diff options
Diffstat (limited to '')
| -rw-r--r-- | tests/py/ip/tproxy.t | 14 | ||||
| -rw-r--r-- | tests/py/ip/tproxy.t.json | 126 | ||||
| -rw-r--r-- | tests/py/ip/tproxy.t.json.output | 61 | ||||
| -rw-r--r-- | tests/py/ip/tproxy.t.payload | 44 |
4 files changed, 245 insertions, 0 deletions
diff --git a/tests/py/ip/tproxy.t b/tests/py/ip/tproxy.t new file mode 100644 index 0000000..544c519 --- /dev/null +++ b/tests/py/ip/tproxy.t @@ -0,0 +1,14 @@ +:y;type filter hook prerouting priority -150 + +*ip;x;y + +tproxy;fail +tproxy to 192.0.2.1;fail +tproxy to 192.0.2.1:50080;fail +tproxy to :50080;fail +meta l4proto 17 tproxy to 192.0.2.1;ok +meta l4proto 6 tproxy to 192.0.2.1:50080;ok +ip protocol 6 tproxy to :50080;ok +meta l4proto 17 tproxy ip to 192.0.2.1;ok;meta l4proto 17 tproxy to 192.0.2.1 +meta l4proto 6 tproxy ip to 192.0.2.1:50080;ok;meta l4proto 6 tproxy to 192.0.2.1:50080 +ip protocol 6 tproxy ip to :50080;ok;ip protocol 6 tproxy to :50080 diff --git a/tests/py/ip/tproxy.t.json b/tests/py/ip/tproxy.t.json new file mode 100644 index 0000000..4635fc1 --- /dev/null +++ b/tests/py/ip/tproxy.t.json @@ -0,0 +1,126 @@ +# meta l4proto 17 tproxy to 192.0.2.1 +[ + { + "match": { + "left": { + "meta": { + "key": "l4proto" + } + }, + "op": "==", + "right": 17 + } + }, + { + "tproxy": { + "addr": "192.0.2.1" + } + } +] + +# meta l4proto 6 tproxy to 192.0.2.1:50080 +[ + { + "match": { + "left": { + "meta": { + "key": "l4proto" + } + }, + "op": "==", + "right": 6 + } + }, + { + "tproxy": { + "addr": "192.0.2.1", + "port": 50080 + } + } +] + +# ip protocol 6 tproxy to :50080 +[ + { + "match": { + "left": { + "payload": { + "field": "protocol", + "protocol": "ip" + } + }, + "op": "==", + "right": 6 + } + }, + { + "tproxy": { + "port": 50080 + } + } +] + +# meta l4proto 17 tproxy ip to 192.0.2.1 +[ + { + "match": { + "left": { + "meta": { + "key": "l4proto" + } + }, + "op": "==", + "right": 17 + } + }, + { + "tproxy": { + "addr": "192.0.2.1", + "family": "ip" + } + } +] + +# meta l4proto 6 tproxy ip to 192.0.2.1:50080 +[ + { + "match": { + "left": { + "meta": { + "key": "l4proto" + } + }, + "op": "==", + "right": 6 + } + }, + { + "tproxy": { + "addr": "192.0.2.1", + "family": "ip", + "port": 50080 + } + } +] + +# ip protocol 6 tproxy ip to :50080 +[ + { + "match": { + "left": { + "payload": { + "field": "protocol", + "protocol": "ip" + } + }, + "op": "==", + "right": 6 + } + }, + { + "tproxy": { + "family": "ip", + "port": 50080 + } + } +] diff --git a/tests/py/ip/tproxy.t.json.output b/tests/py/ip/tproxy.t.json.output new file mode 100644 index 0000000..2690f22 --- /dev/null +++ b/tests/py/ip/tproxy.t.json.output @@ -0,0 +1,61 @@ +# meta l4proto 17 tproxy ip to 192.0.2.1 +[ + { + "match": { + "left": { + "meta": { + "key": "l4proto" + } + }, + "op": "==", + "right": 17 + } + }, + { + "tproxy": { + "addr": "192.0.2.1" + } + } +] + +# meta l4proto 6 tproxy ip to 192.0.2.1:50080 +[ + { + "match": { + "left": { + "meta": { + "key": "l4proto" + } + }, + "op": "==", + "right": 6 + } + }, + { + "tproxy": { + "addr": "192.0.2.1", + "port": 50080 + } + } +] + +# ip protocol 6 tproxy ip to :50080 +[ + { + "match": { + "left": { + "payload": { + "field": "protocol", + "protocol": "ip" + } + }, + "op": "==", + "right": 6 + } + }, + { + "tproxy": { + "port": 50080 + } + } +] diff --git a/tests/py/ip/tproxy.t.payload b/tests/py/ip/tproxy.t.payload new file mode 100644 index 0000000..dfe830e --- /dev/null +++ b/tests/py/ip/tproxy.t.payload @@ -0,0 +1,44 @@ +# meta l4proto 17 tproxy to 192.0.2.1 +ip x y + [ meta load l4proto => reg 1 ] + [ cmp eq reg 1 0x00000011 ] + [ immediate reg 1 0x010200c0 ] + [ tproxy ip addr reg 1 ] + +# meta l4proto 6 tproxy to 192.0.2.1:50080 +ip x y + [ meta load l4proto => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ immediate reg 1 0x010200c0 ] + [ immediate reg 2 0x0000a0c3 ] + [ tproxy ip addr reg 1 port reg 2 ] + +# ip protocol 6 tproxy to :50080 +ip x y + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ immediate reg 1 0x0000a0c3 ] + [ tproxy ip port reg 1 ] + +# meta l4proto 17 tproxy ip to 192.0.2.1 +ip x y + [ meta load l4proto => reg 1 ] + [ cmp eq reg 1 0x00000011 ] + [ immediate reg 1 0x010200c0 ] + [ tproxy ip addr reg 1 ] + +# meta l4proto 6 tproxy ip to 192.0.2.1:50080 +ip x y + [ meta load l4proto => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ immediate reg 1 0x010200c0 ] + [ immediate reg 2 0x0000a0c3 ] + [ tproxy ip addr reg 1 port reg 2 ] + +# ip protocol 6 tproxy ip to :50080 +ip x y + [ payload load 1b @ network header + 9 => reg 1 ] + [ cmp eq reg 1 0x00000006 ] + [ immediate reg 1 0x0000a0c3 ] + [ tproxy ip port reg 1 ] + |