test_tcp_check_syncookie.sh (1740B)
1#!/bin/sh 2# SPDX-License-Identifier: GPL-2.0 3# Copyright (c) 2018 Facebook 4# Copyright (c) 2019 Cloudflare 5 6set -eu 7readonly NS1="ns1-$(mktemp -u XXXXXX)" 8 9wait_for_ip() 10{ 11 local _i 12 printf "Wait for IP %s to become available " "$1" 13 for _i in $(seq ${MAX_PING_TRIES}); do 14 printf "." 15 if ns1_exec ping -c 1 -W 1 "$1" >/dev/null 2>&1; then 16 echo " OK" 17 return 18 fi 19 sleep 1 20 done 21 echo 1>&2 "ERROR: Timeout waiting for test IP to become available." 22 exit 1 23} 24 25get_prog_id() 26{ 27 awk '/ id / {sub(/.* id /, "", $0); print($1)}' 28} 29 30ns1_exec() 31{ 32 ip netns exec ${NS1} "$@" 33} 34 35setup() 36{ 37 ip netns add ${NS1} 38 ns1_exec ip link set lo up 39 40 ns1_exec sysctl -w net.ipv4.tcp_syncookies=2 41 ns1_exec sysctl -w net.ipv4.tcp_window_scaling=0 42 ns1_exec sysctl -w net.ipv4.tcp_timestamps=0 43 ns1_exec sysctl -w net.ipv4.tcp_sack=0 44 45 wait_for_ip 127.0.0.1 46 wait_for_ip ::1 47} 48 49cleanup() 50{ 51 ip netns del ns1 2>/dev/null || : 52} 53 54main() 55{ 56 trap cleanup EXIT 2 3 6 15 57 setup 58 59 printf "Testing clsact..." 60 ns1_exec tc qdisc add dev "${TEST_IF}" clsact 61 ns1_exec tc filter add dev "${TEST_IF}" ingress \ 62 bpf obj "${BPF_PROG_OBJ}" sec "${CLSACT_SECTION}" da 63 64 BPF_PROG_ID=$(ns1_exec tc filter show dev "${TEST_IF}" ingress | \ 65 get_prog_id) 66 ns1_exec "${PROG}" "${BPF_PROG_ID}" 67 ns1_exec tc qdisc del dev "${TEST_IF}" clsact 68 69 printf "Testing XDP..." 70 ns1_exec ip link set "${TEST_IF}" xdp \ 71 object "${BPF_PROG_OBJ}" section "${XDP_SECTION}" 72 BPF_PROG_ID=$(ns1_exec ip link show "${TEST_IF}" | get_prog_id) 73 ns1_exec "${PROG}" "${BPF_PROG_ID}" 74} 75 76DIR=$(dirname $0) 77TEST_IF=lo 78MAX_PING_TRIES=5 79BPF_PROG_OBJ="${DIR}/test_tcp_check_syncookie_kern.o" 80CLSACT_SECTION="tc" 81XDP_SECTION="xdp" 82BPF_PROG_ID=0 83PROG="${DIR}/test_tcp_check_syncookie_user" 84 85main