From 40dd3e332c909702681401c452b65f0600e4f512 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 31 May 2019 18:06:40 +0100 Subject: [PATCH] Added logic and test to match IPv4 local address --- srsue/src/stack/upper/tft_packet_filter.cc | 18 +++--- srsue/test/upper/tft_test.cc | 70 +++++++++++++++++++--- 2 files changed, 70 insertions(+), 18 deletions(-) diff --git a/srsue/src/stack/upper/tft_packet_filter.cc b/srsue/src/stack/upper/tft_packet_filter.cc index 297d33b3d..dab3ccb35 100644 --- a/srsue/src/stack/upper/tft_packet_filter.cc +++ b/srsue/src/stack/upper/tft_packet_filter.cc @@ -37,16 +37,16 @@ tft_packet_filter_t::tft_packet_filter_t(const LIBLTE_MME_PACKET_FILTER_STRUCT& idx++; switch (filter_type) { // IPv4 - case IPV4_REMOTE_ADDR_TYPE: - active_filters = IPV4_REMOTE_ADDR_FLAG; - memcpy(&ipv4_remote_addr, &tft.filter[idx], IPV4_ADDR_SIZE); - idx += IPV4_ADDR_SIZE; - break; case IPV4_LOCAL_ADDR_TYPE: active_filters = IPV4_LOCAL_ADDR_FLAG; memcpy(&ipv4_local_addr, &tft.filter[idx], IPV4_ADDR_SIZE); idx += IPV4_ADDR_SIZE; break; + case IPV4_REMOTE_ADDR_TYPE: + active_filters = IPV4_REMOTE_ADDR_FLAG; + memcpy(&ipv4_remote_addr, &tft.filter[idx], IPV4_ADDR_SIZE); + idx += IPV4_ADDR_SIZE; + break; //IPv6 case IPV6_REMOTE_ADDR_TYPE: break; @@ -118,13 +118,13 @@ bool tft_packet_filter_t::match_ip(const srslte::unique_byte_buffer_t& pdu) if (ip_pkt->version == 4) { // Check match on IPv4 packet - if (active_filters & IPV4_REMOTE_ADDR_TYPE) { - if (memcmp(&ipv4_remote_addr, &ip_pkt->daddr, IPV4_ADDR_SIZE) != 0) { + if (active_filters & IPV4_LOCAL_ADDR_FLAG) { + if (memcmp(&ipv4_local_addr, &ip_pkt->saddr, IPV4_ADDR_SIZE) != 0) { return false; } } - if (active_filters & IPV4_LOCAL_ADDR_TYPE) { - if (memcmp(&ipv4_local_addr, &ip_pkt->saddr, IPV4_ADDR_SIZE) != 0) { + if (active_filters & IPV4_REMOTE_ADDR_FLAG) { + if (memcmp(&ipv4_remote_addr, &ip_pkt->daddr, IPV4_ADDR_SIZE) != 0) { return false; } } diff --git a/srsue/test/upper/tft_test.cc b/srsue/test/upper/tft_test.cc index 8ba338578..d87061dbe 100644 --- a/srsue/test/upper/tft_test.cc +++ b/srsue/test/upper/tft_test.cc @@ -39,6 +39,7 @@ using namespace srsue; using namespace srslte; // IP test message 1 +// Source IP 127.0.0.1, Destination IP 127.0.0.2 // Protocol UDP // Source port 2222, Destination port 2001 uint8_t ip_tst_message1[] = { @@ -50,14 +51,15 @@ uint8_t ip_tst_message1[] = { uint32_t ip_message_len1 = sizeof(ip_tst_message1); // IP test message 2 +// Source IP 172.16.3.40, Destination IP 172.16.3.41 // Protocol UDP // Source port 8000, Destination Port 9000 uint8_t ip_tst_message2[] = { - 0x45, 0x00, 0x00, 0x5c, 0xea, 0x16, 0x40, 0x00, 0x40, 0x11, 0x52, 0x78, 0x7f, 0x00, 0x00, 0x01, 0x7f, 0x00, 0x00, - 0x01, 0x1f, 0x40, 0x23, 0x28, 0x00, 0x48, 0xfe, 0x5b, 0x64, 0x84, 0x35, 0x90, 0x26, 0x9a, 0xe4, 0x45, 0xe1, 0x6f, - 0x67, 0x7a, 0x62, 0x39, 0xb6, 0x73, 0x00, 0x99, 0x39, 0x30, 0x1c, 0xdd, 0xf3, 0x18, 0xa0, 0xd4, 0x7a, 0x02, 0x78, - 0x42, 0x0a, 0x5b, 0xc2, 0xbc, 0xd6, 0x2f, 0xe0, 0x3a, 0x76, 0xf8, 0x37, 0xdf, 0x06, 0x01, 0xac, 0xf7, 0x6f, 0x57, - 0xf3, 0x39, 0x1e, 0x65, 0x5d, 0xa7, 0xaf, 0x84, 0xcc, 0x6b, 0x00, 0x65, 0x3c, 0xf4, 0x4d, 0xf2}; + 0x45, 0x00, 0x00, 0x5c, 0x7a, 0x02, 0x40, 0x00, 0x40, 0x11, 0x62, 0x1d, 0xac, 0x10, 0x03, 0x28, 0xac, 0x10, 