protection on %s\n",
+ sc->sc_if.if_xname, bif->bif_ifp->if_xname);
+ }
+ }
+
bif->bif_flags = req->ifbr_ifsflags;
bridge_release_member(sc, bif, &psref);
@@ -1802,6 +1815,7 @@ bridge_forward(struct bridge_softc *sc,
struct psref psref;
struct psref psref_src;
DECLARE_LOCK_VARIABLE;
+ bool src_if_protected;
if ((sc->sc_if.if_flags & IFF_RUNNING) == 0)
return;
@@ -1862,6 +1876,8 @@ bridge_forward(struct bridge_softc *sc,
goto out;
}
+ src_if_protected = ((bif->bif_flags & IFBIF_PROTECTED) != 0);
+
bridge_release_member(sc, bif, &psref);
/*
@@ -1894,7 +1910,7 @@ bridge_forward(struct bridge_softc *sc,
goto out;
if (dst_if == NULL) {
- bridge_broadcast(sc, src_if, m);
+ bridge_broadcast(sc, src_if, src_if_protected, m);
goto out;
}
@@ -1927,6 +1943,12 @@ bridge_forward(struct bridge_softc *sc,
}
}
+ if ((bif->bif_flags & IFBIF_PROTECTED) && src_if_protected) {
+ m_freem(m);
+ bridge_release_member(sc, bif, &psref);
+ goto out;
+ }
+
bridge_release_member(sc, bif, &psref);
/*
@@ -2106,7 +2128,7 @@ out:
*/
static void
bridge_broadcast(struct bridge_softc *sc, struct ifnet *src_if,
- struct mbuf *m)
+ bool src_if_protected, struct mbuf *m)
{
struct bridge_iflist *bif;
struct mbuf *mc;
@@ -2141,6 +2163,11 @@ bridge_broadcast(struct bridge_softc *sc
goto next;
if (dst_if != src_if) {
+ if ((bif->bif_flags & IFBIF_PROTECTED) &&
+ src_if_protected) {
+ goto next;
+ }
+
mc = m_copypacket(m, M_DONTWAIT);
if (mc == NULL) {
if_statinc(&sc->sc_if, if_oerrors);
Index: src/sys/net/if_bridgevar.h
diff -u src/sys/net/if_bridgevar.h:1.37 src/sys/net/if_bridgevar.h:1.37.4.1
--- src/sys/net/if_bridgevar.h:1.37 Thu Sep 30 03:57:48 2021
+++ src/sys/net/if_bridgevar.h Thu Sep 5 09:27:12 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: if_bridgevar.h,v 1.37 2021/09/30 03:57:48 yamaguchi Exp $ */
+/* $NetBSD: if_bridgevar.h,v 1.37.4.1 2024/09/05 09:27:12 martin Exp $ */
/*
* Copyright 2001 Wasabi Systems, Inc.
@@ -130,8 +130,9 @@ struct ifbreq {
#define IFBIF_LEARNING 0x01 /* if can learn */
#define IFBIF_DISCOVER 0x02 /* if sends packets w/ unknown dest. */
#define IFBIF_STP 0x04 /* if participates in spanning tree */
+#define IFBIF_PROTECTED 0x08 /* if participates in protected mode */
-#define IFBIFBITS "\020\1LEARNING\2DISCOVER\3STP"
+#define IFBIFBITS "\020\1LEARNING\2DISCOVER\3STP\4PROTECTED"
/* BRDGFLUSH */
#define IFBF_FLUSHDYN 0x00 /* flush learned addresses only */
Index: src/tests/net/if_bridge/Makefile
diff -u src/tests/net/if_bridge/Makefile:1.3 src/tests/net/if_bridge/Makefile:1.3.22.1
--- src/tests/net/if_bridge/Makefile:1.3 Sat Mar 11 04:24:52 2017
+++ src/tests/net/if_bridge/Makefile Thu Sep 5 09:27:13 2024
@@ -1,13 +1,16 @@
-# $NetBSD: Makefile,v 1.3 2017/03/11 04:24:52 ozaki-r Exp $
+# $NetBSD: Makefile,v 1.3.22.1 2024/09/05 09:27:13 martin Exp $
#
.include <bsd.own.mk>
TESTSDIR= ${TESTSBASE}/net/if_bridge
+FILESDIR= ${TESTSDIR}
.for name in bridge rtable
TESTS_SH+= t_${name}
TESTS_SH_SRC_t_${name}= ../net_common.sh t_${name}.sh
.endfor
+FILES+= broadcast.pcap.uue unicast.pcap.uue
+
.include <bsd.test.mk>
Index: src/tests/net/if_bridge/t_bridge.sh
diff -u src/tests/net/if_bridge/t_bridge.sh:1.19 src/tests/net/if_bridge/t_bridge.sh:1.19.8.1
