github.com/slackhq/nebula@v1.9.0/outside_test.go (about)

     1  package nebula
     2  
     3  import (
     4  	"net"
     5  	"testing"
     6  
     7  	"github.com/slackhq/nebula/firewall"
     8  	"github.com/slackhq/nebula/iputil"
     9  	"github.com/stretchr/testify/assert"
    10  	"golang.org/x/net/ipv4"
    11  )
    12  
    13  func Test_newPacket(t *testing.T) {
    14  	p := &firewall.Packet{}
    15  
    16  	// length fail
    17  	err := newPacket([]byte{0, 1}, true, p)
    18  	assert.EqualError(t, err, "packet is less than 20 bytes")
    19  
    20  	// length fail with ip options
    21  	h := ipv4.Header{
    22  		Version: 1,
    23  		Len:     100,
    24  		Src:     net.IPv4(10, 0, 0, 1),
    25  		Dst:     net.IPv4(10, 0, 0, 2),
    26  		Options: []byte{0, 1, 0, 2},
    27  	}
    28  
    29  	b, _ := h.Marshal()
    30  	err = newPacket(b, true, p)
    31  
    32  	assert.EqualError(t, err, "packet is less than 28 bytes, ip header len: 24")
    33  
    34  	// not an ipv4 packet
    35  	err = newPacket([]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, true, p)
    36  	assert.EqualError(t, err, "packet is not ipv4, type: 0")
    37  
    38  	// invalid ihl
    39  	err = newPacket([]byte{4<<4 | (8 >> 2 & 0x0f), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, true, p)
    40  	assert.EqualError(t, err, "packet had an invalid header length: 8")
    41  
    42  	// account for variable ip header length - incoming
    43  	h = ipv4.Header{
    44  		Version:  1,
    45  		Len:      100,
    46  		Src:      net.IPv4(10, 0, 0, 1),
    47  		Dst:      net.IPv4(10, 0, 0, 2),
    48  		Options:  []byte{0, 1, 0, 2},
    49  		Protocol: firewall.ProtoTCP,
    50  	}
    51  
    52  	b, _ = h.Marshal()
    53  	b = append(b, []byte{0, 3, 0, 4}...)
    54  	err = newPacket(b, true, p)
    55  
    56  	assert.Nil(t, err)
    57  	assert.Equal(t, p.Protocol, uint8(firewall.ProtoTCP))
    58  	assert.Equal(t, p.LocalIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 2)))
    59  	assert.Equal(t, p.RemoteIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 1)))
    60  	assert.Equal(t, p.RemotePort, uint16(3))
    61  	assert.Equal(t, p.LocalPort, uint16(4))
    62  
    63  	// account for variable ip header length - outgoing
    64  	h = ipv4.Header{
    65  		Version:  1,
    66  		Protocol: 2,
    67  		Len:      100,
    68  		Src:      net.IPv4(10, 0, 0, 1),
    69  		Dst:      net.IPv4(10, 0, 0, 2),
    70  		Options:  []byte{0, 1, 0, 2},
    71  	}
    72  
    73  	b, _ = h.Marshal()
    74  	b = append(b, []byte{0, 5, 0, 6}...)
    75  	err = newPacket(b, false, p)
    76  
    77  	assert.Nil(t, err)
    78  	assert.Equal(t, p.Protocol, uint8(2))
    79  	assert.Equal(t, p.LocalIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 1)))
    80  	assert.Equal(t, p.RemoteIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 2)))
    81  	assert.Equal(t, p.RemotePort, uint16(6))
    82  	assert.Equal(t, p.LocalPort, uint16(5))
    83  }