vnet tests: tcp cage scripts.

author: Joe Crayne <joe@jerkface.net> 2020-01-24 00:12:57 -0500
committer: Joe Crayne <joe@jerkface.net> 2020-01-24 03:01:27 -0500
commit: 140381ff489213ce890e660ae37a18ae7587c4fb (patch)
tree: 3dd7649091e324935051e1d3cd3ff242f1997395
parent: ebacfa8f8cbd8b5cc3a1995188cc2cc8c260d76e (diff)
3 files changed, 60 insertions, 0 deletions
diff --git a/dht/vnet/tcp-build.sh b/dht/vnet/tcp-build.sh
new file mode 100755
index 00000000..fc88cb29
--- /dev/null
+++ b/dht/vnet/tcp-build.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+digit=${1:-0}
+iface=$(ip route | awk '/^default/{ if ($4 == "dev") print($5); }')
+iface=${iface:-wlan0}
+num=$(ip addr show $iface | sed -n '/\s\+inet 192/ s/\s\+inet 192\.168\.[0-9]*\.\([0-9]*\).*$/\1/ p')
+num=${num:-88}
+dd=$(( 59 - $digit ))
+set -x
+ip link add tcp$digit type veth peer name tcpp$digit
+ip netns add tcpp$digit; ip link set tcpp$digit netns tcpp$digit
+nsenter --net=/var/run/netns/tcpp$digit ip addr add 127.0.0.1/8 dev lo
+nsenter --net=/var/run/netns/tcpp$digit ip addr add ::1/128 dev lo
+nsenter --net=/var/run/netns/tcpp$digit ip link set up dev lo
+ip addr add $dd.$num.99.98/31 dev tcp$digit
+ip link set up dev tcp$digit
+nsenter --net=/var/run/netns/tcpp$digit ip addr add $dd.$num.99.99/31 dev tcpp$digit
+nsenter --net=/var/run/netns/tcpp$digit ip link set up dev tcpp$digit
+nsenter --net=/var/run/netns/tcpp$digit ip route add default via $dd.$num.99.98
+nsenter --net=/var/run/netns/tcpp$digit iptables -A OUTPUT -p udp -j DROP
+nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -j DROP
+iptables -I FORWARD 1 -i tcp$digit -o $iface -j DROP
diff --git a/dht/vnet/tcp-clean.sh b/dht/vnet/tcp-clean.sh
new file mode 100755
index 00000000..7ee0bcbd
--- /dev/null
+++ b/dht/vnet/tcp-clean.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+digit=${1:-0}
+set -x
+iptables -D FORWARD -i tcp$digit -o $iface -j DROP
+nsenter --net=/var/run/netns/tcpp$digit iptables -D INPUT -j DROP
+nsenter --net=/var/run/netns/tcpp$digit iptables -D INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+nsenter --net=/var/run/netns/tcpp$digit iptables -D OUTPUT -p udp -j DROP
+ip link del tcp$digit
+ip netns del tcpp$digit
diff --git a/dht/vnet/tcp-enter.sh b/dht/vnet/tcp-enter.sh
new file mode 100755
index 00000000..970485ed
--- /dev/null
+++ b/dht/vnet/tcp-enter.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+cmd="$@"
+digit=0
+user=$(id -un)
+cmd=${cmd:-bash}
+tmp=/tmp/env.$$
+mkdir -p $tmp
+echo $user > $tmp/USER
+echo $HOME > $tmp/HOME
+echo tcp$digit > $tmp/debian_chroot
+sudo -E nsenter --net=/var/run/netns/tcpp$digit chpst -e $tmp -u $user:$user:sudo $cmd
+rm $tmp/USER
+rm $tmp/HOME
+rm $tmp/debian_chroot
+rmdir $tmp
author	Joe Crayne <joe@jerkface.net>	2020-01-24 00:12:57 -0500
committer	Joe Crayne <joe@jerkface.net>	2020-01-24 03:01:27 -0500
commit	140381ff489213ce890e660ae37a18ae7587c4fb (patch)
tree	3dd7649091e324935051e1d3cd3ff242f1997395
parent	ebacfa8f8cbd8b5cc3a1995188cc2cc8c260d76e (diff)

