tests: py: extend ip frag-off coverage

commit 3e22505e470966635facc0395541ec80c587c063 upstream.

Cover matching on DF and MF bits and fragments.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/py/ip/ip.t b/tests/py/ip/ip.t
index 6542e9ee925f281ddc6bac802c08526f04aca9f2..e6999c29478b7ffaf11d09876405e54066b9a2ed 100644 (file)
--- a/tests/py/ip/ip.t
+++ b/tests/py/ip/ip.t
@@ -54,6 +54,9 @@ ip frag-off 0x21-0x2d;ok
 ip frag-off != 0x21-0x2d;ok
 ip frag-off { 0x21, 0x37, 0x43, 0x58};ok
 ip frag-off != { 0x21, 0x37, 0x43, 0x58};ok
+ip frag-off & 0x1fff != 0x0;ok
+ip frag-off & 0x2000 != 0x0;ok
+ip frag-off & 0x4000 != 0x0;ok
 
 ip ttl 0 drop;ok
 ip ttl 233;ok

diff --git a/tests/py/ip/ip.t.json b/tests/py/ip/ip.t.json
index 1beabaa5590b0c6f720115ed319ea6e6ce9fb85b..a170e5c159651bd2dffaced05146166647316b10 100644 (file)
--- a/tests/py/ip/ip.t.json
+++ b/tests/py/ip/ip.t.json
@@ -501,6 +501,69 @@
     }
 ]
 
+# ip frag-off & 0x1fff != 0x0
+[
+    {
+        "match": {
+            "left": {
+                "&": [
+                    {
+                        "payload": {
+                            "field": "frag-off",
+                            "protocol": "ip"
+                        }
+                    },
+                    8191
+                ]
+            },
+            "op": "!=",
+            "right": 0
+        }
+    }
+]
+
+# ip frag-off & 0x2000 != 0x0
+[
+    {
+        "match": {
+            "left": {
+                "&": [
+                    {
+                        "payload": {
+                            "field": "frag-off",
+                            "protocol": "ip"
+                        }
+                    },
+                    8192
+                ]
+            },
+            "op": "!=",
+            "right": 0
+        }
+    }
+]
+
+# ip frag-off & 0x4000 != 0x0
+[
+    {
+        "match": {
+            "left": {
+                "&": [
+                    {
+                        "payload": {
+                            "field": "frag-off",
+                            "protocol": "ip"
+                        }
+                    },
+                    16384
+                ]
+            },
+            "op": "!=",
+            "right": 0
+        }
+    }
+]
+
 # ip ttl 0 drop
 [
     {

diff --git a/tests/py/ip/ip.t.payload b/tests/py/ip/ip.t.payload
index 697738019c8357a51e5b842ed05458c784e72e61..d7ddf7be0c3b486a5379fa2cc8291a7ae8d4ea32 100644 (file)
--- a/tests/py/ip/ip.t.payload
+++ b/tests/py/ip/ip.t.payload
@@ -162,6 +162,24 @@ ip test-ip4 input
   [ payload load 2b @ network header + 6 => reg 1 ]
   [ lookup reg 1 set __set%d 0x1 ]
 
+# ip frag-off & 0x1fff != 0x0
+ip test-ip4 input
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x0000ff1f ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x2000 != 0x0
+ip test-ip4 input
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000020 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x4000 != 0x0
+ip test-ip4 input
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000040 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
 # ip ttl 0 drop
 ip test-ip4 input
   [ payload load 1b @ network header + 8 => reg 1 ]

diff --git a/tests/py/ip/ip.t.payload.bridge b/tests/py/ip/ip.t.payload.bridge
index c04f6d6c98088c88457788da1490d612c2cb152e..53f881d336df48b870d0c4c2eaeaadecb2f21e86 100644 (file)
--- a/tests/py/ip/ip.t.payload.bridge
+++ b/tests/py/ip/ip.t.payload.bridge
@@ -212,6 +212,30 @@ bridge test-bridge input
   [ payload load 2b @ network header + 6 => reg 1 ]
   [ lookup reg 1 set __set%d 0x1 ]
 
+# ip frag-off & 0x1fff != 0x0
+bridge test-bridge input 
+  [ meta load protocol => reg 1 ]
+  [ cmp eq reg 1 0x00000008 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x0000ff1f ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x2000 != 0x0
+bridge test-bridge input 
+  [ meta load protocol => reg 1 ]
+  [ cmp eq reg 1 0x00000008 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000020 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x4000 != 0x0
+bridge test-bridge input 
+  [ meta load protocol => reg 1 ]
+  [ cmp eq reg 1 0x00000008 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000040 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
 # ip ttl 0 drop
 bridge test-bridge input 
   [ meta load protocol => reg 1 ]

diff --git a/tests/py/ip/ip.t.payload.inet b/tests/py/ip/ip.t.payload.inet
index 83e35aacf6f89f42456bad1a931492a7d18d30cd..08674c98e022e023a0e13966cbdf5609a38b8109 100644 (file)
--- a/tests/py/ip/ip.t.payload.inet
+++ b/tests/py/ip/ip.t.payload.inet
@@ -212,6 +212,30 @@ inet test-inet input
   [ payload load 2b @ network header + 6 => reg 1 ]
   [ lookup reg 1 set __set%d 0x1 ]
 
+# ip frag-off & 0x1fff != 0x0
+inet test-inet input
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x0000ff1f ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x2000 != 0x0
+inet test-inet input
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000020 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x4000 != 0x0
+inet test-inet input
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000040 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
 # ip ttl 0 drop
 inet test-inet input
   [ meta load nfproto => reg 1 ]

diff --git a/tests/py/ip/ip.t.payload.netdev b/tests/py/ip/ip.t.payload.netdev
index bcadc579791e5cf7e93a3d0d37950dd4c80ac851..8220b05d11c15926d4172c97a3b0320a7c809b37 100644 (file)
--- a/tests/py/ip/ip.t.payload.netdev
+++ b/tests/py/ip/ip.t.payload.netdev
@@ -146,6 +146,30 @@ netdev test-netdev ingress
   [ payload load 2b @ network header + 6 => reg 1 ]
   [ lookup reg 1 set __set%d 0x1 ]
 
+# ip frag-off & 0x1fff != 0x0
+netdev x y
+  [ meta load protocol => reg 1 ]
+  [ cmp eq reg 1 0x00000008 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x0000ff1f ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x2000 != 0x0
+netdev x y
+  [ meta load protocol => reg 1 ]
+  [ cmp eq reg 1 0x00000008 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000020 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
+# ip frag-off & 0x4000 != 0x0
+netdev x y
+  [ meta load protocol => reg 1 ]
+  [ cmp eq reg 1 0x00000008 ]
+  [ payload load 2b @ network header + 6 => reg 1 ]
+  [ bitwise reg 1 = ( reg 1 & 0x00000040 ) ^ 0x00000000 ]
+  [ cmp neq reg 1 0x00000000 ]
+
 # ip ttl 0 drop
 netdev test-netdev ingress 
   [ meta load protocol => reg 1 ]