From 32bb1759b02b1e500f36d12cf6c6131ae4ff18e1 Mon Sep 17 00:00:00 2001 From: Kiran Shastri Date: Thu, 18 Apr 2024 22:14:43 -0400 Subject: [PATCH] Fix prefixlen matching in prunefilter Incorrect field was being used for ip prefixlen in prunefilter. Signed-off-by: Kiran Shastri (cherry picked from commit 3d7cc7320312fd9a77740529afb8786208fa72c0) --- agent-ovs/ovs/include/PacketLogHandler.h | 4 +- agent-ovs/ovs/test/PacketDecoder_test.cpp | 45 +++++++++++++++++++++++ 2 files changed, 47 insertions(+), 2 deletions(-) diff --git a/agent-ovs/ovs/include/PacketLogHandler.h b/agent-ovs/ovs/include/PacketLogHandler.h index b4b966ea..d13578f8 100644 --- a/agent-ovs/ovs/include/PacketLogHandler.h +++ b/agent-ovs/ovs/include/PacketLogHandler.h @@ -235,7 +235,7 @@ class PacketFilterSpec: public PacketTuple { if(!prefixLen.empty()) { pfxLen = stoul(prefixLen); } - if((pfxLen > 32) || (pfxLen == 0)) + if((pfxLen > 128) || (pfxLen == 0)) return false; return network::prefix_match( addr1, pfxLen, addr2, pfxLen, is_exact_match); @@ -281,7 +281,7 @@ class PacketFilterSpec: public PacketTuple { for (auto &i:ip_fields) { if(!fields[i].second.empty()) { if(!compareIps(fields[i].second,p.fields[i].second, - fields[i+8].second)) { + fields[i+7].second)) { return false; } } diff --git a/agent-ovs/ovs/test/PacketDecoder_test.cpp b/agent-ovs/ovs/test/PacketDecoder_test.cpp index 640e44e9..6aacfda5 100644 --- a/agent-ovs/ovs/test/PacketDecoder_test.cpp +++ b/agent-ovs/ovs/test/PacketDecoder_test.cpp @@ -371,4 +371,49 @@ BOOST_FIXTURE_TEST_CASE(user_prune_tests, PacketDecoderFixture) { pktLogger.pruneLog(p3); BOOST_CHECK(p3.pruneLog == true); } + +BOOST_FIXTURE_TEST_CASE(user_prune_ip_prefix_tests, PacketDecoderFixture) { + auto pktDecoder = pktLogger.getDecoder(); + std::shared_ptr filt1(new PacketFilterSpec()); + ParseInfo p3(&pktDecoder); + filt1->setField(TFLD_SRC_IP,"14.0.0.0"); + filt1->setField(TFLD_SPFX_LEN,"24"); + filt1->setField(TFLD_DST_IP,"100.0.0.0"); + filt1->setField(TFLD_DPFX_LEN,"24"); + filt1->setField(TFLD_IP_PROTO,"17"); + pktLogger.updatePruneFilter("filt1",filt1); + int ret = pktDecoder.decode(udp_buf, 66, p3); + BOOST_CHECK(ret == 0); + pktLogger.pruneLog(p3); + BOOST_CHECK(p3.pruneLog == true); + pktLogger.deletePruneFilter("filt1"); + filt1.reset(new PacketFilterSpec()); + filt1->setField(TFLD_SRC_IP,"14.0.0.0"); + filt1->setField(TFLD_DST_IP,"100.0.0.0"); + pktLogger.updatePruneFilter("filt2",filt1); + pktLogger.pruneLog(p3); + BOOST_CHECK(p3.pruneLog == false); + ParseInfo p4(&pktDecoder); + ret = pktDecoder.decode(udpv6_buf, 86, p4); + BOOST_CHECK(ret == 0); + pktLogger.pruneLog(p4); + BOOST_CHECK(p4.pruneLog == false); + pktLogger.deletePruneFilter("filt1"); + filt1.reset(new PacketFilterSpec()); + filt1->setField(TFLD_SRC_IP,"fe80::a00:27ff:fefe:8f95"); + filt1->setField(TFLD_DST_IP,"ff02::1:2"); + pktLogger.updatePruneFilter("filt3",filt1); + pktLogger.pruneLog(p4); + BOOST_CHECK(p4.pruneLog == true); + pktLogger.deletePruneFilter("filt1"); + filt1.reset(new PacketFilterSpec()); + filt1->setField(TFLD_SRC_IP,"fe80::"); + filt1->setField(TFLD_SPFX_LEN,"64"); + filt1->setField(TFLD_DST_IP,"ff02::1:0"); + filt1->setField(TFLD_DPFX_LEN,"120"); + pktLogger.updatePruneFilter("filt4",filt1); + pktLogger.pruneLog(p4); + BOOST_CHECK(p4.pruneLog == true); +} + BOOST_AUTO_TEST_SUITE_END()