Blame - src/scripts/vnet/urpf - fdio/vpp

blob: 48855e4b1657716c9fbda04d3cca938613450b44 [file] [log] [blame]

Neale Ranns	3ee4404	2016-10-03 13:05:48 +0100	[diff] [blame]	1
				2	create loop int
				3
				4	set int state loop0 up
				5	set int ip addr loop0 10.10.10.10/24
				6
Damjan Marion	3153f00	2022-05-14 00:14:02 +0200	[diff] [blame]	7	packet-generator new { \
				8	name transit-deny \
				9	limit 1 \
				10	node ip4-input \
				11	size 64-64 \
				12	data { \
				13	UDP: 1.2.3.4 -> 2.2.2.2 \
				14	UDP: 3000 -> 3001 \
				15	length 128 checksum 0 incrementing 1 \
				16	} \
Neale Ranns	3ee4404	2016-10-03 13:05:48 +0100	[diff] [blame]	17	}
				18
Damjan Marion	3153f00	2022-05-14 00:14:02 +0200	[diff] [blame]	19	packet-generator new { \
				20	name transit-allow \
				21	limit 1 \
				22	node ip4-input \
				23	size 64-64 \
				24	data { \
				25	UDP: 1.1.1.1 -> 2.2.2.2 \
				26	UDP: 3000 -> 3001 \
				27	length 128 checksum 0 incrementing 1 \
				28	} \
Neale Ranns	3ee4404	2016-10-03 13:05:48 +0100	[diff] [blame]	29	}
				30
Damjan Marion	3153f00	2022-05-14 00:14:02 +0200	[diff] [blame]	31	packet-generator new { \
				32	name transit-allow-from-excemption \
				33	limit 1 \
				34	node ip4-input \
				35	size 64-64 \
				36	data { \
				37	UDP: 11.11.12.13 -> 2.2.2.2 \
				38	UDP: 6000 -> 6001 \
				39	length 128 checksum 0 incrementing 1 \
				40	} \
Neale Ranns	3ee4404	2016-10-03 13:05:48 +0100	[diff] [blame]	41	}
				42
Damjan Marion	3153f00	2022-05-14 00:14:02 +0200	[diff] [blame]	43	packet-generator new { \
				44	name for-us-allow-from-excemption \
				45	limit 1 \
				46	node ip4-input \
				47	size 64-64 \
				48	data { \
				49	UDP: 11.11.12.13 -> 10.10.10.10 \
				50	UDP: 6000 -> 6001 \
				51	length 128 checksum 0 incrementing 1 \
				52	} \
Neale Ranns	3ee4404	2016-10-03 13:05:48 +0100	[diff] [blame]	53	}
				54
Damjan Marion	3153f00	2022-05-14 00:14:02 +0200	[diff] [blame]	55	packet-generator new { \
				56	name for-us-allow \
				57	limit 1 \
				58	node ip4-input \
				59	size 64-64 \
				60	data { \
				61	UDP: 1.1.1.1 -> 10.10.10.10 \
				62	UDP: 3000 -> 3001 \
				63	length 128 checksum 0 incrementing 1 \
				64	} \
Neale Ranns	3ee4404	2016-10-03 13:05:48 +0100	[diff] [blame]	65	}
				66
				67	tr add pg-input 100
				68
				69	set int ip addr pg0 10.10.11.10/24
				70
				71	set interface ip source-check pg0 strict
				72
				73	ip route add 1.1.1.1/32 via 10.10.11.11 pg0
				74	ip route add 2.2.2.2/32 via 10.10.10.11 loop0
				75
				76	ip urpf-accept 11.11.0.0/16
				77
				78	#set interface ip source-check pg0 strict del
				79	#set interface ip source-check pg0 loose
				80
				81	#ip urpf-accept del 11.11.0.0/16