tools/testing/selftests/net/ipv6_force_forwarding.sh - linux - Git at Google

 #!/bin/bash
 # SPDX-License-Identifier: GPL-2.0
 #
 # Test IPv6 force_forwarding interface property
 #
 # This test verifies that the force_forwarding property works correctly:
 # - When global forwarding is disabled, packets are not forwarded normally
 # - When force_forwarding is enabled on an interface, packets are forwarded
 #   regardless of the global forwarding setting

 source lib.sh

 cleanup() {
     cleanup_ns $ns1 $ns2 $ns3
 }

 trap cleanup EXIT

 setup_test() {
     # Create three namespaces: sender, router, receiver
     setup_ns ns1 ns2 ns3

     # Create veth pairs: ns1 <-> ns2 <-> ns3
     ip link add name veth12 type veth peer name veth21
     ip link add name veth23 type veth peer name veth32

     # Move interfaces to namespaces
     ip link set veth12 netns $ns1
     ip link set veth21 netns $ns2
     ip link set veth23 netns $ns2
     ip link set veth32 netns $ns3

     # Configure interfaces
     ip -n $ns1 addr add 2001:db8:1::1/64 dev veth12 nodad
     ip -n $ns2 addr add 2001:db8:1::2/64 dev veth21 nodad
     ip -n $ns2 addr add 2001:db8:2::1/64 dev veth23 nodad
     ip -n $ns3 addr add 2001:db8:2::2/64 dev veth32 nodad

     # Bring up interfaces
     ip -n $ns1 link set veth12 up
     ip -n $ns2 link set veth21 up
     ip -n $ns2 link set veth23 up
     ip -n $ns3 link set veth32 up

     # Add routes
     ip -n $ns1 route add 2001:db8:2::/64 via 2001:db8:1::2
     ip -n $ns3 route add 2001:db8:1::/64 via 2001:db8:2::1

     # Disable global forwarding
     ip netns exec $ns2 sysctl -qw net.ipv6.conf.all.forwarding=0
 }

 test_force_forwarding() {
     local ret=0

     echo "TEST: force_forwarding functionality"

     # Check if force_forwarding sysctl exists
     if ! ip netns exec $ns2 test -f /proc/sys/net/ipv6/conf/veth21/force_forwarding; then
         echo "SKIP: force_forwarding not available"
         return $ksft_skip
     fi

     # Test 1: Without force_forwarding, ping should fail
     ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=0
     ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=0

     if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
         echo "FAIL: ping succeeded when forwarding disabled"
         ret=1
     else
         echo "PASS: forwarding disabled correctly"
     fi

     # Test 2: With force_forwarding enabled, ping should succeed
     ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=1
     ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=1

     if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
         echo "PASS: force_forwarding enabled forwarding"
     else
         echo "FAIL: ping failed with force_forwarding enabled"
         ret=1
     fi

     return $ret
 }

 echo "IPv6 force_forwarding test"
 echo "=========================="

 setup_test
 test_force_forwarding
 ret=$?

 if [ $ret -eq 0 ]; then
     echo "OK"
     exit 0
 elif [ $ret -eq $ksft_skip ]; then
     echo "SKIP"
     exit $ksft_skip
 else
     echo "FAIL"
     exit 1
 fi
	#!/bin/bash
	# SPDX-License-Identifier: GPL-2.0
	#
	# Test IPv6 force_forwarding interface property
	#
	# This test verifies that the force_forwarding property works correctly:
	# - When global forwarding is disabled, packets are not forwarded normally
	# - When force_forwarding is enabled on an interface, packets are forwarded
	# regardless of the global forwarding setting

	source lib.sh

	cleanup() {
	cleanup_ns $ns1 $ns2 $ns3
	}

	trap cleanup EXIT

	setup_test() {
	# Create three namespaces: sender, router, receiver
	setup_ns ns1 ns2 ns3

	# Create veth pairs: ns1 <-> ns2 <-> ns3
	ip link add name veth12 type veth peer name veth21
	ip link add name veth23 type veth peer name veth32

	# Move interfaces to namespaces
	ip link set veth12 netns $ns1
	ip link set veth21 netns $ns2
	ip link set veth23 netns $ns2
	ip link set veth32 netns $ns3

	# Configure interfaces
	ip -n $ns1 addr add 2001:db8:1::1/64 dev veth12 nodad
	ip -n $ns2 addr add 2001:db8:1::2/64 dev veth21 nodad
	ip -n $ns2 addr add 2001:db8:2::1/64 dev veth23 nodad
	ip -n $ns3 addr add 2001:db8:2::2/64 dev veth32 nodad

	# Bring up interfaces
	ip -n $ns1 link set veth12 up
	ip -n $ns2 link set veth21 up
	ip -n $ns2 link set veth23 up
	ip -n $ns3 link set veth32 up

	# Add routes
	ip -n $ns1 route add 2001:db8:2::/64 via 2001:db8:1::2
	ip -n $ns3 route add 2001:db8:1::/64 via 2001:db8:2::1

	# Disable global forwarding
	ip netns exec $ns2 sysctl -qw net.ipv6.conf.all.forwarding=0
	}

	test_force_forwarding() {
	local ret=0

	echo "TEST: force_forwarding functionality"

	# Check if force_forwarding sysctl exists
	if ! ip netns exec $ns2 test -f /proc/sys/net/ipv6/conf/veth21/force_forwarding; then
	echo "SKIP: force_forwarding not available"
	return $ksft_skip
	fi

	# Test 1: Without force_forwarding, ping should fail
	ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=0
	ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=0

	if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
	echo "FAIL: ping succeeded when forwarding disabled"
	ret=1
	else
	echo "PASS: forwarding disabled correctly"
	fi

	# Test 2: With force_forwarding enabled, ping should succeed
	ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth21.force_forwarding=1
	ip netns exec $ns2 sysctl -qw net.ipv6.conf.veth23.force_forwarding=1

	if ip netns exec $ns1 ping -6 -c 1 -W 2 2001:db8:2::2 &>/dev/null; then
	echo "PASS: force_forwarding enabled forwarding"
	else
	echo "FAIL: ping failed with force_forwarding enabled"
	ret=1
	fi

	return $ret
	}

	echo "IPv6 force_forwarding test"
	echo "=========================="

	setup_test
	test_force_forwarding
	ret=$?

	if [ $ret -eq 0 ]; then
	echo "OK"
	exit 0
	elif [ $ret -eq $ksft_skip ]; then
	echo "SKIP"
	exit $ksft_skip
	else
	echo "FAIL"
	exit 1
	fi