diff --git a/dht/vnet/tcp-build.sh b/dht/vnet/tcp-build.sh new file mode 100755 index 00000000..fc88cb29 --- /dev/null +++ b/dht/vnet/tcp-build.sh
@@ -0,0 +1,32 @@
	1	#!/bin/sh
	2
	3	digit=${1:-0}
	4
	5	iface=$(ip route \| awk '/^default/{ if ($4 == "dev") print($5); }')
	6	iface=${iface:-wlan0}
	7	num=$(ip addr show $iface \| sed -n '/\s\+inet 192/ s/\s\+inet 192\.168\.[0-9]\.\([0-9]\).*$/\1/ p')
	8	num=${num:-88}
	9
	10	dd=$(( 59 - $digit ))
	11
	12
	13	set -x
	14
	15	ip link add tcp$digit type veth peer name tcpp$digit
	16	ip netns add tcpp$digit; ip link set tcpp$digit netns tcpp$digit
	17
	18	nsenter --net=/var/run/netns/tcpp$digit ip addr add 127.0.0.1/8 dev lo
	19	nsenter --net=/var/run/netns/tcpp$digit ip addr add ::1/128 dev lo
	20	nsenter --net=/var/run/netns/tcpp$digit ip link set up dev lo
	21
	22	ip addr add $dd.$num.99.98/31 dev tcp$digit
	23	ip link set up dev tcp$digit
	24
	25	nsenter --net=/var/run/netns/tcpp$digit ip addr add $dd.$num.99.99/31 dev tcpp$digit
	26	nsenter --net=/var/run/netns/tcpp$digit ip link set up dev tcpp$digit
	27	nsenter --net=/var/run/netns/tcpp$digit ip route add default via $dd.$num.99.98
	28
	29	nsenter --net=/var/run/netns/tcpp$digit iptables -A OUTPUT -p udp -j DROP
	30	nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
	31	nsenter --net=/var/run/netns/tcpp$digit iptables -A INPUT -j DROP
	32	iptables -I FORWARD 1 -i tcp$digit -o $iface -j DROP


diff --git a/dht/vnet/tcp-clean.sh b/dht/vnet/tcp-clean.sh new file mode 100755 index 00000000..7ee0bcbd --- /dev/null +++ b/dht/vnet/tcp-clean.sh
@@ -0,0 +1,13 @@
	1	#!/bin/sh
	2
	3	digit=${1:-0}
	4
	5	set -x
	6
	7	iptables -D FORWARD -i tcp$digit -o $iface -j DROP
	8	nsenter --net=/var/run/netns/tcpp$digit iptables -D INPUT -j DROP
	9	nsenter --net=/var/run/netns/tcpp$digit iptables -D INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
	10	nsenter --net=/var/run/netns/tcpp$digit iptables -D OUTPUT -p udp -j DROP
	11
	12	ip link del tcp$digit
	13	ip netns del tcpp$digit


diff --git a/dht/vnet/tcp-enter.sh b/dht/vnet/tcp-enter.sh new file mode 100755 index 00000000..970485ed --- /dev/null +++ b/dht/vnet/tcp-enter.sh
@@ -0,0 +1,15 @@
	1	#!/bin/sh
	2	cmd="$@"
	3	digit=0
	4	user=$(id -un)
	5	cmd=${cmd:-bash}
	6	tmp=/tmp/env.$$
	7	mkdir -p $tmp
	8	echo $user > $tmp/USER
	9	echo $HOME > $tmp/HOME
	10	echo tcp$digit > $tmp/debian_chroot
	11	sudo -E nsenter --net=/var/run/netns/tcpp$digit chpst -e $tmp -u $user:$user:sudo $cmd
	12	rm $tmp/USER
	13	rm $tmp/HOME
	14	rm $tmp/debian_chroot
	15	rmdir $tmp