diff options
-rw-r--r-- | pkg/tcpip/network/ipv4/ipv4.go | 8 | ||||
-rw-r--r-- | pkg/tcpip/network/ipv6/ipv6.go | 8 | ||||
-rw-r--r-- | pkg/tcpip/tests/integration/loopback_test.go | 208 | ||||
-rw-r--r-- | pkg/tcpip/tests/integration/route_test.go | 8 |
4 files changed, 116 insertions, 116 deletions
diff --git a/pkg/tcpip/network/ipv4/ipv4.go b/pkg/tcpip/network/ipv4/ipv4.go index a43107d30..a1660e9a3 100644 --- a/pkg/tcpip/network/ipv4/ipv4.go +++ b/pkg/tcpip/network/ipv4/ipv4.go @@ -641,7 +641,7 @@ func (e *endpoint) HandlePacket(pkt *stack.PacketBuffer) { } if !e.nic.IsLoopback() { - if e.protocol.options.DropExternalLoopbackTraffic { + if !e.protocol.options.AllowExternalLoopbackTraffic { if header.IsV4LoopbackAddress(h.SourceAddress()) { stats.InvalidSourceAddressesReceived.Increment() return @@ -1230,9 +1230,9 @@ type Options struct { // IGMP holds options for IGMP. IGMP IGMPOptions - // DropExternalLoopbackTraffic indicates that inbound loopback packets (i.e. - // martian loopback packets) should be dropped. - DropExternalLoopbackTraffic bool + // AllowExternalLoopbackTraffic indicates that inbound loopback packets (i.e. + // martian loopback packets) should be accepted. + AllowExternalLoopbackTraffic bool } // NewProtocolWithOptions returns an IPv4 network protocol. diff --git a/pkg/tcpip/network/ipv6/ipv6.go b/pkg/tcpip/network/ipv6/ipv6.go index b94cb428f..83e98bab9 100644 --- a/pkg/tcpip/network/ipv6/ipv6.go +++ b/pkg/tcpip/network/ipv6/ipv6.go @@ -931,7 +931,7 @@ func (e *endpoint) HandlePacket(pkt *stack.PacketBuffer) { } if !e.nic.IsLoopback() { - if e.protocol.options.DropExternalLoopbackTraffic { + if !e.protocol.options.AllowExternalLoopbackTraffic { if header.IsV6LoopbackAddress(h.SourceAddress()) { stats.InvalidSourceAddressesReceived.Increment() return @@ -2071,9 +2071,9 @@ type Options struct { // DADConfigs holds the default DAD configurations used by IPv6 endpoints. DADConfigs stack.DADConfigurations - // DropExternalLoopbackTraffic indicates that inbound loopback packets (i.e. - // martian loopback packets) should be dropped. - DropExternalLoopbackTraffic bool + // AllowExternalLoopbackTraffic indicates that inbound loopback packets (i.e. + // martian loopback packets) should be accepted. + AllowExternalLoopbackTraffic bool } // NewProtocolWithOptions returns an IPv6 network protocol. diff --git a/pkg/tcpip/tests/integration/loopback_test.go b/pkg/tcpip/tests/integration/loopback_test.go index 0a9ea1aa8..6462e9d42 100644 --- a/pkg/tcpip/tests/integration/loopback_test.go +++ b/pkg/tcpip/tests/integration/loopback_test.go @@ -540,141 +540,141 @@ func TestExternalLoopbackTraffic(t *testing.T) { } tests := []struct { - name string - dropExternalLoopback bool - forwarding bool - rxICMP func(*channel.Endpoint) - invalidAddressStat func(tcpip.IPStats) *tcpip.StatCounter - shouldAccept bool + name string + allowExternalLoopback bool + forwarding bool + rxICMP func(*channel.Endpoint) + invalidAddressStat func(tcpip.IPStats) *tcpip.StatCounter + shouldAccept bool }{ { - name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: false, - rxICMP: loopbackSourcedICMPv4, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: true, + name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: false, + rxICMP: loopbackSourcedICMPv4, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: true, }, { - name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: false, - rxICMP: loopbackSourcedICMPv4, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: false, + name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: false, + rxICMP: loopbackSourcedICMPv4, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: false, }, { - name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: true, - rxICMP: loopbackSourcedICMPv4, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: true, + name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: true, + rxICMP: loopbackSourcedICMPv4, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: true, }, { - name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: true, - rxICMP: loopbackSourcedICMPv4, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: false, + name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: true, + rxICMP: loopbackSourcedICMPv4, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: false, }, { - name: "IPv4 external loopback destined traffic without forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: false, - rxICMP: loopbackDestinedICMPv4, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: false, + name: "IPv4 external loopback destined traffic without forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: false, + rxICMP: loopbackDestinedICMPv4, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: false, }, { - name: "IPv4 external loopback destined traffic without forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: false, - rxICMP: loopbackDestinedICMPv4, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: false, + name: "IPv4 external loopback destined traffic without forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: false, + rxICMP: loopbackDestinedICMPv4, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: false, }, { - name: "IPv4 external loopback destined traffic with forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: true, - rxICMP: loopbackDestinedICMPv4, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: true, + name: "IPv4 external loopback destined traffic with forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: true, + rxICMP: loopbackDestinedICMPv4, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: true, }, { - name: "IPv4 external loopback destined traffic with forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: true, - rxICMP: loopbackDestinedICMPv4, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: false, + name: "IPv4 external loopback destined traffic with forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: true, + rxICMP: loopbackDestinedICMPv4, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: false, }, { - name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: false, - rxICMP: loopbackSourcedICMPv6, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: true, + name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: false, + rxICMP: loopbackSourcedICMPv6, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: true, }, { - name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: false, - rxICMP: loopbackSourcedICMPv6, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: false, + name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: false, + rxICMP: loopbackSourcedICMPv6, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: false, }, { - name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: true, - rxICMP: loopbackSourcedICMPv6, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: true, + name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: true, + rxICMP: loopbackSourcedICMPv6, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: true, }, { - name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: true, - rxICMP: loopbackSourcedICMPv6, - invalidAddressStat: invalidSrcAddrStat, - shouldAccept: false, + name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: true, + rxICMP: loopbackSourcedICMPv6, + invalidAddressStat: invalidSrcAddrStat, + shouldAccept: false, }, { - name: "IPv6 external loopback destined traffic without forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: false, - rxICMP: loopbackDestinedICMPv6, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: false, + name: "IPv6 external loopback destined traffic without forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: false, + rxICMP: loopbackDestinedICMPv6, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: false, }, { - name: "IPv6 external loopback destined traffic without forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: false, - rxICMP: loopbackDestinedICMPv6, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: false, + name: "IPv6 external loopback destined traffic without forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: false, + rxICMP: loopbackDestinedICMPv6, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: false, }, { - name: "IPv6 external loopback destined traffic with forwarding and drop external loopback disabled", - dropExternalLoopback: false, - forwarding: true, - rxICMP: loopbackDestinedICMPv6, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: true, + name: "IPv6 external loopback destined traffic with forwarding and drop external loopback disabled", + allowExternalLoopback: true, + forwarding: true, + rxICMP: loopbackDestinedICMPv6, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: true, }, { - name: "IPv6 external loopback destined traffic with forwarding and drop external loopback enabled", - dropExternalLoopback: true, - forwarding: true, - rxICMP: loopbackDestinedICMPv6, - invalidAddressStat: invalidDestAddrStat, - shouldAccept: false, + name: "IPv6 external loopback destined traffic with forwarding and drop external loopback enabled", + allowExternalLoopback: false, + forwarding: true, + rxICMP: loopbackDestinedICMPv6, + invalidAddressStat: invalidDestAddrStat, + shouldAccept: false, }, } @@ -683,10 +683,10 @@ func TestExternalLoopbackTraffic(t *testing.T) { s := stack.New(stack.Options{ NetworkProtocols: []stack.NetworkProtocolFactory{ ipv4.NewProtocolWithOptions(ipv4.Options{ - DropExternalLoopbackTraffic: test.dropExternalLoopback, + AllowExternalLoopbackTraffic: test.allowExternalLoopback, }), ipv6.NewProtocolWithOptions(ipv6.Options{ - DropExternalLoopbackTraffic: test.dropExternalLoopback, + AllowExternalLoopbackTraffic: test.allowExternalLoopback, }), }, TransportProtocols: []stack.TransportProtocolFactory{icmp.NewProtocol4, icmp.NewProtocol6}, diff --git a/pkg/tcpip/tests/integration/route_test.go b/pkg/tcpip/tests/integration/route_test.go index 568a982bb..ed499179f 100644 --- a/pkg/tcpip/tests/integration/route_test.go +++ b/pkg/tcpip/tests/integration/route_test.go @@ -162,15 +162,15 @@ func TestLocalPing(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - for _, dropExternalLoopback := range []bool{true, false} { - t.Run(fmt.Sprintf("DropExternalLoopback=%t", dropExternalLoopback), func(t *testing.T) { + for _, allowExternalLoopback := range []bool{true, false} { + t.Run(fmt.Sprintf("AllowExternalLoopback=%t", allowExternalLoopback), func(t *testing.T) { s := stack.New(stack.Options{ NetworkProtocols: []stack.NetworkProtocolFactory{ ipv4.NewProtocolWithOptions(ipv4.Options{ - DropExternalLoopbackTraffic: dropExternalLoopback, + AllowExternalLoopbackTraffic: allowExternalLoopback, }), ipv6.NewProtocolWithOptions(ipv6.Options{ - DropExternalLoopbackTraffic: dropExternalLoopback, + AllowExternalLoopbackTraffic: allowExternalLoopback, }), }, TransportProtocols: []stack.TransportProtocolFactory{icmp.NewProtocol4, icmp.NewProtocol6}, |