--- src/tests/net/if_bridge/t_bridge.sh:1.19 Mon Aug 19 03:22:05 2019
+++ src/tests/net/if_bridge/t_bridge.sh Thu Sep 5 09:27:13 2024
@@ -1,4 +1,4 @@
-# $NetBSD: t_bridge.sh,v 1.19 2019/08/19 03:22:05 ozaki-r Exp $
+# $NetBSD: t_bridge.sh,v 1.19.8.1 2024/09/05 09:27:13 martin Exp $
#
# Copyright (c) 2014 The NetBSD Foundation, Inc.
# All rights reserved.
@@ -40,43 +40,6 @@ IP6BR2=fc00::12
DEBUG=${DEBUG:-false}
TIMEOUT=5
-atf_test_case bridge_create_destroy cleanup
-atf_test_case bridge_ipv4 cleanup
-atf_test_case bridge_ipv6 cleanup
-atf_test_case bridge_member_ipv4 cleanup
-atf_test_case bridge_member_ipv6 cleanup
-
-bridge_create_destroy_head()
-{
-
- atf_set "descr" "Test creating/destroying bridge interfaces"
- atf_set "require.progs" "rump_server"
-}
-
-bridge_ipv4_head()
-{
- atf_set "descr" "Does simple if_bridge tests"
- atf_set "require.progs" "rump_server"
-}
-
-bridge_ipv6_head()
-{
- atf_set "descr" "Does simple if_bridge tests (IPv6)"
- atf_set "require.progs" "rump_server"
-}
-
-bridge_member_ipv4_head()
-{
- atf_set "descr" "Tests if_bridge with members with an IP address"
- atf_set "require.progs" "rump_server"
-}
-
-bridge_member_ipv6_head()
-{
- atf_set "descr" "Tests if_bridge with members with an IP address (IPv6)"
- atf_set "require.progs" "rump_server"
-}
-
setup_endpoint()
{
sock=${1}
@@ -320,7 +283,7 @@ test_ping6_member()
rump.ifconfig -v shmif0
}
-bridge_create_destroy_body()
+test_create_destroy()
{
rump_server_start $SOCK1 bridge
@@ -328,7 +291,7 @@ bridge_create_destroy_body()
test_create_destroy_common $SOCK1 bridge0
}
-bridge_ipv4_body()
+test_ipv4()
{
setup
test_setup
@@ -347,7 +310,7 @@ bridge_ipv4_body()
rump_server_destroy_ifaces
}
-bridge_ipv6_body()
+test_ipv6()
{
setup6
test_setup6
@@ -365,7 +328,7 @@ bridge_ipv6_body()
rump_server_destroy_ifaces
}
-bridge_member_ipv4_body()
+test_member_ipv4()
{
setup
test_setup
@@ -387,7 +350,7 @@ bridge_member_ipv4_body()
rump_server_destroy_ifaces
}
-bridge_member_ipv6_body()
+test_member_ipv6()
{
setup6
test_setup6
@@ -408,47 +371,166 @@ bridge_member_ipv6_body()
rump_server_destroy_ifaces
}
-bridge_create_destroy_cleanup()
+BUS_SHMIF0=./bus0
+BUS_SHMIF1=./bus1
+BUS_SHMIF2=./bus2
+
+unpack_file()
{
- $DEBUG && dump
- cleanup
+ atf_check -s exit:0 uudecode $(atf_get_srcdir)/${1}.uue
}
-bridge_ipv4_cleanup()
+reset_if_stats()
{
- $DEBUG && dump
- cleanup
+ for ifname in shmif0 shmif1 shmif2
+ do
+ atf_check -s exit:0 -o ignore rump.ifconfig -z $ifname
+ done
}
-bridge_ipv6_cleanup()
+test_protection()
{
- $DEBUG && dump
- cleanup
-}
+ unpack_file unicast.pcap
+ unpack_file broadcast.pcap
-bridge_member_ipv4_cleanup()
-{
+ rump_server_start $SOCK1 bridge
+ rump_server_add_iface $SOCK1 shmif0 $BUS_SHMIF0
+ rump_server_add_iface $SOCK1 shmif1 $BUS_SHMIF1
+ rump_server_add_iface $SOCK1 shmif2 $BUS_SHMIF2
- $DEBUG && dump
- cleanup
+ export RUMP_SERVER=$SOCK1
+ atf_check -s exit:0 rump.ifconfig shmif0 up
