test/test_adl.py

#!/usr/bin/env python3

import unittest

from framework import VppTestCase, VppTestRunner
from vpp_ip_route import VppIpTable, VppIpRoute, VppRoutePath


class TestAdl(VppTestCase):
    """Allow/Deny Plugin Unit Test Cases"""

    @classmethod
    def setUpClass(cls):
        super(TestAdl, cls).setUpClass()

    @classmethod
    def tearDownClass(cls):
        super(TestAdl, cls).tearDownClass()

    def setUp(self):
        super(TestAdl, self).setUp()

    def tearDown(self):
        super(TestAdl, self).tearDown()

    def test_adl1_unittest(self):
        """Plugin API Test"""
        cmds = [
            "loop create\n",
            "set int ip address loop0 192.168.1.1/24\n",
            "set int ip6 table loop0 0\n",
            "set int ip address loop0 2001:db01::1/64\n",
            "set int state loop0 up\n",
            "packet-generator new {\n"
            " name ip4\n"
            " limit 100\n"
            " rate 0\n"
            " size 128-128\n"
            " interface loop0\n"
            " node adl-input\n"
            " data { IP4: 1.2.40 -> 3cfd.fed0.b6c8\n"
            "        UDP: 192.168.1.2-192.168.1.10 -> 192.168.2.1\n"
            "        UDP: 1234 -> 2345\n"
            "        incrementing 114\n"
            "       }\n"
            " }\n",
            "packet-generator new {\n"
            " name ip6-allow\n"
            " limit 50\n"
            " rate 0\n"
            " size 128-128\n"
            " interface loop0\n"
            " node adl-input\n"
            " data { IP6: 1.2.40 -> 3cfd.fed0.b6c8\n"
            "        UDP: 2001:db01::2 -> 2001:db01::1\n"
            "        UDP: 1234 -> 2345\n"
            "        incrementing 80\n"
            "      }\n"
            " }\n",
            "packet-generator new {\n"
            " name ip6-drop\n"
            " limit 50\n"
            " rate 0\n"
            " size 128-128\n"
            " interface loop0\n"
            " node adl-input\n"
            " data { IP6: 1.2.40 -> 3cfd.fed0.b6c8\n"
            "        UDP: 2001:db01::3 -> 2001:db01::1\n"
            "        UDP: 1234 -> 2345\n"
            "        incrementing 80\n"
            "      }\n"
            " }\n",
            "ip table 1\n",
            "ip route add 192.168.2.1/32 via drop\n",
            "ip route add table 1 192.168.1.2/32 via local\n",
            "ip6 table 1\n",
            "ip route add 2001:db01::1/128 via drop\n",
            "ip route add table 1 2001:db01::2/128 via local\n",
            "bin adl_interface_enable_disable loop0\n",
            "bin adl_allowlist_enable_disable loop0 fib-id 1 ip4 ip6\n",
            "pa en\n",
        ]

        for cmd in cmds:
            r = self.vapi.cli_return_response(cmd)
            if r.retval != 0:
                if hasattr(r, "reply"):
                    self.logger.info(cmd + " FAIL reply " + r.reply)
                else:
                    self.logger.info(cmd + " FAIL retval " + str(r.retval))

        total_pkts = self.statistics.get_err_counter(
            "/err/adl-input/Allow/Deny packets processed"
        )

        self.assertEqual(total_pkts, 200)

        ip4_allow = self.statistics.get_err_counter(
            "/err/ip4-adl-allowlist/ip4 allowlist allowed"
        )
        self.assertEqual(ip4_allow, 12)
        ip6_allow = self.statistics.get_err_counter(
            "/err/ip6-adl-allowlist/ip6 allowlist allowed"
        )
        self.assertEqual(ip6_allow, 50)


if __name__ == "__main__":
    unittest.main(testRunner=VppTestRunner)