routes_common/
common.rs

1// Copyright 2024 The Fuchsia Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5use fidl::endpoints::ProtocolMarker;
6use fidl_fuchsia_net_routes_ext::admin::FidlRouteAdminIpExt;
7use fidl_fuchsia_net_routes_ext::rules::{FidlRuleAdminIpExt, RuleIndex};
8use fidl_fuchsia_net_routes_ext::{self as fnet_routes_ext, FidlRouteIpExt};
9use net_types::ip::{Ip, Subnet};
10use net_types::SpecifiedAddr;
11use netstack_testing_common::realms::{Netstack, TestSandboxExt as _};
12use {
13    fidl_fuchsia_net_interfaces_ext as fnet_interfaces_ext, fidl_fuchsia_net_routes as fnet_routes,
14};
15
16/// Common test setup that can be shared by all routes tests.
17pub struct TestSetup<'a, I: Ip + FidlRouteIpExt + FidlRouteAdminIpExt> {
18    pub realm: netemul::TestRealm<'a>,
19    pub network: netemul::TestNetwork<'a>,
20    pub interface: netemul::TestInterface<'a>,
21    pub route_table: <I::RouteTableMarker as ProtocolMarker>::Proxy,
22    pub global_route_table: <I::GlobalRouteTableMarker as ProtocolMarker>::Proxy,
23    pub state: <I::StateMarker as ProtocolMarker>::Proxy,
24}
25
26impl<'a, I: Ip + FidlRouteIpExt + FidlRouteAdminIpExt> TestSetup<'a, I> {
27    /// Creates a new test setup.
28    pub async fn new<N: Netstack>(
29        sandbox: &'a netemul::TestSandbox,
30        name: &str,
31    ) -> TestSetup<'a, I> {
32        let realm = sandbox
33            .create_netstack_realm::<N, _>(format!("routes-admin-{name}"))
34            .expect("create realm");
35        let network =
36            sandbox.create_network(format!("routes-admin-{name}")).await.expect("create network");
37        let interface = realm.join_network(&network, "ep1").await.expect("join network");
38        let route_table = realm
39            .connect_to_protocol::<I::RouteTableMarker>()
40            .expect("connect to routes-admin RouteTable");
41        let global_route_table = realm
42            .connect_to_protocol::<I::GlobalRouteTableMarker>()
43            .expect("connect to global route set provider");
44
45        let state = realm.connect_to_protocol::<I::StateMarker>().expect("connect to routes State");
46        TestSetup { realm, network, interface, route_table, global_route_table, state }
47    }
48}
49
50/// A route for testing.
51pub fn test_route<I: Ip>(
52    interface: &netemul::TestInterface<'_>,
53    metric: fnet_routes::SpecifiedMetric,
54) -> fnet_routes_ext::Route<I> {
55    let destination = I::map_ip(
56        (),
57        |()| net_declare::net_subnet_v4!("192.0.2.0/24"),
58        |()| net_declare::net_subnet_v6!("2001:DB8::/64"),
59    );
60    let next_hop_addr = I::map_ip(
61        (),
62        |()| net_declare::net_ip_v4!("192.0.2.1"),
63        |()| net_declare::net_ip_v6!("2001:DB8::1"),
64    );
65
66    fnet_routes_ext::Route {
67        destination,
68        action: fnet_routes_ext::RouteAction::Forward(fnet_routes_ext::RouteTarget {
69            outbound_interface: interface.id(),
70            next_hop: Some(SpecifiedAddr::new(next_hop_addr).expect("is specified")),
71        }),
72        properties: fnet_routes_ext::RouteProperties {
73            specified_properties: fnet_routes_ext::SpecifiedRouteProperties { metric },
74        },
75    }
76}
77
78/// Possible mark matcher settings for a rule.
79pub enum MarkMatcher {
80    /// The matcher is not present, it does not match on the marks.
81    DontMatch,
82    /// The matcher only matches when the mark is not present.
83    MatchUnmarked,
84    /// The matcher only matches when the mark is set to the given number.
