aboutsummaryrefslogtreecommitdiff
path: root/tests/sys/net/if_bridge_test.sh
diff options
context:
space:
mode:
Diffstat (limited to 'tests/sys/net/if_bridge_test.sh')
-rwxr-xr-xtests/sys/net/if_bridge_test.sh159
1 files changed, 106 insertions, 53 deletions
diff --git a/tests/sys/net/if_bridge_test.sh b/tests/sys/net/if_bridge_test.sh
index 534144f46632..0c19903714b1 100755
--- a/tests/sys/net/if_bridge_test.sh
+++ b/tests/sys/net/if_bridge_test.sh
@@ -899,7 +899,7 @@ member_ifaddrs_vlan_cleanup()
atf_test_case "vlan_pvid" "cleanup"
vlan_pvid_head()
{
- atf_set descr 'bridge with two ports with pvid set'
+ atf_set descr 'bridge with two ports with pvid and vlanfilter set'
atf_set require.user root
}
@@ -922,15 +922,15 @@ vlan_pvid_body()
ifconfig ${bridge} vlanfilter up
ifconfig ${epone}a up
ifconfig ${eptwo}a up
- ifconfig ${bridge} addm ${epone}a untagged ${epone}a 20
- ifconfig ${bridge} addm ${eptwo}a untagged ${eptwo}a 20
+ ifconfig ${bridge} addm ${epone}a untagged 20
+ ifconfig ${bridge} addm ${eptwo}a untagged 20
# With VLAN filtering enabled, traffic should be passed.
atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
# Removed the untagged VLAN on one port; traffic should not be passed.
- ifconfig ${bridge} -untagged ${epone}a
+ ifconfig ${bridge} -ifuntagged ${epone}a
atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
}
@@ -966,10 +966,8 @@ vlan_pvid_filtered_body()
atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
atf_check -s exit:0 ifconfig ${epone}a up
atf_check -s exit:0 ifconfig ${eptwo}a up
- atf_check -s exit:0 ifconfig ${bridge} \
- addm ${epone}a untagged ${epone}a 20
- atf_check -s exit:0 ifconfig ${bridge} \
- addm ${eptwo}a untagged ${eptwo}a 30
+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a untagged 20
+ atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a untagged 30
atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
@@ -1011,10 +1009,8 @@ vlan_pvid_tagged_body()
atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
atf_check -s exit:0 ifconfig ${epone}a up
atf_check -s exit:0 ifconfig ${eptwo}a up
- atf_check -s exit:0 ifconfig ${bridge} \
- addm ${epone}a untagged ${epone}a 20
- atf_check -s exit:0 ifconfig ${bridge} \
- addm ${eptwo}a untagged ${eptwo}a 20
+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a untagged 20
+ atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a untagged 20
# Tagged frames should not be passed.
atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
@@ -1055,10 +1051,8 @@ vlan_pvid_1q_body()
bridge=$(vnet_mkbridge)
atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
- atf_check -s exit:0 ifconfig ${bridge} \
- addm ${epone}a untagged ${epone}a 20
- atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a \
- tagged ${eptwo}a 20
+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a untagged 20
+ atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a tagged 20
atf_check -s exit:0 ifconfig ${epone}a up
atf_check -s exit:0 ifconfig ${eptwo}a up
@@ -1116,25 +1110,25 @@ vlan_filtering_body()
# Set the untagged vlan on both ports to 20 and make sure traffic is
# still blocked. We intentionally do not pass tagged traffic for the
# untagged vlan.
- atf_check -s exit:0 ifconfig ${bridge} untagged ${epone}a 20
- atf_check -s exit:0 ifconfig ${bridge} untagged ${eptwo}a 20
+ atf_check -s exit:0 ifconfig ${bridge} ifuntagged ${epone}a 20
+ atf_check -s exit:0 ifconfig ${bridge} ifuntagged ${eptwo}a 20
atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
- atf_check -s exit:0 ifconfig ${bridge} -untagged ${epone}a
- atf_check -s exit:0 ifconfig ${bridge} -untagged ${eptwo}a
+ atf_check -s exit:0 ifconfig ${bridge} -ifuntagged ${epone}a
+ atf_check -s exit:0 ifconfig ${bridge} -ifuntagged ${eptwo}a
# Add VLANs 10-30 to the access list; now access should be allowed.
- atf_check -s exit:0 ifconfig ${bridge} +tagged ${epone}a 10-30
- atf_check -s exit:0 ifconfig ${bridge} +tagged ${eptwo}a 10-30
+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${epone}a 10-30
+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${eptwo}a 10-30
atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
# Remove vlan 20 from the access list, now access should be blocked
# again.
- atf_check -s exit:0 ifconfig ${bridge} -tagged ${epone}a 20
- atf_check -s exit:0 ifconfig ${bridge} -tagged ${eptwo}a 20
+ atf_check -s exit:0 ifconfig ${bridge} -iftagged ${epone}a 20
+ atf_check -s exit:0 ifconfig ${bridge} -iftagged ${eptwo}a 20
atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
}
@@ -1145,16 +1139,16 @@ vlan_filtering_cleanup()
}
#
-# Test the ifconfig 'tagged' option.
