xref: /netbsd-src/tests/net/ipsec/common.sh (revision f26b5d9d1135041c6205577ad6d4eb0c4ff8c173) 
1#	$NetBSD: common.sh,v 1.8 2020/06/05 03:24:58 knakahara Exp $
2#
3# Copyright (c) 2017 Internet Initiative Japan Inc.
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
9# 1. Redistributions of source code must retain the above copyright
10#    notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright
12#    notice, this list of conditions and the following disclaimer in the
13#    documentation and/or other materials provided with the distribution.
14#
15# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
16# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
17# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
18# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
19# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
20# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
21# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
23# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
24# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
25# POSSIBILITY OF SUCH DAMAGE.
26#
27
28HIJACKING_NPF="${HIJACKING},blanket=/dev/npf"
29
30test_flush_entries()
31{
32	local sock=$1
33
34	export RUMP_SERVER=$sock
35
36	atf_check -s exit:0 -o empty $HIJACKING setkey -F
37	atf_check -s exit:0 -o empty $HIJACKING setkey -F -P
38	atf_check -s exit:0 -o match:"No SAD entries." $HIJACKING setkey -D -a
39	atf_check -s exit:0 -o match:"No SPD entries." $HIJACKING setkey -D -P
40}
41
42check_sa_entries()
43{
44	local sock=$1
45	local local_addr=$2
46	local remote_addr=$3
47
48	export RUMP_SERVER=$sock
49
50	$DEBUG && $HIJACKING setkey -D
51
52	atf_check -s exit:0 -o match:"$local_addr $remote_addr" \
53	    $HIJACKING setkey -D
54	atf_check -s exit:0 -o match:"$remote_addr $local_addr" \
55	    $HIJACKING setkey -D
56	# TODO: more detail checks
57}
58
59check_sp_entries()
60{
61	local sock=$1
62	local local_addr=$2
63	local remote_addr=$3
64
65	export RUMP_SERVER=$sock
66
67	$DEBUG && $HIJACKING setkey -D -P
68
69	atf_check -s exit:0 \
70	    -o match:"$local_addr\[any\] $remote_addr\[any\] 255\(reserved\)" \
71	    $HIJACKING setkey -D -P
72	atf_check -s exit:0 \
73	    -o match:"$remote_addr\[any\] $local_addr\[any\] 255\(reserved\)" \
74	    $HIJACKING setkey -D -P
75	# TODO: more detail checks
76}
77
78generate_pktproto()
79{
80	local proto=$1
81
82	if [ $proto = ipcomp ]; then
83		echo IPComp
84	else
85		echo $proto | tr 'a-z' 'A-Z'
86	fi
87}
88
89get_natt_port()
90{
91	local local_addr=$1
92	local remote_addr=$2
93	local port=""
94
95	# 10.0.1.2:4500         20.0.0.2:4500         shmif1     20.0.0.1:35574
96	port=$($HIJACKING_NPF npfctl list | grep $local_addr | awk -F "${remote_addr}:" '/4500/ {print $2;}')
97	echo $port
98}
99