#!/usr/bin/env python3 import binascii import random import socket import os import threading import struct import copy import fcntl import time from struct import unpack, unpack_from try: import unittest2 as unittest except ImportError: import unittest from util import ppp, ppc from re import compile import scapy.compat from scapy.packet import Raw from scapy.layers.l2 import Ether from scapy.layers.inet import IP, UDP, ICMP from scapy.layers.ipsec import ESP import scapy.layers.inet6 as inet6 from scapy.layers.inet6 import IPv6, ICMPv6DestUnreach from scapy.contrib.ospf import OSPF_Hdr, OSPFv3_Hello from framework import tag_fixme_vpp_workers from framework import VppTestCase, VppTestRunner from vpp_ip import DpoProto from vpp_ip_route import VppIpRoute, VppRoutePath from vpp_ipsec import VppIpsecSA, VppIpsecTunProtect, VppIpsecInterface from vpp_papi import VppEnum NUM_PKTS = 67 class serverSocketThread(threading.Thread): """ Socket server thread""" def __init__(self, threadID, sockName): threading.Thread.__init__(self) self.threadID = threadID self.sockName = sockName self.sock = None self.rx_pkts = [] self.stop_running = False def rx_packets(self): # Wait for some packets on socket while True: try: data = self.sock.recv(65536) # punt socket metadata # packet_desc = data[0:8] # Ethernet self.rx_pkts.append(Ether(data[8:])) except IOError as e: if e.errno == 11: # nothing to receive, stop running or sleep a little if self.stop_running: break time.sleep(0.1) pass else: raise def run(self): self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM) try: os.unlink(self.sockName) except: pass self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 65536) self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, 65536) fcntl.fcntl(self.sock, fcntl.F_SETFL, os.O_NONBLOCK) self.sock.bind(self.sockName) self.rx_packets() def close(self): self.stop_running = True threading.Thread.join(self) self.sock.close() return self.rx_pkts class TestPuntSocket(VppTestCase): """ Punt Socket """ ports = [1111, 2222, 3333, 4444] sock_servers = list() # FIXME: nr_packets > 3 results in failure # nr_packets = 3 makes the test unstable nr_packets = 2 @classmethod def setUpClass(cls): super(TestPuntSocket, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestPuntSocket, cls).tearDownClass() @classmethod def setUpConstants(cls): cls.extra_vpp_punt_config = [ "punt", "{", "socket", cls.tempdir+"/socket_punt", "}"] super(TestPuntSocket, cls).setUpConstants() def setUp(self): super(TestPuntSocket, self).setUp() random.seed() self.create_pg_interfaces(range(2)) for i in self.pg_interfaces: i.admin_up() def tearDown(self): del self.sock_servers[:] super(TestPuntSocket, self).tearDown() def socket_client_create(self, sock_name, id=None): thread = serverSocketThread(id, sock_name) self.sock_servers.append(thread) thread.start() return thread def socket_client_close(self): rx_pkts = [] for thread in self.sock_servers: rx_pkts += thread.close() return rx_pkts def verify_port(self, pr, vpr): self.assertEqual(vpr.punt.type, pr['type']) self.assertEqual(vpr.punt.punt.l4.port, pr['punt']['l4']['port']) self.assertEqual(vpr.punt.punt.l4.protocol, pr['punt']['l4']['protocol']) self.assertEqual(vpr.punt.punt.l4.af, pr['punt']['l4']['af']) def verify_exception(self, pr, vpr): self.assertEqual(vpr.punt.type, pr['type']) self.assertEqual(vpr.punt.punt.exception.id, pr['punt']['exception']['id']) def verify_ip_proto(self, pr, vpr): self.assertEqual(vpr.punt.type, pr['type']) self.assertEqual(vpr.punt.punt.ip_proto.af, pr['punt']['ip_proto']['af']) self.assertEqual(vpr.punt.punt.ip_proto.protocol, pr['punt']['ip_proto']['protocol']) def verify_udp_pkts(self, rxs, n_rx, port): n_match = 0 for rx in rxs: self.assertTrue(rx.haslayer(UDP)) if rx[UDP].dport == port: n_match += 1 self.assertEqual(n_match, n_rx) def set_port(pr, port): pr['punt']['l4']['port'] = port return pr def set_reason(pr, reason): pr['punt']['exception']['id'] = reason return pr def mk_vpp_cfg4(): pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip4 = VppEnum.vl_api_address_family_t.ADDRESS_IP4 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP punt_l4 = { 'type': pt_l4, 'punt': { 'l4': { 'af': af_ip4, 'protocol': udp_proto } } } return punt_l4 def mk_vpp_cfg6(): pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip6 = VppEnum.vl_api_address_family_t.ADDRESS_IP6 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP punt_l4 = { 'type': pt_l4, 'punt': { 'l4': { 'af': af_ip6, 'protocol': udp_proto } } } return