github.com/cilium/cilium@v1.16.2/pkg/hubble/filters/tcp_test.go (about) 1 // SPDX-License-Identifier: Apache-2.0 2 // Copyright Authors of Hubble 3 4 package filters 5 6 import ( 7 "context" 8 "testing" 9 10 flowpb "github.com/cilium/cilium/api/v1/flow" 11 v1 "github.com/cilium/cilium/pkg/hubble/api/v1" 12 ) 13 14 func TestFlowTCPFilter(t *testing.T) { 15 var argsfilter []*flowpb.FlowFilter 16 var argsevent *v1.Event 17 testflags := []struct { 18 name string 19 argsf []*flowpb.TCPFlags 20 argsev *flowpb.TCPFlags 21 want bool 22 }{ 23 { 24 name: "filterSYNACK___eventSYNACK", 25 argsf: []*flowpb.TCPFlags{{SYN: true, ACK: true}}, 26 argsev: &flowpb.TCPFlags{SYN: true, ACK: true}, 27 want: true, 28 }, 29 { 30 name: "filterSYNACK___eventSYN", 31 argsf: []*flowpb.TCPFlags{{SYN: true, ACK: true}}, 32 argsev: &flowpb.TCPFlags{SYN: true}, 33 want: false, 34 }, 35 { 36 name: "filterSYN_OR_filterACK___eventSYN", 37 argsf: []*flowpb.TCPFlags{{SYN: true}, {ACK: true}}, 38 argsev: &flowpb.TCPFlags{SYN: true}, 39 want: true, 40 }, 41 { 42 name: "filterSYN_OR_filterACK___eventSYNACK", 43 argsf: []*flowpb.TCPFlags{{SYN: true}, {ACK: true}}, 44 argsev: &flowpb.TCPFlags{SYN: true, ACK: true}, 45 want: true, 46 }, 47 { 48 name: "filterSYN_OR_filterACK___eventPSHACK", 49 argsf: []*flowpb.TCPFlags{{SYN: true}, {ACK: true}}, 50 argsev: &flowpb.TCPFlags{PSH: true, ACK: true}, 51 want: true, 52 }, 53 { 54 name: "filterSYN___eventSYN", 55 argsf: []*flowpb.TCPFlags{{SYN: true}}, 56 argsev: &flowpb.TCPFlags{SYN: true}, 57 want: true, 58 }, 59 { 60 name: "filterSYN___eventSYNACK", 61 argsf: []*flowpb.TCPFlags{{SYN: true}}, 62 argsev: &flowpb.TCPFlags{SYN: true, ACK: true}, 63 want: true, 64 }, 65 { 66 name: "filterFIN___eventRST", 67 argsf: []*flowpb.TCPFlags{{FIN: true}}, 68 argsev: &flowpb.TCPFlags{RST: true}, 69 want: false, 70 }, 71 { 72 name: "filterSYN___eventPSH", 73 argsf: []*flowpb.TCPFlags{{SYN: true}}, 74 argsev: &flowpb.TCPFlags{PSH: true}, 75 want: false, 76 }, 77 { 78 name: "filterURG___eventPSH", 79 argsf: []*flowpb.TCPFlags{{URG: true}}, 80 argsev: &flowpb.TCPFlags{PSH: true}, 81 want: false, 82 }, 83 { 84 name: "filterRST___eventRST", 85 argsf: []*flowpb.TCPFlags{{RST: true}}, 86 argsev: &flowpb.TCPFlags{RST: true}, 87 want: true, 88 }, 89 { 90 name: "filterFIN___eventFIN", 91 argsf: []*flowpb.TCPFlags{{FIN: true}}, 92 argsev: &flowpb.TCPFlags{FIN: true}, 93 want: true, 94 }, 95 { 96 name: "filterPSH___eventPSHACK", 97 argsf: []*flowpb.TCPFlags{{PSH: true}}, 98 argsev: &flowpb.TCPFlags{PSH: true, ACK: true}, 99 want: true, 100 }, 101 // regression test for GH-18830 102 { 103 name: "TCP flow without flags", 104 argsf: []*flowpb.TCPFlags{{SYN: true}}, 105 argsev: nil, 106 want: false, 107 }, 108 } 109 110 for _, tt := range testflags { 111 argsfilter = []*flowpb.FlowFilter{{TcpFlags: tt.argsf}} 112 argsevent = &v1.Event{Event: &flowpb.Flow{ 113 L4: &flowpb.Layer4{Protocol: &flowpb.Layer4_TCP{TCP: &flowpb.TCP{Flags: tt.argsev}}}}} 114 t.Run(tt.name, func(t *testing.T) { 115 fl, err := BuildFilterList(context.Background(), argsfilter, []OnBuildFilter{&TCPFilter{}}) 116 if err != nil { 117 t.Errorf("unexpected filter build error: %s", err) 118 } else if got := fl.MatchOne(argsevent); got != tt.want { 119 t.Errorf("%s: got %v, want %v", tt.name, got, tt.want) 120 } 121 }) 122 } 123 }