summaryrefslogtreecommitdiff
path: root/filter/test.conf
diff options
context:
space:
mode:
Diffstat (limited to 'filter/test.conf')
-rw-r--r--filter/test.conf92
1 files changed, 71 insertions, 21 deletions
diff --git a/filter/test.conf b/filter/test.conf
index 16ef7a86..18aeaae1 100644
--- a/filter/test.conf
+++ b/filter/test.conf
@@ -1139,30 +1139,80 @@ int j;
accept "ok I take that";
}
-/*
-roa table rl
+roa4 table r4;
+roa6 table r6;
+
+protocol static
+{
+ roa4 { table r4; };
+ route 10.110.0.0/16 max 16 as 1000 blackhole;
+ route 10.120.0.0/16 max 24 as 1000 blackhole ;
+ route 10.130.0.0/16 max 24 as 2000 blackhole;
+ route 10.130.128.0/18 max 24 as 3000 blackhole;
+}
+
+protocol static
{
- roa 10.110.0.0/16 max 16 as 1000;
- roa 10.120.0.0/16 max 24 as 1000;
- roa 10.130.0.0/16 max 24 as 2000;
- roa 10.130.128.0/18 max 24 as 3000;
+ roa6 { table r6; };
+ route 2001:0db8:85a3:8a2e::/64 max 96 as 1000 blackhole;
}
-function test_roa()
+function test_roa_check()
{
# cannot be tested in __startup(), sorry
- print "Testing ROA";
- print "Should be true: ", roa_check(rl, 10.10.0.0/16, 1000) = ROA_UNKNOWN,
- " ", roa_check(rl, 10.0.0.0/8, 1000) = ROA_UNKNOWN,
- " ", roa_check(rl, 10.110.0.0/16, 1000) = ROA_VALID,
- " ", roa_check(rl, 10.110.0.0/16, 2000) = ROA_INVALID,
- " ", roa_check(rl, 10.110.32.0/20, 1000) = ROA_INVALID,
- " ", roa_check(rl, 10.120.32.0/20, 1000) = ROA_VALID;
- print "Should be true: ", roa_check(rl, 10.120.32.0/20, 2000) = ROA_INVALID,
- " ", roa_check(rl, 10.120.32.32/28, 1000) = ROA_INVALID,
- " ", roa_check(rl, 10.130.130.0/24, 1000) = ROA_INVALID,
- " ", roa_check(rl, 10.130.130.0/24, 2000) = ROA_VALID,
- " ", roa_check(rl, 10.130.30.0/24, 3000) = ROA_INVALID,
- " ", roa_check(rl, 10.130.130.0/24, 3000) = ROA_VALID;
+ print "Should be true: ", roa_check(r4, 10.10.0.0/16, 1000) = ROA_UNKNOWN,
+ " ", roa_check(r4, 10.0.0.0/8, 1000) = ROA_UNKNOWN,
+ " ", roa_check(r4, 10.110.0.0/16, 1000) = ROA_VALID,
+ " ", roa_check(r4, 10.110.0.0/16, 2000) = ROA_INVALID,
+ " ", roa_check(r4, 10.110.32.0/20, 1000) = ROA_INVALID,
+ " ", roa_check(r4, 10.120.32.0/20, 1000) = ROA_VALID;
+ print "Should be true: ", roa_check(r4, 10.120.32.0/20, 2000) = ROA_INVALID,
+ " ", roa_check(r4, 10.120.32.32/28, 1000) = ROA_INVALID,
+ " ", roa_check(r4, 10.130.130.0/24, 1000) = ROA_INVALID,
+ " ", roa_check(r4, 10.130.130.0/24, 2000) = ROA_VALID,
+ " ", roa_check(r4, 10.130.30.0/24, 3000) = ROA_INVALID,
+ " ", roa_check(r4, 10.130.130.0/24, 3000) = ROA_VALID;
+ print "Should be true: ", roa_check(r6, 2001:0db8:85a3:8a2e:1234::/80, 1000) = ROA_VALID,
+ " ", roa_check(r6, 2001:0db8:85a3:8a2e:1234::/97, 1000) = ROA_INVALID,
+ " ", roa_check(r6, 2001:0db8:85a3:8a2e::/64, 1000) = ROA_VALID,
+ " ", roa_check(r6, 2001:0db8:85a3::/48, 1000) = ROA_UNKNOWN;
+
+ print "Should be true: ", roa_check(r4, 10.10.0.0/16, 1000) = ROA_UNKNOWN,
+ " ", roa_check(r4, 10.0.0.0/8, 1000) = ROA_UNKNOWN,
+ " ", roa_check(r4, 10.110.0.0/16, 1000) = ROA_VALID,
+ " ", roa_check(r4, 10.110.0.0/16, 2000) = ROA_INVALID,
+ " ", roa_check(r4, 10.110.32.0/20, 1000) = ROA_INVALID,
+ " ", roa_check(r4, 10.120.32.0/20, 1000) = ROA_VALID;
+
+ print "Should be true: ", roa_check(r6, 2001:0db8:85a3:8a2e:1234::/80, 1000) = ROA_VALID,
+ " ", roa_check(r6, 2001:0db8:85a3:8a2e:1234::/97, 1000) = ROA_INVALID,
+ " ", roa_check(r6, 2001:0db8:85a3:8a2e::/64, 1000) = ROA_VALID,
+ " ", roa_check(r6, 2001:0db8:85a3::/48, 1000) = ROA_UNKNOWN;
+
+ print "Should be true: ", roa_check(r4, 2001:0db8:85a3:8a2e:1234::/97, 1000) = ROA_INVALID ||
+ roa_check(r6, 2001:0db8:85a3:8a2e:1234::/97, 1000) = ROA_INVALID;
+
+ print "Should be false: ", roa_check(r4, 2001:0db8:85a3:8a2e:1234::/80, 1000) = ROA_INVALID ||
+ roa_check(r6, 2001:0db8:85a3:8a2e:1234::/80, 1000) = ROA_INVALID,
+ " ", roa_check(r4, 2001:0db8:85a3::/48, 1000) = ROA_INVALID ||
+ roa_check(r6, 2001:0db8:85a3::/48, 1000) = ROA_INVALID;
+
+ print "Should be true: ", 10.130.130.0/24 ~ 0.0.0.0/0,
+ " ", 2001:0db8:85a3:8a2e::/64 ~ ::/0;
+ print "Should be false: ", 10.130.130.0/24 ~ ::/0,
+ " ", 2001:0db8:85a3:8a2e::/64 ~ 0.0.0.0/0;
+}
+
+function roa_operators_test()
+prefix pfx;
+{
+ print "Testing ROA prefix operators '.maxlen' and '.asn':";
+
+ pfx = 12.13.0.0/16 max 24 as 1234;
+ print pfx;
+ print "Should be true: ", pfx.len = 16, " ", pfx.maxlen = 24, " ", pfx.asn = 1234;
+
+ pfx = 1000::/8 max 32 as 1234;
+ print pfx;
+ print "Should be true: ", pfx.len = 8, " ", pfx.maxlen = 32, " ", pfx.asn = 1234;
}
-*/ \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-21 15:39:36 +0000