punt_l4 class TestIP4PuntSocket(TestPuntSocket): """ Punt Socket for IPv4 UDP """ @classmethod def setUpClass(cls): super(TestIP4PuntSocket, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIP4PuntSocket, cls).tearDownClass() def setUp(self): super(TestIP4PuntSocket, self).setUp() for i in self.pg_interfaces: i.config_ip4() i.resolve_arp() def tearDown(self): super(TestIP4PuntSocket, self).tearDown() for i in self.pg_interfaces: i.unconfig_ip4() i.admin_down() def test_punt_socket_dump(self): """ Punt socket registration/deregistration""" pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip4 = VppEnum.vl_api_address_family_t.ADDRESS_IP4 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) # # configure a punt socket # punt_l4 = mk_vpp_cfg4() self.vapi.punt_socket_register(set_port(punt_l4, 1111), "%s/socket_punt_1111" % self.tempdir) self.vapi.punt_socket_register(set_port(punt_l4, 2222), "%s/socket_punt_2222" % self.tempdir) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 2) self.verify_port(set_port(punt_l4, 1111), punts[0]) self.verify_port(set_port(punt_l4, 2222), punts[1]) # # deregister a punt socket # self.vapi.punt_socket_deregister(set_port(punt_l4, 1111)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 1) # # configure a punt socket again # self.vapi.punt_socket_register(set_port(punt_l4, 1111), "%s/socket_punt_1111" % self.tempdir) self.vapi.punt_socket_register(set_port(punt_l4, 3333), "%s/socket_punt_3333" % self.tempdir) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 3) self.logger.info(self.vapi.cli("sh punt sock reg")) # # deregister all punt socket # self.vapi.punt_socket_deregister(set_port(punt_l4, 1111)) self.vapi.punt_socket_deregister(set_port(punt_l4, 2222)) self.vapi.punt_socket_deregister(set_port(punt_l4, 3333)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) def test_punt_socket_traffic_single_port_single_socket(self): """ Punt socket traffic single port single socket""" port = self.ports[0] pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 punt_l4 = set_port(mk_vpp_cfg4(), port) p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) / UDP(sport=9876, dport=port) / Raw(b'\xa5' * 100)) pkts = p * self.nr_packets punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) # # expect ICMP - port unreachable for all packets # rx = self.send_and_expect(self.pg0, pkts, self.pg0) for p in rx: self.assertEqual(int(p[IP].proto), 1) # ICMP self.assertEqual(int(p[ICMP].code), 3) # unreachable # # configure a punt socket # self.socket_client_create("%s/socket_%d" % (self.tempdir, port)) self.vapi.punt_socket_register(punt_l4, "%s/socket_%d" % (self.tempdir, port)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 1) # # expect punt socket and no packets on pg0 # self.send_and_assert_no_replies(self.pg0, pkts) rx = self.socket_client_close() self.verify_udp_pkts(rx, len(pkts), port) # # remove punt socket. expect ICMP - port unreachable for all packets # self.vapi.punt_socket_deregister(punt_l4) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) rx = self.send_and_expect(self.pg0, pkts, self.pg0) for p in rx: self.assertEqual(int(p[IP].proto), 1) # ICMP self.assertEqual(int(p[ICMP].code), 3) # unreachable def test_punt_socket_traffic_multi_ports_multi_sockets(self): """ Punt socket traffic multi ports and multi sockets""" punt_l4 = mk_vpp_cfg4() # configuration for each UDP port cfgs = dict() # # create stream of packets for each port # for port in self.ports: # choose port from port list cfgs[port] = {} pkt = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) / UDP(sport=9876, dport=port) / Raw(b'\xa5' * 100)) cfgs[port]['pkts'] = pkt * self.nr_packets cfgs[port]['port'] = port cfgs[port]['vpp'] = copy.deepcopy(set_port(punt_l4, port)) # configure punt sockets cfgs[port]['sock'] = self.socket_client_create( "%s/socket_%d" % (self.tempdir, port)) self.vapi.punt_socket_register( cfgs[port]['vpp'], "%s/socket_%d" % (self.tempdir, port)) # # send the packets that get punted # for cfg in cfgs.values(): self.send_and_assert_no_replies(self.pg0, cfg['pkts']) # # test that we got the excepted packets on the expected socket # for cfg in cfgs.values(): rx = cfg['sock'].close() self.verify_udp_pkts(rx, len(cfg['pkts']), cfg['port']) self.vapi.punt_socket_deregister(cfg['vpp']) def test_punt_socket_traffic_multi_ports_single_socket(self): """ Punt socket traffic multi ports and single socket""" pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 punt_l4 = mk_vpp_cfg4() # # create stream of packets