1#!/bin/bash 2# SPDX-License-Identifier: GPL-2.0 3 4ALL_TESTS=" 5 vlan_modify_ingress 6 vlan_modify_egress 7" 8 9NUM_NETIFS=4 10CHECK_TC="yes" 11source lib.sh 12 13h1_create() 14{ 15 simple_if_init $h1 192.0.2.1/28 2001:db8:1::1/64 16 vlan_create $h1 85 v$h1 192.0.2.17/28 2001:db8:2::1/64 17} 18 19h1_destroy() 20{ 21 vlan_destroy $h1 85 22 simple_if_fini $h1 192.0.2.1/28 2001:db8:1::1/64 23} 24 25h2_create() 26{ 27 simple_if_init $h2 192.0.2.2/28 2001:db8:1::2/64 28 vlan_create $h2 65 v$h2 192.0.2.18/28 2001:db8:2::2/64 29} 30 31h2_destroy() 32{ 33 vlan_destroy $h2 65 34 simple_if_fini $h2 192.0.2.2/28 2001:db8:1::2/64 35} 36 37switch_create() 38{ 39 ip link add dev br0 type bridge vlan_filtering 1 mcast_snooping 0 40 41 ip link set dev $swp1 master br0 42 ip link set dev $swp2 master br0 43 44 ip link set dev br0 up 45 ip link set dev $swp1 up 46 ip link set dev $swp2 up 47 48 bridge vlan add dev $swp1 vid 85 49 bridge vlan add dev $swp2 vid 65 50 51 bridge vlan add dev $swp2 vid 85 52 bridge vlan add dev $swp1 vid 65 53 54 tc qdisc add dev $swp1 clsact 55 tc qdisc add dev $swp2 clsact 56} 57 58switch_destroy() 59{ 60 tc qdisc del dev $swp2 clsact 61 tc qdisc del dev $swp1 clsact 62 63 bridge vlan del vid 65 dev $swp1 64 bridge vlan del vid 85 dev $swp2 65 66 bridge vlan del vid 65 dev $swp2 67 bridge vlan del vid 85 dev $swp1 68 69 ip link set dev $swp2 down 70 ip link set dev $swp1 down 71 72 ip link del dev br0 73} 74 75setup_prepare() 76{ 77 h1=${NETIFS[p1]} 78 swp1=${NETIFS[p2]} 79 80 swp2=${NETIFS[p3]} 81 h2=${NETIFS[p4]} 82 83 vrf_prepare 84 85 h1_create 86 h2_create 87 88 switch_create 89} 90 91cleanup() 92{ 93 pre_cleanup 94 95 switch_destroy 96 97 h2_destroy 98 h1_destroy 99 100 vrf_cleanup 101} 102 103vlan_modify_ingress() 104{ 105 RET=0 106 107 ping_do $h1.85 192.0.2.18 108 check_fail $? "ping between two different vlans passed when should not" 109 110 ping6_do $h1.85 2001:db8:2::2 111 check_fail $? "ping6 between two different vlans passed when should not" 112 113 tc filter add dev $swp1 ingress protocol all pref 1 handle 1 \ 114 flower action vlan modify id 65 115 tc filter add dev $swp2 ingress protocol all pref 1 handle 1 \ 116 flower action vlan modify id 85 117 118 ping_do $h1.85 192.0.2.18 119 check_err $? "ping between two different vlans failed when should not" 120 121 ping6_do $h1.85 2001:db8:2::2 122 check_err $? "ping6 between two different vlans failed when should not" 123 124 log_test "VLAN modify at ingress" 125 126 tc filter del dev $swp2 ingress protocol all pref 1 handle 1 flower 127 tc filter del dev $swp1 ingress protocol all pref 1 handle 1 flower 128} 129 130vlan_modify_egress() 131{ 132 RET=0 133 134 ping_do $h1.85 192.0.2.18 135 check_fail $? "ping between two different vlans passed when should not" 136 137 ping6_do $h1.85 2001:db8:2::2 138 check_fail $? "ping6 between two different vlans passed when should not" 139 140 tc filter add dev $swp1 egress protocol all pref 1 handle 1 \ 141 flower action vlan modify id 85 142 tc filter add dev $swp2 egress protocol all pref 1 handle 1 \ 143 flower action vlan modify id 65 144 145 ping_do $h1.85 192.0.2.18 146 check_err $? "ping between two different vlans failed when should not" 147 148 ping6_do $h1.85 2001:db8:2::2 149 check_err $? "ping6 between two different vlans failed when should not" 150 151 log_test "VLAN modify at egress" 152 153 tc filter del dev $swp2 egress protocol all pref 1 handle 1 flower 154 tc filter del dev $swp1 egress protocol all pref 1 handle 1 flower 155} 156 157trap cleanup EXIT 158 159setup_prepare 160setup_wait 161 162tests_run 163 164exit $EXIT_STATUS 165