blob: 68c80d0ec1ec8dc5a0dc02e4cb546aada9a72125 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0
lib_dir=$(dirname $0)/../../../net/forwarding
ALL_TESTS="
shared_block_drop_test
egress_redirect_test
multi_mirror_test
"
NUM_NETIFS=2
source $lib_dir/tc_common.sh
source $lib_dir/lib.sh
switch_create()
{
simple_if_init $swp1 192.0.2.1/24
simple_if_init $swp2 192.0.2.2/24
}
switch_destroy()
{
simple_if_fini $swp2 192.0.2.2/24
simple_if_fini $swp1 192.0.2.1/24
}
shared_block_drop_test()
{
RET=0
# It is forbidden in mlxsw driver to have mixed-bound
# shared block with a drop rule.
tc qdisc add dev $swp1 ingress_block 22 clsact
check_err $? "Failed to create clsact with ingress block"
tc filter add block 22 protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 action drop
check_err $? "Failed to add drop rule to ingress bound block"
tc qdisc add dev $swp2 ingress_block 22 clsact
check_err $? "Failed to create another clsact with ingress shared block"
tc qdisc del dev $swp2 clsact
tc qdisc add dev $swp2 egress_block 22 clsact
check_fail $? "Incorrect success to create another clsact with egress shared block"
tc filter del block 22 protocol ip pref 1 handle 101 flower
tc qdisc add dev $swp2 egress_block 22 clsact
check_err $? "Failed to create another clsact with egress shared block after blocker drop rule removed"
tc filter add block 22 protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 action drop
check_fail $? "Incorrect success to add drop rule to mixed bound block"
tc qdisc del dev $swp1 clsact
tc qdisc add dev $swp1 egress_block 22 clsact
check_err $? "Failed to create another clsact with egress shared block"
tc filter add block 22 protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 action drop
check_err $? "Failed to add drop rule to egress bound shared block"
tc filter del block 22 protocol ip pref 1 handle 101 flower
tc qdisc del dev $swp2 clsact
tc qdisc del dev $swp1 clsact
log_test "shared block drop"
}
egress_redirect_test()
{
RET=0
# It is forbidden in mlxsw driver to have mirred redirect on
# egress-bound block.
tc qdisc add dev $swp1 ingress_block 22 clsact
check_err $? "Failed to create clsact with ingress block"
tc filter add block 22 protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 \
action mirred egress redirect dev $swp2
check_err $? "Failed to add redirect rule to ingress bound block"
tc qdisc add dev $swp2 ingress_block 22 clsact
check_err $? "Failed to create another clsact with ingress shared block"
tc qdisc del dev $swp2 clsact
tc qdisc add dev $swp2 egress_block 22 clsact
check_fail $? "Incorrect success to create another clsact with egress shared block"
tc filter del block 22 protocol ip pref 1 handle 101 flower
tc qdisc add dev $swp2 egress_block 22 clsact
check_err $? "Failed to create another clsact with egress shared block after blocker redirect rule removed"
tc filter add block 22 protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 \
action mirred egress redirect dev $swp2
check_fail $? "Incorrect success to add redirect rule to mixed bound block"
tc qdisc del dev $swp1 clsact
tc qdisc add dev $swp1 egress_block 22 clsact
check_err $? "Failed to create another clsact with egress shared block"
tc filter add block 22 protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 \
action mirred egress redirect dev $swp2
check_fail $? "Incorrect success to add redirect rule to egress bound shared block"
tc qdisc del dev $swp2 clsact
tc filter add block 22 protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 \
action mirred egress redirect dev $swp2
check_fail $? "Incorrect success to add redirect rule to egress bound block"
tc qdisc del dev $swp1 clsact
log_test "shared block drop"
}
multi_mirror_test()
{
RET=0
# It is forbidden in mlxsw driver to have multiple mirror
# actions in a single rule.
tc qdisc add dev $swp1 clsact
tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 \
action mirred egress mirror dev $swp2
check_err $? "Failed to add rule with single mirror action"
tc filter del dev $swp1 ingress protocol ip pref 1 handle 101 flower
tc filter add dev $swp1 ingress protocol ip pref 1 handle 101 flower \
skip_sw dst_ip 192.0.2.2 \
action mirred egress mirror dev $swp2 \
action mirred egress mirror dev $swp1
check_fail $? "Incorrect success to add rule with two mirror actions"
tc qdisc del dev $swp1 clsact
log_test "multi mirror"
}
setup_prepare()
{
swp1=${NETIFS[p1]}
swp2=${NETIFS[p2]}
vrf_prepare
switch_create
}
cleanup()
{
pre_cleanup
switch_destroy
vrf_cleanup
}
check_tc_shblock_support
trap cleanup EXIT
setup_prepare
setup_wait
tests_run
exit $EXIT_STATUS
|