with each port # pkts = [] for port in self.ports: # choose port from port list pkt = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IP(src=self.pg0.remote_ip4, dst=self.pg0.local_ip4) / UDP(sport=9876, dport=port) / Raw(b'\xa5' * 100)) pkts += pkt * self.nr_packets # # configure a punt socket # self.socket_client_create("%s/socket_multi" % self.tempdir) for p in self.ports: self.vapi.punt_socket_register(set_port(punt_l4, p), "%s/socket_multi" % self.tempdir) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), len(self.ports)) # # expect punt socket and no packets on pg0 # self.send_and_assert_no_replies(self.pg0, pkts) self.logger.info(self.vapi.cli("show trace")) rx = self.socket_client_close() for p in self.ports: self.verify_udp_pkts(rx, self.nr_packets, p) self.vapi.punt_socket_deregister(set_port(punt_l4, p)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) class TestIP6PuntSocket(TestPuntSocket): """ Punt Socket for IPv6 UDP """ @classmethod def setUpClass(cls): super(TestIP6PuntSocket, cls).setUpClass() @classmethod def tearDownClass(cls): super(TestIP6PuntSocket, cls).tearDownClass() def setUp(self): super(TestIP6PuntSocket, self).setUp() for i in self.pg_interfaces: i.config_ip6() i.resolve_ndp() def tearDown(self): super(TestIP6PuntSocket, self).tearDown() for i in self.pg_interfaces: i.unconfig_ip6() i.admin_down() def test_punt_socket_dump(self): """ Punt socket registration """ pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip6 = VppEnum.vl_api_address_family_t.ADDRESS_IP6 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP # # configure a punt socket # punt_l4 = { 'type': pt_l4, 'punt': { 'l4': { 'af': af_ip6, 'protocol': udp_proto } } } punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) # # configure a punt socket # self.vapi.punt_socket_register(set_port(punt_l4, 1111), "%s/socket_1111" % self.tempdir) self.vapi.punt_socket_register(set_port(punt_l4, 2222), "%s/socket_2222" % self.tempdir) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 2) self.verify_port(set_port(punt_l4, 1111), punts[0]) self.verify_port(set_port(punt_l4, 2222), punts[1]) # # deregister a punt socket # self.vapi.punt_socket_deregister(set_port(punt_l4, 1111)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 1) # # configure a punt socket again # self.vapi.punt_socket_register(set_port(punt_l4, 1111), "%s/socket_1111" % self.tempdir) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 2) # # deregister all punt socket # self.vapi.punt_socket_deregister(set_port(punt_l4, 1111)) self.vapi.punt_socket_deregister(set_port(punt_l4, 2222)) self.vapi.punt_socket_deregister(set_port(punt_l4, 3333)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) def test_punt_socket_traffic_single_port_single_socket(self): """ Punt socket traffic single port single socket""" port = self.ports[0] pt_l4 = VppEnum.vl_api_punt_type_t.PUNT_API_TYPE_L4 af_ip6 = VppEnum.vl_api_address_family_t.ADDRESS_IP6 udp_proto = VppEnum.vl_api_ip_proto_t.IP_API_PROTO_UDP punt_l4 = { 'type': pt_l4, 'punt': { 'l4': { 'af': af_ip6, 'protocol': udp_proto, 'port': port, } } } p = (Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac) / IPv6(src=self.pg0.remote_ip6, dst=self.pg0.local_ip6) / inet6.UDP(sport=9876, dport=port) / Raw(b'\xa5' * 100)) pkts = p * self.nr_packets punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 0) # # expect ICMPv6 - destination unreachable for all packets # self.vapi.cli("clear trace") self.pg0.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() # FIXME - when punt socket deregister is implemented # rx = self.pg0.get_capture(self.nr_packets) # for p in rx: # self.assertEqual(int(p[IPv6].nh), 58) # ICMPv6 # self.assertEqual(int(p[ICMPv6DestUnreach].code),4) # unreachable # # configure a punt socket # self.socket_client_create("%s/socket_%d" % (self.tempdir, port)) self.vapi.punt_socket_register(punt_l4, "%s/socket_%d" % (self.tempdir, port)) punts = self.vapi.punt_socket_dump(type=pt_l4) self.assertEqual(len(punts), 1) # # expect punt socket and no packets on pg0 # self.vapi.cli("clear errors") self.vapi.cli("clear trace") self.pg0.add_stream(pkts) self.pg_enable_capture(self.pg_interfaces) self.pg_start() self.pg0.get_capture(0) self.logger.info(self.vapi.cli("show trace")) rx = self.socket_client_close() self.verify_udp_pkts(rx, len(pkts), port) # # remove punt socket. expect ICMP - dest. u
/*
 * Copyright (c) 2015 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/*
  Copyright (c) 2001, 2002, 2003 Eliot Dresselhaus

