sonic-net · pavel-shirshov · Jan 23, 2017 · Jan 14, 2017 · Jan 14, 2017 · Jan 14, 2017
diff --git a/ansible/roles/test/files/acstests/acl_port_range_traffic_test.py b/ansible/roles/test/files/acstests/acl_port_range_traffic_test.py
@@ -0,0 +1,26 @@
+import sys
+import ptf.packet as scapy
+import ptf.dataplane as dataplane
+import acs_base_test
+from ptf.base_tests import BaseTest
+import ptf.testutils as testutils
+from ptf.testutils import *
+import scapy.all as scapy2
+
+class SendTCP(acs_base_test.ACSDataplaneTest):
+    def runTest(self):
+        pkt = scapy2.Ether(src="e4:1d:2d:a5:f3:ac", dst="00:02:03:04:05:00")
+        pkt /= scapy2.IP(src="20.0.0.2", dst="20.0.0.1")
+
+        # get L4 port number
+        port_number = testutils.test_params_get("port_number")
+        port = port_number["port_number"]
+        pkt /= scapy2.TCP(sport = int(port))
+        pkt /= ("badabadaboom")
+
+        # get packets number
+        count = testutils.test_params_get("count")
+        pack_number = count["count"]
+
+        # send packets
+        send(self, 0, pkt, int(pack_number))
diff --git a/ansible/roles/test/files/acstests/acl_tcp_test.py b/ansible/roles/test/files/acstests/acl_tcp_test.py
@@ -0,0 +1,152 @@
+import ptf.packet as scapy
+import ptf.dataplane as dataplane
+import acs_base_test
+from ptf.base_tests import BaseTest
+from ptf.testutils import *
+from ptf.mask import Mask
+import scapy.all as scapy2
+from time import sleep
+from threading import Thread
+
+class FailingTest(BaseTest):
+    '''
+        Test designed to fail
+    '''
+    def runTest(self):
+            a = 5 / 0
+            pass
+
+class SucceessTest(BaseTest):
+    '''
+        Test designed for success
+    '''
+    def runTest(self):
+            pass
+
+class SendTCP(acs_base_test.ACSDataplaneTest):
+    '''
+    FIN = 0x01
+    SYN = 0x02
+    RST = 0x04
+    PSH = 0x08
+    ACK = 0x10
+    URG = 0x20
+    ECE = 0x40
+    CWR = 0x80
+    '''
+
+    def pkt_callback(self, pkt):
+        if pkt.haslayer(scapy2.TCP) and pkt.getlayer(scapy2.IP).src == "22.0.0.2":
+            self.sniffed_cnt += 1
+
+    def Sniffer(self, interface):
+        self.sniffed_cnt = 0
+        scapy2.sniff(iface="eth2", prn=self.pkt_callback, store=0, timeout=3)
+
+    def runTest(self):
+
+        pkt = scapy2.Ether()
+        pkt /= scapy2.IP(src="21.0.0.2", dst="22.0.0.2")
+        pkt /= scapy2.TCP(dport = 80, flags="S", seq=42)
+        pkt /= ("badabadaboom")
+
+        t = Thread(target=self.Sniffer, args=("eth2",))
+        t.start()
+        scapy2.sendp(pkt, iface='eth2')
+        sleep(4)
+        # fail if no reply
+        if self.sniffed_cnt == 0:
+            self.assertTrue(False)
+
+
+        #res = scapy2.sniff(iface="eth2", timeout=3)
+        #print res
+        #if res:
+        #    raise
+
+        #if reply:
+        #    raise
+        #print "================______====\n"
+        #print reply
+        #print error
+        #print "================______====\n"
+        #if reply:
+        #    reply.show()
+        #(rcv_device, rcv_port, rcv_pkt, pkt_time) = dp_poll(self, device_number=0, port_number=0, timeout=5)
+        #send_packet(self, 0, pkt)
+        #(rcv_device, rcv_port, rcv_pkt, pkt_time) = dp_poll(self, device_number=0, port_number=0, timeout=5)
+
+
+#        verify_packet(self, masked_exp_pkt, 1)
+
+
+        #mpkt = Mask(pkt)
+        #mpkt.set_do_not_care(0, 14*8)
