Lines Matching refs:ns1
17 ip netns pids "$ns1" | xargs kill 2>/dev/null
30 setup_ns ns0 ns1 ns2
32 if ! ip link add veth0 netns "$ns0" type veth peer name eth0 netns "$ns1" > /dev/null 2>&1;then
58 do_config "$ns1" 1
143 for i in "$ns0" "$ns1" "$ns2" ;do
180 if ! ip netns exec "$ns0" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
181 bad_counter "$ns0" ns1$dir "$expect" "test_local_dnat6 1"
194 # expect 0 count in ns1
197 if ! ip netns exec "$ns1" nft list counter inet filter "ns0${dir}" | grep -q "$expect";then
198 bad_counter "$ns1" ns0$dir "$expect" "test_local_dnat6 3"
212 test $lret -eq 0 && echo "PASS: ipv6 ping to $ns1 was $family NATted to $ns2"
255 if ! ip netns exec "$ns0" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
256 bad_counter "$ns0" "ns1$dir" "$expect" "test_local_dnat 1"
269 # expect 0 count in ns1
272 if ! ip netns exec "$ns1" nft list counter inet filter ns0${dir} | grep -q "$expect";then
273 bad_counter "$ns1" "ns0$dir" "$expect" "test_local_dnat 3"
287 test $lret -eq 0 && echo "PASS: ping to $ns1 was $family NATted to $ns2"
300 if ! ip netns exec "$ns0" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
301 bad_counter "$ns1" ns1$dir "$expect" "test_local_dnat 5"
313 # expect 1 count in ns1
316 if ! ip netns exec "$ns1" nft list counter inet filter "ns0${dir}" | grep -q "$expect";then
331 test $lret -eq 0 && echo "PASS: ping to $ns1 OK after $family nat output chain flush"
369 echo "SERVER-$family" | ip netns exec "$ns1" timeout 3 socat -u STDIN TCP-LISTEN:2000 &
371 busywait $BUSYWAIT_TIMEOUT listener_ready "$ns1" 2000 "-t"
392 echo "ERROR: cannot ping $ns1 from $ns2 via ipv6"
398 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
399 bad_counter "$ns1" "ns2$dir" "$expect" "test_masquerade6 1"
403 if ! ip netns exec "$ns2" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
404 bad_counter "$ns2" "ns1$dir" "$expect" "test_masquerade6 2"
426 echo "ERROR: cannot ping $ns1 from $ns2 with active $family masquerade $natflags"
430 # ns1 should have seen packets from ns0, due to masquerade
433 if ! ip netns exec "$ns1" nft list counter inet filter "ns0${dir}" | grep -q "$expect";then
434 bad_counter "$ns1" ns0$dir "$expect" "test_masquerade6 3"
438 if ! ip netns exec "$ns2" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
439 bad_counter "$ns2" ns1$dir "$expect" "test_masquerade6 4"
444 # ns1 should not have seen packets from ns2, due to masquerade
447 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
448 bad_counter "$ns1" ns0$dir "$expect" "test_masquerade6 5"
452 if ! ip netns exec "$ns0" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
453 bad_counter "$ns0" "ns1$dir" "$expect" "test_masquerade6 6"
459 echo "ERROR: cannot ping $ns1 from $ns2 with active ipv6 masquerade $natflags (attempt 2)"
483 echo "ERROR: cannot ping $ns1 from $ns2 $natflags"
489 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
490 bad_counter "$ns1" "ns2$dir" "$expect" "test_masquerade 1"
494 if ! ip netns exec "$ns2" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
495 bad_counter "$ns2" "ns1$dir" "$expect" "test_masquerade 2"
517 echo "ERROR: cannot ping $ns1 from $ns2 with active $family masquerade $natflags"
521 # ns1 should have seen packets from ns0, due to masquerade
524 if ! ip netns exec "$ns1" nft list counter inet filter "ns0${dir}" | grep -q "$expect";then
525 bad_counter "$ns1" "ns0$dir" "$expect" "test_masquerade 3"
529 if ! ip netns exec "$ns2" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
530 bad_counter "$ns2" "ns1$dir" "$expect" "test_masquerade 4"
535 # ns1 should not have seen packets from ns2, due to masquerade
538 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
