aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKristof Provost <kp@FreeBSD.org>2021-04-27 16:46:03 +0000
committerKristof Provost <kp@FreeBSD.org>2021-04-30 06:19:47 +0000
commit388c0cde10293d9a3434e99146bf391aec6878a3 (patch)
tree6f5348bd0c747a3308206b08e098603e9d0bf95f
parent055c55abefbe19fe46a56894595af9c9dad7678c (diff)
downloadsrc-388c0cde10293d9a3434e99146bf391aec6878a3.tar.gz
src-388c0cde10293d9a3434e99146bf391aec6878a3.zip
pf tests: Test scrub fragment reassemble on interfaces with different MTU
There's a problem with pf's reassembly code where it produces incorrect checksums when reassembling across interfaces with different MTUs. Test this. PR: 255432 Reviewed by: donner MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30013
-rw-r--r--tests/sys/netpfil/pf/fragmentation.sh49
1 files changed, 49 insertions, 0 deletions
diff --git a/tests/sys/netpfil/pf/fragmentation.sh b/tests/sys/netpfil/pf/fragmentation.sh
index e697281b0826..8b57bcf11487 100644
--- a/tests/sys/netpfil/pf/fragmentation.sh
+++ b/tests/sys/netpfil/pf/fragmentation.sh
@@ -141,8 +141,57 @@ v6_cleanup()
pft_cleanup
}
+atf_test_case "mtu_diff" "cleanup"
+mtu_diff_head()
+{
+ atf_set descr 'Test reassembly across different MTUs, PR #255432'
+ atf_set require.user root
+}
+
+mtu_diff_body()
+{
+ pft_init
+
+ epair_small=$(vnet_mkepair)
+ epair_large=$(vnet_mkepair)
+
+ vnet_mkjail first ${epair_small}b ${epair_large}a
+ vnet_mkjail second ${epair_large}b
+
+ ifconfig ${epair_small}a 192.0.2.1/25 up
+ jexec first ifconfig ${epair_small}b 192.0.2.2/25 up
+
+ jexec first sysctl net.inet.ip.forwarding=1
+ jexec first ifconfig ${epair_large}a 192.0.2.130/25 up
+ jexec first ifconfig ${epair_large}a mtu 9000
+ jexec second ifconfig ${epair_large}b 192.0.2.131/25 up
+ jexec second ifconfig ${epair_large}b mtu 9000
+ jexec second route add default 192.0.2.130
+
+ route add 192.0.2.128/25 192.0.2.2
+
+ jexec first pfctl -e
+ pft_set_rules first \
+ "scrub all fragment reassemble"
+
+ # Sanity checks
+ atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2
+ atf_check -s exit:0 -o ignore ping -c 1 192.0.2.130
+ atf_check -s exit:0 -o ignore ping -c 1 192.0.2.131
+
+ # Large packet that'll get reassembled and sent out in one on the large
+ # epair
+ atf_check -s exit:0 -o ignore ping -c 1 -s 8000 192.0.2.131
+}
+
+mtu_diff_cleanup()
+{
+ pft_cleanup
+}
+
atf_init_test_cases()
{
atf_add_test_case "too_many_fragments"
atf_add_test_case "v6"
+ atf_add_test_case "mtu_diff"
}