diff options
author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2015-12-04 20:48:25 +0000 |
---|---|---|
committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2015-12-04 20:48:25 +0000 |
commit | 8b0405467c507daa8bc39cacc23a40461d04a48f (patch) | |
tree | 1cfb737cac9680f777699866fc224962db2f3cc8 /regress | |
parent | b97aaf766ea863824b29b1cdc9364743ebb2771d (diff) |
Enter a static ARP entry for a fake address which is not published
by the ARP proxy. The kernel must not answer ARP requests for such
addresss. This test triggers a misbehavior in ART as it currently
answers in such situations. Radix tree works fine as it uses 33
bit IPv4 entries for ARP proxy.
Diffstat (limited to 'regress')
-rw-r--r-- | regress/sys/netinet/arp/Makefile | 40 | ||||
-rw-r--r-- | regress/sys/netinet/arp/arp_nonproxy.py | 22 |
2 files changed, 47 insertions, 15 deletions
diff --git a/regress/sys/netinet/arp/Makefile b/regress/sys/netinet/arp/Makefile index 6f141cd5b97..ad62c212fbc 100644 --- a/regress/sys/netinet/arp/Makefile +++ b/regress/sys/netinet/arp/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.1 2015/11/05 01:49:12 bluhm Exp $ +# $OpenBSD: Makefile,v 1.2 2015/12/04 20:48:24 bluhm Exp $ # The following ports must be installed: # @@ -91,7 +91,7 @@ run-regress-arp-request: addr.py @echo Send ARP Request for remote address and insert local address ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${LOCAL_ADDR} ${SUDO} ${PYTHON}arp_request.py - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log grep '^${LOCAL_ADDR} .* ${LOCAL_MAC} ' arp.log TARGETS += arp-multicast @@ -103,7 +103,7 @@ run-regress-arp-multicast: addr.py scp ${REMOTE_SSH}:/var/log/messages old.log ${SUDO} ${PYTHON}arp_multicast.py scp ${REMOTE_SSH}:/var/log/messages new.log - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${LOCAL_ADDR} diff old.log new.log | grep '^> ' >diff.log grep 'bsd: arp info overwritten for ${LOCAL_ADDR} by 33:33:33:33:33:33' diff.log @@ -134,10 +134,10 @@ run-regress-arp-announcement: addr.py scp ${REMOTE_SSH}:/var/log/messages old.log ${SUDO} ${PYTHON}arp_announcement.py scp ${REMOTE_SSH}:/var/log/messages new.log - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log diff old.log new.log | grep '^> ' >diff.log grep 'bsd: duplicate IP address ${REMOTE_ADDR} sent from ethernet address ${LOCAL_MAC}' diff.log - grep '^${REMOTE_ADDR} .* ${REMOTE_MAC} .* permanent ' arp.log + grep '^${REMOTE_ADDR} .* ${REMOTE_MAC} .* permanent * l$$' arp.log TARGETS += arp-gratuitous run-regress-arp-gratuitous: addr.py @@ -147,10 +147,10 @@ run-regress-arp-gratuitous: addr.py scp ${REMOTE_SSH}:/var/log/messages old.log ${SUDO} ${PYTHON}arp_gratuitous.py scp ${REMOTE_SSH}:/var/log/messages new.log - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log diff old.log new.log | grep '^> ' >diff.log grep 'bsd: duplicate IP address ${REMOTE_ADDR} sent from ethernet address ${LOCAL_MAC}' diff.log - grep '^${REMOTE_ADDR} .* ${REMOTE_MAC} .* permanent ' arp.log + grep '^${REMOTE_ADDR} .* ${REMOTE_MAC} .* permanent * l$$' arp.log TARGETS += arp-permanent run-regress-arp-permanent: addr.py @@ -161,11 +161,11 @@ run-regress-arp-permanent: addr.py scp ${REMOTE_SSH}:/var/log/messages old.log ${SUDO} ${PYTHON}arp_fake.py scp ${REMOTE_SSH}:/var/log/messages new.log - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${FAKE_ADDR} diff old.log new.log | grep '^> ' >diff.log grep 'bsd: arp: attempt to overwrite permanent entry for ${FAKE_ADDR} by ${LOCAL_MAC}' diff.log - grep '^${FAKE_ADDR} .