+ atf_check -s exit:0 rump.ifconfig shmif1 up
+ atf_check -s exit:0 rump.ifconfig shmif2 up
+
+ atf_check -s exit:0 rump.ifconfig bridge0 create
+ atf_check -s exit:0 rump.ifconfig bridge0 up
+
+ atf_check -s exit:0 $HIJACKING brconfig bridge0 add shmif0 add shmif1 add shmif2
+ $DEBUG && rump.ifconfig
+
+ # Protected interfaces: -
+ # Learning: -
+ # Input: unicast through shmif0
+ # Output: shmif1, shmif2
+ reset_if_stats
+ atf_check -s exit:0 -o ignore shmif_pcapin unicast.pcap ${BUS_SHMIF0}
+ atf_check -s exit:0 -o match:"input: 1 packet" rump.ifconfig -v shmif0
+ atf_check -s exit:0 -o match:"output: 1 packet" rump.ifconfig -v shmif1
+ atf_check -s exit:0 -o match:"output: 1 packet" rump.ifconfig -v shmif2
+ $DEBUG && rump.ifconfig -v bridge0
+
+ # Protected interfaces: -
+ # Learning: -
+ # Input: broadcast through shmif0
+ # Output: shmif1, shmif2
+ reset_if_stats
+ atf_check -s exit:0 -o ignore shmif_pcapin broadcast.pcap ${BUS_SHMIF0}
+ atf_check -s exit:0 -o match:"input: 1 packet" rump.ifconfig -v shmif0
+ atf_check -s exit:0 -o match:"output: 1 packet" rump.ifconfig -v shmif1
+ atf_check -s exit:0 -o match:"output: 1 packet" rump.ifconfig -v shmif2
+ $DEBUG && rump.ifconfig -v bridge0
+
+ # Protect shmif0 and shmif2
+ atf_check -s exit:0 $HIJACKING brconfig bridge0 protect shmif0
+ atf_check -s exit:0 $HIJACKING brconfig bridge0 protect shmif2
+ atf_check -s exit:0 \
+ -o match:"shmif0.+PROTECTED" \
+ -o match:"shmif2.+PROTECTED" \
+ -o not-match:"shmif1.+PROTECTED" \
+ $HIJACKING brconfig bridge0
+
+ # Protected interfaces: shmif0 shmif2
+ # Learning: -
+ # Input: unicast through shmif0
+ # Output: shmif1
+ reset_if_stats
+ atf_check -s exit:0 -o ignore shmif_pcapin unicast.pcap ${BUS_SHMIF0}
+ atf_check -s exit:0 -o match:"input: 1 packet" rump.ifconfig -v shmif0
+ atf_check -s exit:0 -o match:"output: 1 packet" rump.ifconfig -v shmif1
+ atf_check -s exit:0 -o match:"output: 0 packet" rump.ifconfig -v shmif2
+ $DEBUG && rump.ifconfig -v bridge0
+
+ # Protected interfaces: shmif0 shmif2
+ # Learning: -
+ # Input: broadcast through shmif0
+ # Output: shmif1
+ reset_if_stats
+ atf_check -s exit:0 -o ignore shmif_pcapin broadcast.pcap ${BUS_SHMIF0}
+ atf_check -s exit:0 -o match:"input: 1 packet" rump.ifconfig -v shmif0
+ atf_check -s exit:0 -o match:"output: 1 packet" rump.ifconfig -v shmif1
+ atf_check -s exit:0 -o match:"output: 0 packet" rump.ifconfig -v shmif2
+ $DEBUG && rump.ifconfig -v bridge0
+
+ # Insert a route 00:aa:aa:aa:aa:aa shmif2 to test forwarding path of known-unicast-frame
+ atf_check -s exit:0 $HIJACKING brconfig bridge0 static shmif2 00:aa:aa:aa:aa:aa
+ atf_check -s exit:0 -o match:'00:aa:aa:aa:aa:aa shmif2 0 flags=1<STATIC>' \
+ $HIJACKING brconfig bridge0
+ $DEBUG && $HIJACKING brconfig bridge0
+
+ # Protected interfaces: shmif0 shmif2
+ # Learning: 00:aa:aa:aa:aa:aa shmif2
+ # Input: broadcast through shmif0