  Permission is hereby granted, free of charge, to any person obtaining
  a copy of this software and associated documentation files (the
  "Software"), to deal in the Software without restriction, including
  without limitation the rights to use, copy, modify, merge, publish,
  distribute, sublicense, and/or sell copies of the Software, and to
  permit persons to whom the Software is furnished to do so, subject to
  the following conditions:

  The above copyright notice and this permission notice shall be
  included in all copies or substantial portions of the Software.

  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/

#include <vppinfra/format.h>
#include <ctype.h>

/* Format vectors. */
u8 *
format_vec32 (u8 * s, va_list * va)
{
  u32 *v = va_arg (*va, u32 *);
  char *fmt = va_arg (*va, char *);
  uword i;
  for (i = 0; i < vec_len (v); i++)
    {
      if (i > 0)
	s = format (s, ", ");
      s = format (s, fmt, v[i]);
    }
  return s;
}

u8 *
format_vec_uword (u8 * s, va_list * va)
{
  uword *v = va_arg (*va, uword *);
  char *fmt = va_arg (*va, char *);
  uword i;
  for (i = 0; i < vec_len (v); i++)
    {
      if (i > 0)
	s = format (s, ", ");
      s = format (s, fmt, v[i]);
    }
  return s;
}

/* Ascii buffer and length. */
u8 *
format_ascii_bytes (u8 * s, va_list * va)
{
  u8 *v = va_arg (*va, u8 *);
  uword n_bytes = va_arg (*va, uword);
  vec_add (s, v, n_bytes);
  return s;
}

/* Format hex dump. */
u8 *
format_hex_bytes (u8 * s, va_list * va)
{
  u8 *bytes = va_arg (*va, u8 *);
  int n_bytes = va_arg (*va, int);
  uword i;

  /* Print short or long form depending on byte count. */
  uword short_form = n_bytes <= 32;
  u32 indent = format_get_indent (s);

  if (n_bytes == 0)
    return s;

  for (i = 0; i < n_bytes; i++)
    {
      if (!short_form && (i % 32) == 0)
	s = format (s, "%08x: ", i);

      s = format (s, "%02x", bytes[i]);

      if (!short_form && ((i + 1) % 32) == 0 && (i + 1) < n_bytes)
	s = format (s, "\n%U", format_white_space, indent);
    }

  return s;
}

u8 *
format_hex_bytes_no_wrap (u8 * s, va_list * va)
{
  u8 *bytes = va_arg (*va, u8 *);
  int n_bytes = va_arg (*va, int);
  uword i;

  if (n_bytes == 0)
    return s;

  for (i