summaryrefslogtreecommitdiffstats
path: root/test/asf/test_adl.py
blob: 70d32bce9dace0e7272070abc2e77a819fc8bb6b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
#!/usr/bin/env python3

import unittest

from asfframework import VppAsfTestCase, VppTestRunner
from config import config


@unittest.skipIf("adl" in config.excluded_plugins, "Exclude ADL plugin tests")
class TestAdl(VppAsfTestCase):
    """Allow/Deny Plugin Unit Test Cases"""

    @classmethod
    def setUpClass(cls):
        super(TestAdl, cls).setUpClass()

    @classmethod
    def tearDownClass(cls):
        super(TestAdl, cls).tearDownClass()

    def setUp(self):
        super(TestAdl, self).setUp()

    def tearDown(self):
        super(TestAdl, self).tearDown()

    def test_adl1_unittest(self):
        """Plugin API Test"""
        cmds = [
            "loop create\n",
            "set int ip address loop0 192.168.1.1/24\n",
            "set int ip6 table loop0 0\n",
            "set int ip address loop0 2001:db01::1/64\n",
            "set int state loop0 up\n",
            "packet-generator new {\n"
            " name ip4\n"
            " limit 100\n"
            " rate 0\n"
            " size 128-128\n"
            " interface loop0\n"
            " node adl-input\n"
            " data { IP4: 1.2.40 -> 3cfd.fed0.b6c8\n"
            "        UDP: 192.168.1.2-192.168.1.10 -> 192.168.2.1\n"
            "        UDP: 1234 -> 2345\n"
            "        incrementing 114\n"
            "       }\n"
            " }\n",
            "packet-generator new {\n"
            " name ip6-allow\n"
            " limit 50\n"
            " rate 0\n"
            " size 128-128\n"
            " interface loop0\n"
            " node adl-input\n"
            " data { IP6: 1.2.40 -> 3cfd.fed0.b6c8\n"
            "        UDP: 2001:db01::2 -> 2001:db01::1\n"
            "        UDP: 1234 -> 2345\n"
            "        incrementing 80\n"
            "      }\n"
            " }\n",
            "packet-generator new {\n"
            " name ip6-drop\n"
            " limit 50\n"
            " rate 0\n"
            " size 128-128\n"
            " interface loop0\n"
            " node adl-input\n"
            " data { IP6: 1.2.40 -> 3cfd.fed0.b6c8\n"
            "        UDP: 2001:db01::3 -> 2001:db01::1\n"
            "        UDP: 1234 -> 2345\n"
            "        incrementing 80\n"
            "      }\n"
            " }\n",
            "ip table 1\n",
            "ip route add 192.168.2.1/32 via drop\n",
            "ip route add table 1 192.168.1.2/32 via local\n",
            "ip6 table 1\n",
            "ip route add 2001:db01::1/128 via drop\n",
            "ip route add table 1 2001:db01::2/128 via local\n",
            "bin adl_interface_enable_disable loop0\n",
            "bin adl_allowlist_enable_disable loop0 fib-id 1 ip4 ip6\n",
            "pa en\n",
        ]

        for cmd in cmds:
            r = self.vapi.cli_return_response(cmd)
            if r.retval != 0:
                if hasattr(r, "reply"):
                    self.logger.info(cmd + " FAIL reply " + r.reply)
                else:
                    self.logger.info(cmd + " FAIL retval " + str(r.retval))

        total_pkts = self.statistics.get_err_counter(
            "/err/adl-input/Allow/Deny packets processed"
        )

        self.assertEqual(total_pkts, 200)

        ip4_allow = self.statistics.get_err_counter(
            "/err/ip4-adl-allowlist/ip4 allowlist allowed"
        )
        self.assertEqual(ip4_allow, 12)
        ip6_allow = self.statistics.get_err_counter(
            "/err/ip6-adl-allowlist/ip6 allowlist allowed"
        )
        self.assertEqual(ip6_allow, 50)


if __name__ == "__main__":
    unittest.main(testRunner=VppTestRunner)