1#!/bin/ksh 2# $OpenBSD: pftable.sh,v 1.1 2022/10/31 18:34:11 claudio Exp $ 3 4set -e 5 6BGPD=$1 7BGPDCONFIGDIR=$2 8RDOMAIN1=$3 9RDOMAIN2=$4 10PAIR1=$5 11PAIR2=$6 12 13RDOMAINS="${RDOMAIN1} ${RDOMAIN2}" 14PAIRS="${PAIR1} ${PAIR2}" 15PAIR1IP=10.12.57.1 16PAIR2IP=10.12.57.2 17PAIR2IP2=10.12.57.3 18 19error_notify() { 20 echo cleanup 21 pfctl -q -t bgpd_integ_test -T kill 22 pkill -T ${RDOMAIN1} bgpd || true 23 pkill -T ${RDOMAIN2} bgpd || true 24 sleep 1 25 ifconfig ${PAIR2} destroy || true 26 ifconfig ${PAIR1} destroy || true 27 route -qn -T ${RDOMAIN1} flush || true 28 route -qn -T ${RDOMAIN2} flush || true 29 ifconfig lo${RDOMAIN1} destroy || true 30 ifconfig lo${RDOMAIN2} destroy || true 31 if [ $1 -ne 0 ]; then 32 echo FAILED 33 exit 1 34 else 35 echo SUCCESS 36 fi 37} 38 39if [ "$(id -u)" -ne 0 ]; then 40 echo need root privileges >&2 41 exit 1 42fi 43 44trap 'error_notify $?' EXIT 45 46echo check if rdomains are busy 47for n in ${RDOMAINS}; do 48 if /sbin/ifconfig | grep -v "^lo${n}:" | grep " rdomain ${n} "; then 49 echo routing domain ${n} is already used >&2 50 exit 1 51 fi 52done 53 54echo check if interfaces are busy 55for n in ${PAIRS}; do 56 /sbin/ifconfig "${n}" >/dev/null 2>&1 && \ 57 ( echo interface ${n} is already used >&2; exit 1 ) 58done 59 60set -x 61 62echo setup 63ifconfig ${PAIR1} rdomain ${RDOMAIN1} ${PAIR1IP}/29 up 64ifconfig ${PAIR2} rdomain ${RDOMAIN2} ${PAIR2IP}/29 up 65ifconfig ${PAIR2} alias ${PAIR2IP2}/32 66ifconfig ${PAIR1} patch ${PAIR2} 67ifconfig lo${RDOMAIN1} inet 127.0.0.1/8 68ifconfig lo${RDOMAIN2} inet 127.0.0.1/8 69 70# create an empty table 71pfctl -q -t bgpd_integ_test -T add 1.1.1.1 72pfctl -q -t bgpd_integ_test -T del 1.1.1.1 73 74echo run bgpds 75route -T ${RDOMAIN1} exec ${BGPD} \ 76 -v -f ${BGPDCONFIGDIR}/bgpd.pftable.rdomain1.conf 77sleep 2 78route -T ${RDOMAIN2} exec ${BGPD} \ 79 -v -f ${BGPDCONFIGDIR}/bgpd.pftable.rdomain2_1.conf 80route -T ${RDOMAIN2} exec ${BGPD} \ 81 -v -f ${BGPDCONFIGDIR}/bgpd.pftable.rdomain2_2.conf 82 83sleep 3 84 85echo Check default prefixes 86route -T ${RDOMAIN1} exec bgpctl show 87echo List pf table 88pfctl -t bgpd_integ_test -T show 89pfctl -t bgpd_integ_test -T test 10.12.62.1 90pfctl -t bgpd_integ_test -T test 10.12.63.1 91pfctl -t bgpd_integ_test -T test 10.12.64.1 92 93echo Add prefix 94route -T ${RDOMAIN2} exec bgpctl network add 10.12.69.0/24 95sleep 1 96pfctl -t bgpd_integ_test -T test 10.12.69.1 97route -T ${RDOMAIN2} exec bgpctl -s /var/run/bgpd.sock.12_2 network add 10.12.69.0/24 98sleep 1 99pfctl -t bgpd_integ_test -T test 10.12.69.1 100 101echo Remove prefix 102route -T ${RDOMAIN2} exec bgpctl network del 10.12.69.0/24 103sleep 1 104pfctl -t bgpd_integ_test -T test 10.12.69.1 105route -T ${RDOMAIN2} exec bgpctl -s /var/run/bgpd.sock.12_2 network del 10.12.69.0/24 106sleep 1 107! pfctl -t bgpd_integ_test -T test 10.12.69.1 108 109exit 0 110