+ # Output: -
+ reset_if_stats
+ atf_check -s exit:0 -o ignore shmif_pcapin unicast.pcap ${BUS_SHMIF0}
+ atf_check -s exit:0 -o match:"input: 1 packet" rump.ifconfig -v shmif0
+ atf_check -s exit:0 -o match:"output: 0 packet" rump.ifconfig -v shmif1
+ atf_check -s exit:0 -o match:"output: 0 packet" rump.ifconfig -v shmif2
+ $DEBUG && rump.ifconfig -v bridge0
+
+ # Unprotect shmif2
+ atf_check -s exit:0 $HIJACKING brconfig bridge0 -protect shmif2
+ atf_check -s exit:0 \
+ -o match:"shmif0.+PROTECTED" \
+ -o not-match:"shmif2.+PROTECTED" \
+ -o not-match:"shmif1.+PROTECTED" \
+ $HIJACKING brconfig bridge0
+
+ # Protected interfaces: shmif0
+ # Learning: 00:aa:aa:aa:aa:aa shmif2
+ # Input: broadcast through shmif0
+ # Output: shmif2
+ reset_if_stats
+ atf_check -s exit:0 -o ignore shmif_pcapin unicast.pcap ${BUS_SHMIF0}
+ atf_check -s exit:0 -o match:"input: 1 packet" rump.ifconfig -v shmif0
+ atf_check -s exit:0 -o match:"output: 0 packet" rump.ifconfig -v shmif1
+ atf_check -s exit:0 -o match:"output: 1 packet" rump.ifconfig -v shmif2
+ $DEBUG && rump.ifconfig -v bridge0
+
+ rump_server_destroy_ifaces
}
-bridge_member_ipv6_cleanup()
+add_test()
{
+ local name=$1
+ local desc="$2"
- $DEBUG && dump
- cleanup
+ atf_test_case "bridge_${name}" cleanup
+ eval "bridge_${name}_head() {
+ atf_set descr \"${desc}\"
+ atf_set require.progs rump_server
+ }
+ bridge_${name}_body() {
+ test_${name}
+ }
+ bridge_${name}_cleanup() {
+ \$DEBUG && dump
+ cleanup
+ }"
+ atf_add_test_case "bridge_${name}"
}
atf_init_test_cases()
{
- atf_add_test_case bridge_create_destroy
- atf_add_test_case bridge_ipv4
- atf_add_test_case bridge_ipv6
- atf_add_test_case bridge_member_ipv4
- atf_add_test_case bridge_member_ipv6
+ add_test create_destroy "Tests creating/destroying bridge interfaces"
+ add_test ipv4 "Does basic if_bridge tests (IPv4)"
+ add_test ipv6 "Does basic if_bridge tests (IPv6)"
+ add_test member_ipv4 "Tests if_bridge with members with an IP address (IPv4)"
+ add_test member_ipv6 "Tests if_bridge with members with an IP address (IPv6)"
+ add_test protection "Tests interface protection"
}
Added files:
Index: src/tests/net/if_bridge/broadcast.pcap.uue
diff -u /dev/null src/tests/net/if_bridge/broadcast.pcap.uue:1.1.2.2
--- /dev/null Thu Sep 5 09:27:13 2024
+++ src/tests/net/if_bridge/broadcast.pcap.uue Thu Sep 5 09:27:13 2024
@@ -0,0 +1,5 @@
+begin 644 broadcast.pcap
+MU,.RH0(`!````````````/__```!````0(=S6Q-!#``J````*@````"JJJJJ
+EJO_______P@`10``'``!``!`$:]@P*@`9`H``&0`4`!0``@SS@``
+`
+end
Index: src/tests/net/if_bridge/unicast.pcap.uue
diff -u /dev/null src/tests/net/if_bridge/unicast.pcap.uue:1.1.2.2
--- /dev/null Thu Sep 5 09:27:13 2024
+++ src/tests/net/if_bridge/unicast.pcap.uue Thu Sep 5 09:27:12 2024
@@ -0,0 +1,5 @@
+begin 644 unicast.pcap
+MU,.RH0(`!````````````/__```!````"KIR6R4C!0`J````*@````"JJJJJ
+EJ@`1$1$1$0@`10``'``!``!`$:]@P*@`9`H``&0`4`!0``@SS@``
+`
+end