+        #mpkt.set_do_not_care(16*8, 49*8)
+        #verify_packet(self, mpkt, 0)
+        #(rcv_device, rcv_port, rcv_pkt, pkt_time) = dp_poll(self, device_number=0, port_number=0, timeout=5)
+        #print "================______====\n"
+        #y = 0
+        #for x in rcv_pkt:
+        #    print "%d - %X" % (y, ord(x))
+        #    y +=1
+"""
+(rcv_device, rcv_port, rcv_pkt, pkt_time) = dp_poll(self, device_number=0, timeout=3)
+        print "================______====\n"
+        y = 0
+        for x in rcv_pkt:
+            print "%d - %X" % (y, ord(x))
+            y +=1
+
+        y = 0
+        for x in str(pkt):
+            print "%d - %X" % (y, ord(x))
+            y +=1
+"""
+
+
+"""
+
+        pkt = scapy.Ether()
+        pkt /= scapy.IP(src="21.0.0.2", dst="22.0.0.2")
+        pkt /= scapy.TCP(sport = 8192, dport = 80, flags="S", seq=42)
+        m = Mask.Mask(pkt)
+        m.set_do_not_care_scapy(Ether, 'src')
+        m.set_do_not_care_scapy(Ether, 'dst')
+        m.set_do_not_care_scapy(IP, 'ttl')
+        m.set_do_not_care_scapy(IP, 'len')
+        m.set_do_not_care_scapy(IP, 'flags')
+        verify_packet(self, pkt, 0);
+        verify_packets(<test>, m)
+
+
+Test ACL permition
+
+
+import ptf.packet as scapy
+
+import ptf.dataplane as dataplane
+import acs_base_test
+
+from ptf.testutils import *
+from ptf.mask import Mask
+
+
+class ACLpermit(acs_base_test.ACSDataplaneTest):
+    def runTest(self):
+        print "The test is passed"
+        pass
+       # pkt = simple_ip_packet( eth_dst='00:01:02:03:04:05',
+       #                         eth_src='00:06:07:08:09:0a',
+       #                         ip_src='192.168.0.1',
+       #                         ip_dst='192.168.0.2',
+       #                         ip_ttl=64)
+       # send_packet(self, port, pkt)
+
+       # pkt = scapy.Ether()
+       # pkt /= scapy.IP(src="20.0.0.2", dst="21.0.0.2")
+       # pkt /= scapy.TCP()
+       # pkt /= ("Yellow Sun")
+       # send_packet(self, 1, pkt)
+       # verify_packet(self, pkt, 2)
+"""
diff --git a/ansible/roles/test/files/tools/loganalyzer/loganalyzer_analyze.yml b/ansible/roles/test/files/tools/loganalyzer/loganalyzer_analyze.yml
@@ -13,4 +13,4 @@
   shell: "{{ cmd }}"
   args:
       chdir: "{{ run_dir }}"
-- debug: msg="Finished calling loganalyzer analyze phase"
+- debug: msg="Finished calling loganalyzer analyze phase"
diff --git a/ansible/roles/test/files/tools/loganalyzer/loganalyzer_common_match.txt b/ansible/roles/test/files/tools/loganalyzer/loganalyzer_common_match.txt
@@ -3,4 +3,4 @@ r, "kernel:.*Oops", "kernel:.*hung", "kernel.*oom\s"
 r, "kernel:.*scheduling", "kernel:.*atomic", "kernel:.*panic"
 r, "kernel:.*\serr", "kernel:.*allocation", "kernel:.*kill",
 r, "kernel:.*kmemleak.*","kernel:.* Err:"
-s, "ERR"
+s, "ERR"
diff --git a/ansible/roles/test/files/tools/loganalyzer/loganalyzer_init.yml b/ansible/roles/test/files/tools/loganalyzer/loganalyzer_init.yml
@@ -33,4 +33,4 @@
 - name: Initialize loganalyzer
   become: True
   shell: "python {{ run_dir }}/loganalyzer.py --action init --run_id {{ testname_unique }}"
-- debug: msg="Finished calling loganalyzer init phase"
+- debug: msg="Finished calling loganalyzer init phase"
diff --git a/ansible/roles/test/tasks/acl.yml b/ansible/roles/test/tasks/acl.yml
@@ -0,0 +1,41 @@
+
+#-----------------------------------------
+# Run all the acl tests.