539 bad_counter "$ns1" "ns0$dir" "$expect" "test_masquerade 5"
543 if ! ip netns exec "$ns0" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
544 bad_counter "$ns0" "ns1$dir" "$expect" "test_masquerade 6"
550 echo "ERROR: cannot ping $ns1 from $ns2 with active ip masquerade $natflags (attempt 2)"
572 echo "ERROR: cannnot ping $ns1 from $ns2 via ipv6"
578 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
579 bad_counter "$ns1" ns2$dir "$expect" "test_redirect6 1"
583 if ! ip netns exec "$ns2" nft list counter inet filter "ns1${dir}" | grep -q "$expect";then
584 bad_counter "$ns2" ns1$dir "$expect" "test_redirect6 2"
606 echo "ERROR: cannot ping $ns1 from $ns2 via ipv6 with active $family redirect"
610 # ns1 should have seen no packets from ns2, due to redirection
613 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
614 bad_counter "$ns1" ns0$dir "$expect" "test_redirect6 3"
623 bad_counter "$ns1" ns0$dir "$expect" "test_redirect6 4"
647 echo "ERROR: cannot ping $ns1 from $ns2"
653 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
654 bad_counter "$ns1" "$ns2$dir" "$expect" "test_redirect 1"
658 if ! ip netns exec "$ns2" nft list counter inet filter ns1${dir} | grep -q "$expect";then
659 bad_counter "$ns2" ns1$dir "$expect" "test_redirect 2"
681 echo "ERROR: cannot ping $ns1 from $ns2 with active $family ip redirect"
685 # ns1 should have seen no packets from ns2, due to redirection
689 if ! ip netns exec "$ns1" nft list counter inet filter "ns2${dir}" | grep -q "$expect";then
690 bad_counter "$ns1" ns0$dir "$expect" "test_redirect 3"
716 # on client (ns2), which is masqueraded from ns1 point of view.
717 # ns2 sends udp packet coming from service port to ns1, on a highport.
732 # make shadow entry, from client (ns2), going to (ns1), port 41404, sport 1405.
743 # ns1 tries to connect to ns0:1405. With default settings this should connect
746 result=$(echo "data" | ip netns exec "$ns1" timeout 1 socat - UDP:"$daddrs":1405,sourceport=41404)
851 # test default behaviour. Packet from ns1 to ns0 is redirected to ns2.
877 echo "ERROR: cannot ping $ns1 from $ns2 before loading stateless rules"
911 echo "ERROR: cannot ping $ns1 from $ns2 with stateless rules"
915 # ns1 should have seen packets from .2.2, due to stateless rewrite.
917 if ! ip netns exec "$ns1" nft list counter inet filter ns0insl | grep -q "$expect";then
918 bad_counter "$ns1" ns0insl "$expect" "test_stateless 1"
923 if ! ip netns exec "$ns2" nft list counter inet filter ns1${dir} | grep -q "$expect";then
924 bad_counter "$ns2" ns1$dir "$expect" "test_stateless 2"
929 # ns1 should not have seen packets from ns2, due to masquerade
932 if ! ip netns exec "$ns1" nft list counter inet filter ns2${dir} | grep -q "$expect";then
933 bad_counter "$ns1" ns0$dir "$expect" "test_stateless 3"
937 if ! ip netns exec "$ns0" nft list counter inet filter ns1${dir} | grep -q "$expect";then
938 bad_counter "$ns0" ns1$dir "$expect" "test_stateless 4"
957 ip netns exec "$ns1" timeout 3 socat -u UDP4-RECV:4233 OPEN:"$OUTFILE" < /dev/null 2>/dev/null &
959 busywait $BUSYWAIT_TIMEOUT listener_ready "$ns1" 4233 "-u"
963 echo "ERROR: failed to test udp $ns1 to $ns2 with stateless ip nat" 1>&2
977 # ns1 should have seen packets from 2.2, due to stateless rewrite.
979 if ! ip netns exec "$ns1" nft list counter inet filter ns0insl | grep -q "$expect";then
980 bad_counter "$ns1" ns0insl "$expect" "test_stateless 5"
995 for i in "$ns0" "$ns1" "$ns2" ;do
1062 ip netns exec "$ns1" nft -f /dev/stdin <<EOF
1109 if ! test_basic_conn "ns1" ; then
1110 echo "ERROR: basic test for ns1 failed" 1>&2
1114 echo "ERROR: basic test for ns1 failed" 1>&2
1118 echo "PASS: netns routing/connectivity: $ns0 can reach $ns1 and $ns2"