git: 2c733b50c5a9 - main - tests/libalias: Portrange

From: Lutz Donnerhacke <donner_at_FreeBSD.org>
Date: Mon, 27 Dec 2021 13:56:17 UTC
The branch main has been updated by donner:

URL: https://cgit.FreeBSD.org/src/commit/?id=2c733b50c5a99cbe4f6eef437e1e3efd720ba306

commit 2c733b50c5a99cbe4f6eef437e1e3efd720ba306
Author:     Lutz Donnerhacke <donner@FreeBSD.org>
AuthorDate: 2021-07-03 22:28:20 +0000
Commit:     Lutz Donnerhacke <donner@FreeBSD.org>
CommitDate: 2021-12-27 13:54:57 +0000

    tests/libalias: Portrange
    
    Test ranges of allowed ports for aliasing.
     - Explicit default like ipfw(8) is doing
     - Regular range
     - Exhausting a very small range
     - Recovery
    
    Includes a fix of an utility macro, which was not used before.
    
    MFC after: 1 week
    Differential Revision: https://reviews.freebsd.org/D31012
---
 tests/sys/netinet/libalias/2_natout.c | 55 +++++++++++++++++++++++++++++++++++
 tests/sys/netinet/libalias/util.h     |  4 +--
 2 files changed, 57 insertions(+), 2 deletions(-)

diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c
index 2b6da8f597ed..4dfffdc055e2 100644
--- a/tests/sys/netinet/libalias/2_natout.c
+++ b/tests/sys/netinet/libalias/2_natout.c
@@ -305,6 +305,60 @@ ATF_TC_BODY(7_stress, dummy)
 	LibAliasUninit(la);
 }
 
+ATF_TC_WITHOUT_HEAD(8_portrange);
+ATF_TC_BODY(8_portrange, dummy)
+{
+	struct libalias *la = LibAliasInit(NULL);
+	struct ip  *po;
+	struct udphdr *uo;
+	uint16_t sport = 0x1234;
+	uint16_t dport = 0x5678;
+	uint16_t aport;
+
+	ATF_REQUIRE(la != NULL);
+	LibAliasSetAddress(la, masq);
+	LibAliasSetMode(la, 0, ~0);
+	po = ip_packet(0, 64);
+
+	LibAliasSetAliasPortRange(la, 0, 0); /* reinit like ipfw */
+	UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+	aport = ntohs(uo->uh_sport);
+	ATF_CHECK(aport >= 0x8000);
+
+	/* Different larger range */
+	LibAliasSetAliasPortRange(la, 2000, 3000);
+	dport++;
+	UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+	aport = ntohs(uo->uh_sport);
+	ATF_CHECK(aport >= 2000 && aport < 3000);
+
+	/* Different small range (contains two ports) */
+	LibAliasSetAliasPortRange(la, 4000, 4001);
+	dport++;
+	UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+	aport = ntohs(uo->uh_sport);
+	ATF_CHECK(aport >= 4000 && aport <= 4001);
+
+	sport++;
+	UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+	aport = ntohs(uo->uh_sport);
+	ATF_CHECK(aport >= 4000 && aport <= 4001);
+
+	/* Third port not available in the range */
+	sport++;
+	UDP_NAT_FAIL(po, uo, prv1, sport, ext, dport);
+
+	/* Back to normal */
+	LibAliasSetAliasPortRange(la, 0, 0);
+	dport++;
+	UDP_NAT_CHECK(po, uo, prv1, sport, ext, dport, masq);
+	aport = ntohs(uo->uh_sport);
+	ATF_CHECK(aport >= 0x8000);
+
+	free(po);
+	LibAliasUninit(la);
+}
+
 ATF_TP_ADD_TCS(natout)
 {
 	/* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */
@@ -317,6 +371,7 @@ ATF_TP_ADD_TCS(natout)
 	ATF_TP_ADD_TC(natout, 5_sameport);
 	ATF_TP_ADD_TC(natout, 6_cleartable);
 	ATF_TP_ADD_TC(natout, 7_stress);
+	ATF_TP_ADD_TC(natout, 8_portrange);
 
 	return atf_no_error();
 }
diff --git a/tests/sys/netinet/libalias/util.h b/tests/sys/netinet/libalias/util.h
index fcec225af658..786e48e41f37 100644
--- a/tests/sys/netinet/libalias/util.h
+++ b/tests/sys/netinet/libalias/util.h
@@ -80,7 +80,7 @@ rand_range(int min, int max)
 	pip->ip_src = src;			\
 	pip->ip_dst = dst;			\
 	res = LibAliasOut(la, pip, len);	\
-	ATF_CHECK_MSG(res != PKT_ALIAS_OK),	\
+	ATF_CHECK_MSG(res != PKT_ALIAS_OK,	\
 	    ">%d< not met !PKT_ALIAS_OK", res);	\
 	ATF_CHECK(addr_eq(src, pip->ip_src));	\
 	ATF_CHECK(addr_eq(dst, pip->ip_dst));	\
@@ -118,7 +118,7 @@ rand_range(int min, int max)
 
 #define UDP_NAT_FAIL(p, u, si, sp, di, dp)	do {	\
 	u = set_udp(p, (sp), (dp));			\
-	NAT_FAIL(p, (si), (mi));			\
+	NAT_FAIL(p, (si), (di));			\
 } while(0)
 
 #define UDP_UNNAT_CHECK(p, u, si, sp, mi, mp, di, dp)	\