+#-----------------------------------------
+
+- set_fact:
+    vars_files_location: vars/acl
+
+- include_vars: "{{ vars_files_location }}/acl_vars.yml"
+
+- name: Create run_dir
+  file: path="{{ run_dir }}" state=directory
+
+ #****************************************#
+ #           Start tests                  #
+ #****************************************#
+
+- block:
+    - name: Test file input.
+      include: "{{ tests_location }}/acl_input_test/acl_input_test.yml"
+
+    - name: Test port bind configuration.
+      include: "{{ tests_location }}/acl_port_bind_test/acl_port_bind_test.yml"
+
+    - name: Test orchagent logic.
+      include: "{{ tests_location }}/acl_orchagent_logic_test/acl_orchagent_logic_test.yml"
+
+    - name: Test traffic.
+      include: "{{ tests_location }}/acl_traffic_test/acl_traffic_test.yml"
+
+    - name: Test counters traffic.
+      include: "{{ tests_location }}/acl_counter_traffic_test/acl_counter_traffic_test.yml"
+
+    - name: Test L4 ports.
+      include: "{{ tests_location }}/acl_port_range_test/acl_port_range_test.yml"
+
+  always:
+    - name: General cleanup.
+      file: path="{{ item }}" state=absent
+      with_items:
+        - "{{ run_dir }}/loganalyzer.py"
diff --git a/ansible/roles/test/tasks/acl/acl_counter_traffic_test/acl_check_db.yml b/ansible/roles/test/tasks/acl/acl_counter_traffic_test/acl_check_db.yml
@@ -0,0 +1,36 @@
+
+- block:
+    - name: Check if Redis DB contains corresponding data.
+      shell: docker exec -i database redis-cli -n 1 KEYS \* | grep "ASIC_STATE:SAI_OBJECT_TYPE_ACL_COUNTER"
+      register: grep_redis
+      failed_when: (expect_data == true and grep_redis.rc != 0) or (expect_data == false and grep_redis.rc == 0)
+
+    - name: Wait for data to be written into Counters DB ...
+      pause:
+        seconds: 10
+
+    - name: Read counters value.
+      shell: docker exec -i database redis-cli -n 2 HGET "COUNTERS:{{ table_name_check }}:{{ rule_name_check }}" Packets
+      register: counters_value
+      when: expect_data == true
+
+    - name: Check if corresponding data was removed from Counters DB.
+      shell: docker exec -i database redis-cli -n 2 KEYS \* | grep {{ rule_name_check }}
+      register: grep_counters
+      failed_when: grep_counters.rc == 0
+      when: expect_data == false
+
+  always:
+      # check for successful creating.
+    - fail: msg="Failed to find corresponding data in Redis DB. Used {{ table_name_check }} / {{ rule_name_check }}"
+      when: expect_data == true and grep_redis.rc != 0
+
+    - fail: msg="Failed to find corresponding data in Counters DB. Used {{ table_name_check }} / {{ rule_name_check }}"
+      when: expect_data == true and counters_value.stdout != "{{ expected_counter_value }}"
+
+      # check for successful deleting.
+    - fail: msg="Failed to delete corresponding rule-data from Redis DB. Used {{ table_name_check }} / {{ rule_name_check }}"
+      when: expect_data == false and grep_redis.rc == 0
+
+    - fail: msg="Failed to delete corresponding rule-data from Counters DB. Used {{ table_name_check }} / {{ rule_name_check }}"
+      when: expect_data == false and grep_counters.rc == 0