0x03, + 0x29, 0x1f, 0x40, 0x23, 0x28, 0x00, 0x48, 0x5e, 0xcb, 0xcc, 0x29, 0x54, 0x9a, 0xf5, 0x18, 0xab, 0x86, 0x8b, 0x5e, + 0x5c, 0xc8, 0x80, 0x55, 0x85, 0xd4, 0xcd, 0x25, 0xa2, 0x94, 0x28, 0xcc, 0xbc, 0xa4, 0xe6, 0x69, 0xcc, 0x45, 0x0c, + 0x9e, 0xb4, 0xf3, 0x78, 0xaf, 0xa0, 0xba, 0xcf, 0xd1, 0xd2, 0xce, 0x7d, 0x7f, 0x94, 0x4a, 0x73, 0xd4, 0x2d, 0xd2, + 0x88, 0x29, 0x60, 0x02, 0xde, 0x41, 0x11, 0xc2, 0xaa, 0x5e, 0x9e, 0x27, 0x74, 0xa5, 0xd3, 0x19}; uint32_t ip_message_len2 = sizeof(ip_tst_message2); int tft_filter_test_single_local_port() @@ -105,7 +107,7 @@ int tft_filter_test_single_local_port() TESTASSERT(filter.match(ip_msg1)); TESTASSERT(!filter.match(ip_msg2)); - printf("Test NAS Activate Dedicated EPS Bearer Context Request successfull\n"); + printf("Test TFT filter single local port successfull\n"); return 0; } @@ -121,8 +123,7 @@ int tft_filter_test_single_remote_port() ip_msg2 = allocate_unique_buffer(*pool); // Filter length: 3 bytes - // Filter type: Single local port - // Local port: 2222 + // Filter type: Single remote port // Remote port: 2001 uint8_t filter_message[3]; filter_message[0] = SINGLE_REMOTE_PORT_TYPE; @@ -154,10 +155,58 @@ int tft_filter_test_single_remote_port() TESTASSERT(filter.match(ip_msg1)); TESTASSERT(!filter.match(ip_msg2)); - printf("Test NAS Activate Dedicated EPS Bearer Context Request successfull\n"); + printf("Test TFT packet filter single remote port successfull\n"); return 0; } +int tft_filter_test_ipv4_local_addr() +{ + srslte::log_filter log1("TFT"); + log1.set_level(srslte::LOG_LEVEL_DEBUG); + log1.set_hex_limit(128); + + srslte::byte_buffer_pool *pool = srslte::byte_buffer_pool::get_instance(); + srslte::unique_byte_buffer_t ip_msg1, ip_msg2; + ip_msg1 = allocate_unique_buffer(*pool); + ip_msg2 = allocate_unique_buffer(*pool); + + // Filter length: 5 bytes + // Filter type: IPv4 local address + // Local address: 127.0.0.1 + uint8_t filter_message[5]; + uint8_t filter_size = 5; + filter_message[0] = IPV4_LOCAL_ADDR_TYPE; + inet_pton(AF_INET, "127.0.0.1", &filter_message[1]); + + // Set IP test message + ip_msg1->N_bytes = ip_message_len1; + memcpy(ip_msg1->msg, ip_tst_message1, ip_message_len1); + log1.info_hex(ip_msg1->msg, ip_msg1->N_bytes, "IP test message\n"); + + + // Set IP test message + ip_msg2->N_bytes = ip_message_len2; + memcpy(ip_msg2->msg, ip_tst_message2, ip_message_len1); + log1.info_hex(ip_msg2->msg, ip_msg2->N_bytes, "IP test message\n"); + + // Packet filter + LIBLTE_MME_PACKET_FILTER_STRUCT packet_filter; + + packet_filter.dir = LIBLTE_MME_TFT_PACKET_FILTER_DIRECTION_BIDIRECTIONAL; + packet_filter.id = 1; + packet_filter.eval_precedence = 0; + packet_filter.filter_size = filter_size; + memcpy(packet_filter.filter, filter_message, filter_size); + + srsue::tft_packet_filter_t filter(packet_filter); + + // Check filter + TESTASSERT(filter.match(ip_msg1)); + TESTASSERT(!filter.match(ip_msg2)); + + printf("Test TFT packet filter local IPv4 address successfull\n"); + return 0; +} int main(int argc, char **argv) { srslte::byte_buffer_pool::get_instance(); @@ -167,5 +216,8 @@ int main(int argc, char **argv) if (tft_filter_test_single_remote_port()) { return -1; } + if (tft_filter_test_ipv4_local_addr()) { + return -1; + } srslte::byte_buffer_pool::cleanup(); }