mirror of
https://github.com/vishvananda/netlink.git
synced 2025-10-27 18:00:35 +08:00
Provide method to query for specific policy (#115)
Signed-off-by: Alessandro Boch <aboch@docker.com>
This commit is contained in:
Alessandro Boch
committed by
Vish Ishaya
Vish Ishaya
parent
a123807666
commit
cb0b035c41
@@ -12,7 +12,7 @@ func TestXfrmPolicyAddUpdateDel(t *testing.T) {
|
||||
|
||||
src, _ := ParseIPNet("127.1.1.1/32")
|
||||
dst, _ := ParseIPNet("127.1.1.2/32")
|
||||
policy := XfrmPolicy{
|
||||
policy := &XfrmPolicy{
|
||||
Src: src,
|
||||
Dst: dst,
|
||||
Proto: 17,
|
||||
@@ -32,7 +32,7 @@ func TestXfrmPolicyAddUpdateDel(t *testing.T) {
|
||||
Mode: XFRM_MODE_TUNNEL,
|
||||
}
|
||||
policy.Tmpls = append(policy.Tmpls, tmpl)
|
||||
if err := XfrmPolicyAdd(&policy); err != nil {
|
||||
if err := XfrmPolicyAdd(policy); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
policies, err := XfrmPolicyList(FAMILY_ALL)
|
||||
@@ -44,30 +44,34 @@ func TestXfrmPolicyAddUpdateDel(t *testing.T) {
|
||||
t.Fatal("Policy not added properly")
|
||||
}
|
||||
|
||||
// Verify Selector fields
|
||||
if !compareIPNet(policies[0].Dst, policy.Dst) ||
|
||||
!compareIPNet(policies[0].Src, policy.Src) ||
|
||||
policies[0].Proto != policy.Proto ||
|
||||
policies[0].DstPort != policy.DstPort ||
|
||||
policies[0].SrcPort != policy.SrcPort {
|
||||
t.Fatalf("Incorrect policy data retrieved. Expected %v. Got %v.",
|
||||
policy, policies[0])
|
||||
if !comparePolicies(policy, &policies[0]) {
|
||||
t.Fatalf("unexpected policy returned.\nExpected: %v.\nGot %v", policy, policies[0])
|
||||
}
|
||||
|
||||
// Look for a specific policy
|
||||
sp, err := XfrmPolicyGet(policy)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
if !comparePolicies(policy, sp) {
|
||||
t.Fatalf("unexpected policy returned")
|
||||
}
|
||||
|
||||
// Modify the policy
|
||||
policy.Priority = 100
|
||||
if err := XfrmPolicyUpdate(&policy); err != nil {
|
||||
if err := XfrmPolicyUpdate(policy); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
policies, err = XfrmPolicyList(FAMILY_ALL)
|
||||
sp, err = XfrmPolicyGet(policy)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
if policies[0].Priority != 100 {
|
||||
if sp.Priority != 100 {
|
||||
t.Fatalf("failed to modify the policy")
|
||||
}
|
||||
|
||||
if err = XfrmPolicyDel(&policy); err != nil {
|
||||
if err = XfrmPolicyDel(policy); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
@@ -80,6 +84,34 @@ func TestXfrmPolicyAddUpdateDel(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func comparePolicies(a, b *XfrmPolicy) bool {
|
||||
if a == b {
|
||||
return true
|
||||
}
|
||||
if a == nil || b == nil {
|
||||
return false
|
||||
}
|
||||
// Do not check Index which is assigned by kernel
|
||||
return a.Dir == b.Dir && a.Priority == b.Priority &&
|
||||
compareIPNet(a.Src, b.Src) && compareIPNet(a.Dst, b.Dst) &&
|
||||
a.Mark.Value == b.Mark.Value && a.Mark.Mask == b.Mark.Mask &&
|
||||
compareTemplates(a.Tmpls, b.Tmpls)
|
||||
}
|
||||
|
||||
func compareTemplates(a, b []XfrmPolicyTmpl) bool {
|
||||
if len(a) != len(b) {
|
||||
return false
|
||||
}
|
||||
for i, ta := range a {
|
||||
tb := b[i]
|
||||
if !ta.Dst.Equal(tb.Dst) || !ta.Src.Equal(tb.Src) ||
|
||||
ta.Mode != tb.Mode || ta.Reqid != tb.Reqid || ta.Proto != tb.Proto {
|
||||
return false
|
||||
}
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func compareIPNet(a, b *net.IPNet) bool {
|
||||
if a == b {
|
||||
return true
|
||||
|
||||
Reference in New Issue
Block a user