Differential D30013 Diff 88270 tests/sys/netpfil/pf/fragmentation.sh

Changeset View

Standalone View

Show First 20 Lines • Show All 135 Lines • ▼ Show 20 Lines	$(atf_get_srcdir)/CVE-2019-5597.py \
2001:db8:43::3		2001:db8:43::3
}		}

v6_cleanup()		v6_cleanup()
{		{
pft_cleanup		pft_cleanup
}		}

		atf_test_case "mtu_diff" "cleanup"
		mtu_diff_head()
		{
		atf_set descr 'Test reassembly across different MTUs, PR #255432'
		atf_set require.user root
		}

		mtu_diff_body()
		{
		pft_init

		epair_small=$(vnet_mkepair)
		epair_large=$(vnet_mkepair)

		vnet_mkjail first ${epair_small}b ${epair_large}a
		vnet_mkjail second ${epair_large}b

		ifconfig ${epair_small}a 192.0.2.1/25 up
		jexec first ifconfig ${epair_small}b 192.0.2.2/25 up

		jexec first sysctl net.inet.ip.forwarding=1
		jexec first ifconfig ${epair_large}a 192.0.2.130/25 up
		jexec first ifconfig ${epair_large}a mtu 9000
		jexec second ifconfig ${epair_large}b 192.0.2.131/25 up
		jexec second ifconfig ${epair_large}b mtu 9000
		jexec second route add default 192.0.2.130

		route add 192.0.2.128/25 192.0.2.2

		jexec first pfctl -e
		pft_set_rules first \
		"scrub all fragment reassemble"

		# Sanity checks
		atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2
		atf_check -s exit:0 -o ignore ping -c 1 192.0.2.130
		atf_check -s exit:0 -o ignore ping -c 1 192.0.2.131

		# Large packet that'll get reassembled and sent out in one on the large
		# epair
		atf_check -s exit:0 -o ignore ping -c 1 -s 8000 192.0.2.131
		}

		mtu_diff_cleanup()
		{
		pft_cleanup
		}

atf_init_test_cases()		atf_init_test_cases()
{		{
atf_add_test_case "too_many_fragments"		atf_add_test_case "too_many_fragments"
atf_add_test_case "v6"		atf_add_test_case "v6"
		atf_add_test_case "mtu_diff"
}		}