+# Test the ifconfig 'iftagged' option.
#
-atf_test_case "vlan_ifconfig_tagged" "cleanup"
-vlan_ifconfig_tagged_head()
+atf_test_case "vlan_ifconfig_iftagged" "cleanup"
+vlan_ifconfig_iftagged_head()
{
- atf_set descr 'test the ifconfig tagged option'
+ atf_set descr 'test the ifconfig iftagged option'
atf_set require.user root
}
-vlan_ifconfig_tagged_body()
+vlan_ifconfig_iftagged_body()
{
vnet_init
vnet_init_bridge
@@ -1170,34 +1164,34 @@ vlan_ifconfig_tagged_body()
atf_check -s exit:0 -o not-match:"tagged" ifconfig ${bridge}
# Add vlans 100-149.
- atf_check -s exit:0 ifconfig ${bridge} tagged ${ep}a 100-149
+ atf_check -s exit:0 ifconfig ${bridge} iftagged ${ep}a 100-149
atf_check -s exit:0 -o match:"tagged 100-149" ifconfig ${bridge}
# Replace the vlan list with 139-199.
- atf_check -s exit:0 ifconfig ${bridge} tagged ${ep}a 139-199
+ atf_check -s exit:0 ifconfig ${bridge} iftagged ${ep}a 139-199
atf_check -s exit:0 -o match:"tagged 139-199" ifconfig ${bridge}
# Add vlans 100-170.
- atf_check -s exit:0 ifconfig ${bridge} +tagged ${ep}a 100-170
+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${ep}a 100-170
atf_check -s exit:0 -o match:"tagged 100-199" ifconfig ${bridge}
# Remove vlans 104, 105, and 150-159
- atf_check -s exit:0 ifconfig ${bridge} -tagged ${ep}a 104,105,150-159
+ atf_check -s exit:0 ifconfig ${bridge} -iftagged ${ep}a 104,105,150-159
atf_check -s exit:0 -o match:"tagged 100-103,106-149,160-199" \
ifconfig ${bridge}
# Remove the entire vlan list.
- atf_check -s exit:0 ifconfig ${bridge} tagged ${ep}a none
+ atf_check -s exit:0 ifconfig ${bridge} iftagged ${ep}a none
atf_check -s exit:0 -o not-match:"tagged" ifconfig ${bridge}
# Test some invalid vlans sets.
for bad_vlan in -1 0 4096 4097 foo 0-10 4000-5000 foo-40 40-foo; do
atf_check -s exit:1 -e ignore \
- ifconfig ${bridge} tagged "$bad_vlan"
+ ifconfig ${bridge} iftagged "$bad_vlan"
done
}
-vlan_ifconfig_tagged_cleanup()
+vlan_ifconfig_iftagged_cleanup()
{
vnet_cleanup
}
@@ -1229,8 +1223,7 @@ vlan_svi_body()
atf_check -s exit:0 ifconfig ${bridge} vlanfilter up
atf_check -s exit:0 ifconfig ${epone}a up
- atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a \
- tagged ${epone}a 20
+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a tagged 20
svi=$(vnet_mkvlan)
atf_check -s exit:0 ifconfig ${svi} vlan 20 vlandev ${bridge}
@@ -1268,21 +1261,25 @@ vlan_qinq_body()
