github.com/slackhq/nebula@v1.9.0/outside_test.go (about) 1 package nebula 2 3 import ( 4 "net" 5 "testing" 6 7 "github.com/slackhq/nebula/firewall" 8 "github.com/slackhq/nebula/iputil" 9 "github.com/stretchr/testify/assert" 10 "golang.org/x/net/ipv4" 11 ) 12 13 func Test_newPacket(t *testing.T) { 14 p := &firewall.Packet{} 15 16 // length fail 17 err := newPacket([]byte{0, 1}, true, p) 18 assert.EqualError(t, err, "packet is less than 20 bytes") 19 20 // length fail with ip options 21 h := ipv4.Header{ 22 Version: 1, 23 Len: 100, 24 Src: net.IPv4(10, 0, 0, 1), 25 Dst: net.IPv4(10, 0, 0, 2), 26 Options: []byte{0, 1, 0, 2}, 27 } 28 29 b, _ := h.Marshal() 30 err = newPacket(b, true, p) 31 32 assert.EqualError(t, err, "packet is less than 28 bytes, ip header len: 24") 33 34 // not an ipv4 packet 35 err = newPacket([]byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, true, p) 36 assert.EqualError(t, err, "packet is not ipv4, type: 0") 37 38 // invalid ihl 39 err = newPacket([]byte{4<<4 | (8 >> 2 & 0x0f), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, true, p) 40 assert.EqualError(t, err, "packet had an invalid header length: 8") 41 42 // account for variable ip header length - incoming 43 h = ipv4.Header{ 44 Version: 1, 45 Len: 100, 46 Src: net.IPv4(10, 0, 0, 1), 47 Dst: net.IPv4(10, 0, 0, 2), 48 Options: []byte{0, 1, 0, 2}, 49 Protocol: firewall.ProtoTCP, 50 } 51 52 b, _ = h.Marshal() 53 b = append(b, []byte{0, 3, 0, 4}...) 54 err = newPacket(b, true, p) 55 56 assert.Nil(t, err) 57 assert.Equal(t, p.Protocol, uint8(firewall.ProtoTCP)) 58 assert.Equal(t, p.LocalIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 2))) 59 assert.Equal(t, p.RemoteIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 1))) 60 assert.Equal(t, p.RemotePort, uint16(3)) 61 assert.Equal(t, p.LocalPort, uint16(4)) 62 63 // account for variable ip header length - outgoing 64 h = ipv4.Header{ 65 Version: 1, 66 Protocol: 2, 67 Len: 100, 68 Src: net.IPv4(10, 0, 0, 1), 69 Dst: net.IPv4(10, 0, 0, 2), 70 Options: []byte{0, 1, 0, 2}, 71 } 72 73 b, _ = h.Marshal() 74 b = append(b, []byte{0, 5, 0, 6}...) 75 err = newPacket(b, false, p) 76 77 assert.Nil(t, err) 78 assert.Equal(t, p.Protocol, uint8(2)) 79 assert.Equal(t, p.LocalIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 1))) 80 assert.Equal(t, p.RemoteIP, iputil.Ip2VpnIp(net.IPv4(10, 0, 0, 2))) 81 assert.Equal(t, p.RemotePort, uint16(6)) 82 assert.Equal(t, p.LocalPort, uint16(5)) 83 }