85    MatchMarked(u32),
86}
87
88impl From<MarkMatcher> for Option<fnet_routes_ext::rules::MarkMatcher> {
89    fn from(value: MarkMatcher) -> Self {
90        match value {
91            MarkMatcher::DontMatch => None,
92            MarkMatcher::MatchUnmarked => Some(fnet_routes_ext::rules::MarkMatcher::Unmarked),
93            MarkMatcher::MatchMarked(m) => {
94                Some(fnet_routes_ext::rules::MarkMatcher::Marked { mask: !0, between: m..=m })
95            }
96        }
97    }
98}
99
100// Creates a new route table that has a default route using the given
101// `interface`; Also installs a rule that matches on the given `mark`
102// to lookup the created route table.
103pub async fn add_default_route_for_mark<
104    I: FidlRouteAdminIpExt + FidlRuleAdminIpExt + FidlRouteIpExt,
105>(
106    route_table_provider: &<I::RouteTableProviderMarker as ProtocolMarker>::Proxy,
107    rule_set: &<I::RuleSetMarker as ProtocolMarker>::Proxy,
108    interface: &netemul::TestInterface<'_>,
109    next_hop: Option<SpecifiedAddr<I::Addr>>,
110    index: u32,
111    mark_1: MarkMatcher,
112    mark_2: MarkMatcher,
113) -> <I::RouteSetMarker as ProtocolMarker>::Proxy {
114    let route_table = fnet_routes_ext::admin::new_route_table::<I>(route_table_provider, None)
115        .expect("new route table");
116    let route_set =
117        fnet_routes_ext::admin::new_route_set::<I>(&route_table).expect("new route set");
118    let route_to_add = fnet_routes_ext::Route {
119        destination: Subnet::new(I::UNSPECIFIED_ADDRESS, 0).expect("subnet"),
120        action: fnet_routes_ext::RouteAction::Forward(fnet_routes_ext::RouteTarget::<I> {
121            outbound_interface: interface.id(),
122            next_hop,
123        }),
124        properties: fnet_routes_ext::RouteProperties {
125            specified_properties: fnet_routes_ext::SpecifiedRouteProperties {
126                metric: fnet_routes::SpecifiedMetric::InheritedFromInterface(fnet_routes::Empty),
127            },
128        },
129    };
130    let grant = interface.get_authorization().await.expect("getting grant should succeed");
131    let proof = fnet_interfaces_ext::admin::proof_from_grant(&grant);
132    fnet_routes_ext::admin::authenticate_for_interface::<I>(&route_set, proof)
133        .await
134        .expect("no FIDL error")
135        .expect("authentication should succeed");
136    assert!(fnet_routes_ext::admin::add_route::<I>(
137        &route_set,
138        &route_to_add.try_into().expect("convert to FIDL")
139    )
140    .await
141    .expect("fidl")
142    .expect("add route"));
143    fnet_routes_ext::admin::detach_route_table::<I>(&route_table).await.expect("fidl error");
144
145    let table_id =
146        fnet_routes_ext::admin::get_table_id::<I>(&route_table).await.expect("fidl error");
147
148    let auth = fnet_routes_ext::admin::get_authorization_for_route_table::<I>(&route_table)
149        .await
150        .expect("fidl error");
151    fnet_routes_ext::rules::authenticate_for_route_table::<I>(&rule_set, auth.table_id, auth.token)
152        .await
153        .expect("fidl error")
154        .expect("authentication error");
155    fnet_routes_ext::rules::add_rule::<I>(
156        &rule_set,
157        RuleIndex::new(index),
158        fnet_routes_ext::rules::RuleMatcher {
159            mark_1: mark_1.into(),
160            mark_2: mark_2.into(),
161            ..Default::default()
162        },
163        fnet_routes_ext::rules::RuleAction::Lookup(table_id),
164    )
165    .await
166    .expect("fidl")
167    .expect("add rule");
168
169    route_set
170}
routes_common/common.rs

routes_common/
common.rs