# Create a QinQ trunk between the two jails. The outer (provider) tag
# is 5, and the inner tag is 10.
- jexec one ifconfig ${epone}b up
- jexec one ifconfig ${epone}b.5 create vlanproto 802.1ad up
- jexec one ifconfig ${epone}b.5.10 create inet 192.0.2.1/24 up
+ atf_check -s exit:0 jexec one ifconfig ${epone}b up
+ atf_check -s exit:0 jexec one \
+ ifconfig ${epone}b.5 create vlanproto 802.1ad up
+ atf_check -s exit:0 jexec one \
+ ifconfig ${epone}b.5.10 create inet 192.0.2.1/24 up
- jexec two ifconfig ${eptwo}b up
- jexec two ifconfig ${eptwo}b.5 create vlanproto 802.1ad up
- jexec two ifconfig ${eptwo}b.5.10 create inet 192.0.2.2/24 up
+ atf_check -s exit:0 jexec two ifconfig ${eptwo}b up
+ atf_check -s exit:0 jexec two ifconfig \
+ ${eptwo}b.5 create vlanproto 802.1ad up
+ atf_check -s exit:0 jexec two ifconfig \
+ ${eptwo}b.5.10 create inet 192.0.2.2/24 up
bridge=$(vnet_mkbridge)
- ifconfig ${bridge} up
- ifconfig ${epone}a up
- ifconfig ${eptwo}a up
- ifconfig ${bridge} addm ${epone}a vlanfilter ${epone}a
- ifconfig ${bridge} addm ${eptwo}a vlanfilter ${eptwo}a
+ atf_check -s exit:0 ifconfig ${bridge} vlanfilter defqinq up
+ atf_check -s exit:0 ifconfig ${epone}a up
+ atf_check -s exit:0 ifconfig ${eptwo}a up
+ atf_check -s exit:0 ifconfig ${bridge} addm ${epone}a
+ atf_check -s exit:0 ifconfig ${bridge} addm ${eptwo}a
# Right now there are no VLANs on the access list, so everything
# should be blocked.
@@ -1290,10 +1287,16 @@ vlan_qinq_body()
atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
# Add the provider tag to the access list; now traffic should be passed.
- ifconfig ${bridge} +tagged ${epone}a 5
- ifconfig ${bridge} +tagged ${eptwo}a 5
+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${epone}a 5
+ atf_check -s exit:0 ifconfig ${bridge} +iftagged ${eptwo}a 5
atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
+
+ # Remove the qinq flag from one of the interfaces; traffic should
+ # be blocked again.
+ atf_check -s exit:0 ifconfig ${bridge} -qinq ${epone}a
+ atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
+ atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
}
vlan_qinq_cleanup()
@@ -1324,6 +1327,56 @@ bridge_svi_in_bridge_cleanup()
vnet_cleanup
}
+atf_test_case "vlan_untagged" "cleanup"
+vlan_untagged_head()
+{
+ atf_set descr 'bridge with two ports with untagged set'
+ atf_set require.user root
+}
+
+vlan_untagged_body()
+{
+ vnet_init
+ vnet_init_bridge
+
+ epone=$(vnet_mkepair)
+ eptwo=$(vnet_mkepair)
+
+ vnet_mkjail one ${epone}b
+ vnet_mkjail two ${eptwo}b
+
+ jexec one ifconfig ${epone}b 192.0.2.1/24 up
+ jexec two ifconfig ${eptwo}b 192.0.2.2/24 up
+
+ bridge=$(vnet_mkbridge)
+
+ ifconfig ${bridge} up
+ ifconfig ${epone}a up
+ ifconfig ${eptwo}a up
+ ifconfig ${bridge} addm ${epone}a untagged 20
+ ifconfig ${bridge} addm ${eptwo}a untagged 30
+
+ # With two ports on different VLANs, traffic should not be passed.
+ atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
+ atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
+
+ # Move the second port to VLAN 20; now traffic should be passed.
+ atf_check -s exit:0 ifconfig ${bridge} ifuntagged ${eptwo}a 20
+ atf_check -s exit:0 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
+ atf_check -s exit:0 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
+
+ # Remove the first's port untagged config, now traffic should
+ # not pass again.
+ atf_check -s exit:0 ifconfig ${bridge} -ifuntagged ${epone}a
+ atf_check -s exit:2 -o ignore jexec one ping -c 3 -t 1 192.0.2.2
+ atf_check -s exit:2 -o ignore jexec two ping -c 3 -t 1 192.0.2.1
+}
+
+vlan_untagged_cleanup()
+{
+ vnet_cleanup
+}
+
atf_test_case "vlan_defuntagged" "cleanup"
vlan_defuntagged_head()
{
@@ -1337,7 +1390,6 @@ vlan_defuntagged_body()
vnet_init_bridge
bridge=$(vnet_mkbridge)
- atf_check -s exit:0 ifconfig ${bridge} vlanfilter
# Invalid VLAN IDs
atf_check -s exit:1 -ematch:"invalid vlan id: 0" \
@@ -1401,9 +1453,10 @@ atf_init_test_cases()
atf_add_test_case "vlan_pvid_filtered"
atf_add_test_case "vlan_pvid_tagged"
atf_add_test_case "vlan_filtering"
- atf_add_test_case "vlan_ifconfig_tagged"
+ atf_add_test_case "vlan_ifconfig_iftagged"
atf_add_test_case "vlan_svi"
atf_add_test_case "vlan_qinq"
+ atf_add_test_case "vlan_untagged"
atf_add_test_case "vlan_defuntagged"
atf_add_test_case "bridge_svi_in_bridge"
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-13 21:26:34 +0000