* ${FAKE_MAC} .* permanent ' arp.log + grep '^${FAKE_ADDR} .* ${FAKE_MAC} .* permanent * $$' arp.log TARGETS += arp-address run-regress-arp-address: addr.py @@ -175,10 +175,10 @@ run-regress-arp-address: addr.py scp ${REMOTE_SSH}:/var/log/messages old.log ${SUDO} ${PYTHON}arp_other.py scp ${REMOTE_SSH}:/var/log/messages new.log - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log diff old.log new.log | grep '^> ' >diff.log grep 'bsd: arp: attempt to overwrite permanent entry for ${OTHER_ADDR} by ${LOCAL_MAC}' diff.log - grep '^${OTHER_ADDR} .* permanent ' arp.log + grep '^${OTHER_ADDR} .* permanent * l$$' arp.log TARGETS += arp-temporary run-regress-arp-temporary: addr.py @@ -189,7 +189,7 @@ run-regress-arp-temporary: addr.py scp ${REMOTE_SSH}:/var/log/messages old.log ${SUDO} ${PYTHON}arp_otherfake.py scp ${REMOTE_SSH}:/var/log/messages new.log - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${OTHERFAKE_ADDR} diff old.log new.log | grep '^> ' >diff.log grep 'bsd: arp: attempt to overwrite entry for ${OTHERFAKE_ADDR} on .* by ${LOCAL_MAC} on .*' diff.log @@ -204,7 +204,7 @@ run-regress-arp-incomlete: addr.py scp ${REMOTE_SSH}:/var/log/messages old.log ${SUDO} ${PYTHON}arp_otherfake.py scp ${REMOTE_SSH}:/var/log/messages new.log - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${OTHERFAKE_ADDR} diff old.log new.log | grep '^> ' >diff.log grep 'bsd: arp: attempt to add entry for ${OTHERFAKE_ADDR} on .* by ${LOCAL_MAC} on .*' diff.log @@ -216,9 +216,19 @@ run-regress-arp-proxy: addr.py @echo Send ARP Request for fake address that is proxied ssh -t ${REMOTE_SSH} ${SUDO} arp -s ${FAKE_ADDR} ${FAKE_MAC} pub ${SUDO} ${PYTHON}arp_proxy.py - ssh -t ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${FAKE_ADDR} - grep '^${FAKE_ADDR} .* ${FAKE_MAC} .* static .* p' arp.log + grep '^${FAKE_ADDR} .* ${FAKE_MAC} .* static * p$$' arp.log + +TARGETS += arp-nonproxy +run-regress-arp-nonproxy: addr.py + @echo '\n======== $@ ========' + @echo Send ARP Request for fake address that is not published + ssh -t ${REMOTE_SSH} ${SUDO} arp -s ${FAKE_ADDR} ${FAKE_MAC} + ${SUDO} ${PYTHON}arp_nonproxy.py + ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log + ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${FAKE_ADDR} + grep '^${FAKE_ADDR} .* ${FAKE_MAC} .* static * $$' arp.log REGRESS_TARGETS = ${TARGETS:S/^/run-regress-/} diff --git a/regress/sys/netinet/arp/arp_nonproxy.py b/regress/sys/netinet/arp/arp_nonproxy.py new file mode 100644 index 00000000000..0e319f9e022 --- /dev/null +++ b/regress/sys/netinet/arp/arp_nonproxy.py @@ -0,0 +1,22 @@ +#!/usr/local/bin/python2.7 +# send Address Resolution Protocol Request for Proxy ARP not published +# expect no answer + +import os +from addr import * +from scapy.all import * + +arp=ARP(op='who-has', hwsrc=LOCAL_MAC, psrc=LOCAL_ADDR, + hwdst="ff:ff:ff:ff:ff:ff", pdst=FAKE_ADDR) +eth=Ether(src=LOCAL_MAC, dst="ff:ff:ff:ff:ff:ff")/arp + +e=srp1(eth, iface=LOCAL_IF, timeout=2) + +if e and e.type == ETH_P_ARP: + a=e.payload + a.show() + print "ARP REPLY" + exit(1) + +print "no arp reply" +exit(0) |