diff options
author | Jakub Grajciar <jgrajcia@cisco.com> | 2019-05-27 12:23:57 +0200 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2019-05-28 15:35:54 +0000 |
commit | f34f1a424ec9d01533c9979863ac259623d05740 (patch) | |
tree | 17c65325e69d5b21e65a48e7f89fe005312398f5 | |
parent | a618e2082dfcda0aedba19b80e50e29667740602 (diff) |
l2tp: l2tp-decap-local don't accept packets unless configured
Change-Id: I2e48eb772dc44912192d0684b8ee631d8d975e9e
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
-rw-r--r-- | src/vnet/l2tp/decap.c | 8 | ||||
-rw-r--r-- | src/vnet/l2tp/l2tp.c | 9 | ||||
-rw-r--r-- | src/vnet/l2tp/l2tp.h | 3 | ||||
-rw-r--r-- | test/test_l2tp.py | 48 |
4 files changed, 58 insertions, 10 deletions
diff --git a/src/vnet/l2tp/decap.c b/src/vnet/l2tp/decap.c index 5fc25f55226..787cc115a7e 100644 --- a/src/vnet/l2tp/decap.c +++ b/src/vnet/l2tp/decap.c @@ -292,14 +292,6 @@ VLIB_REGISTER_NODE (l2t_decap_local_node) = { }; /* *INDENT-ON* */ -#ifndef CLIB_MARCH_VARIANT -void -l2tp_decap_init (void) -{ - ip6_register_protocol (IP_PROTOCOL_L2TP, l2t_decap_local_node.index); -} -#endif /* CLIB_MARCH_VARIANT */ - /* * fd.io coding-style-patch-verification: ON * diff --git a/src/vnet/l2tp/l2tp.c b/src/vnet/l2tp/l2tp.c index 6758db39c17..42ecfa619a5 100644 --- a/src/vnet/l2tp/l2tp.c +++ b/src/vnet/l2tp/l2tp.c @@ -399,6 +399,12 @@ create_l2tpv3_ipv6_tunnel (l2t_main_t * lm, if (sw_if_index) *sw_if_index = hi->sw_if_index; + if (!lm->proto_registered) + { + ip6_register_protocol (IP_PROTOCOL_L2TP, l2t_decap_local_node.index); + lm->proto_registered = true; + } + return 0; } @@ -729,9 +735,10 @@ l2tp_init (vlib_main_t * vm) pi = ip_get_protocol_info (im, IP_PROTOCOL_L2TP); pi->unformat_pg_edit = unformat_pg_l2tp_header; + lm->proto_registered = false; + /* insure these nodes are included in build */ l2tp_encap_init (vm); - l2tp_decap_init (); return 0; } diff --git a/src/vnet/l2tp/l2tp.h b/src/vnet/l2tp/l2tp.h index a91f00c282a..49873380057 100644 --- a/src/vnet/l2tp/l2tp.h +++ b/src/vnet/l2tp/l2tp.h @@ -80,6 +80,8 @@ typedef struct vlib_main_t *vlib_main; vnet_main_t *vnet_main; + bool proto_registered; + } l2t_main_t; /* Packet trace structure */ @@ -118,7 +120,6 @@ typedef struct uword unformat_pg_l2tp_header (unformat_input_t * input, va_list * args); void l2tp_encap_init (vlib_main_t * vm); -void l2tp_decap_init (void); int create_l2tpv3_ipv6_tunnel (l2t_main_t * lm, ip6_address_t * client_address, ip6_address_t * our_address, diff --git a/test/test_l2tp.py b/test/test_l2tp.py new file mode 100644 index 00000000000..1d229e6e356 --- /dev/null +++ b/test/test_l2tp.py @@ -0,0 +1,48 @@ +#!/usr/bin/env python + +import unittest + +from scapy.layers.l2 import Ether +from scapy.layers.inet6 import IPv6 + +from framework import VppTestCase + + +class TestL2tp(VppTestCase): + """ L2TP Test Case """ + + @classmethod + def setUpClass(cls): + super(TestL2tp, cls).setUpClass() + + cls.create_pg_interfaces(range(1)) + cls.pg0.admin_up() + cls.pg0.config_ip6() + + def test_l2tp_decap_local(self): + """ L2TP don't accept packets unless configured """ + + pkt = (Ether(dst=self.pg0.local_mac, src=self.pg0.remote_mac) / + IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6, nh=115)) + + self.pg0.add_stream(pkt) + self.pg_start() + + # l2tp should not accept packets + err = self.statistics.get_counter( + '/err/l2tp-decap-local/l2tpv3 session not found')[0] + self.assertEqual(err, 0) + err_count = err + + self.vapi.l2tpv3_create_tunnel(client_address=self.pg0.local_ip6n, + our_address=self.pg0.remote_ip6n, + is_ipv6=1) + + self.pg0.add_stream(pkt) + self.pg_start() + + # l2tp accepts packets + err = self.statistics.get_counter( + '/err/l2tp-decap-local/l2tpv3 session not found')[0] + self.assertEqual(err, 1) + err_count = err |