Commit Graph

280 Commits (05523bdcdd19ef14ec2936d94766842ac880de99)

Author SHA1 Message Date
David Anderson 45578b47f3 tstest/natlab: refactor PacketHandler into a larger interface.
The new interface lets implementors more precisely distinguish
local traffic from forwarded traffic, and applies different
forwarding logic within Machines for each type. This allows
Machines to be packet forwarders, which didn't quite work
with the implementation of Inject.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 23123907c0 tstest/natlab: add a configurable SNAT44 translator.
This lets us implement the most common kinds of NAT in the wild.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 39ecb37fd6 tstest/natlab: support different firewall selectivities.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 88e8456e9b wgengine/magicsock: add a connectivity test for facing firewalls.
The test demonstrates that magicsock can traverse two stateful
firewalls facing each other, that each require localhost to
initiate connections.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson b3d65ba943 tstest/natlab: refactor, expose a Packet type.
HandlePacket and Inject now receive/take Packets. This is a handy
container for the packet, and the attached Trace method can be used
to print traces from custom packet handlers that integrate nicely
with natlab's internal traces.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 5eedbcedd1 tstest/natlab: add a stateful firewall.
The firewall provides a ProcessPacket handler, and implements an
address-and-port endpoint dependent firewall that allows all
traffic to egress from the trusted interface, and only allows
inbound traffic if corresponding outbound traffic was previously
seen.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 0ed9f62ed0 tstest/natlab: provide inbound interface to HandlePacket.
Requires a bunch of refactoring so that Networks only ever
refer to Interfaces that have been attached to them, and
Interfaces know about both their Network and Machine.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 6c74065053 wgengine/magicsock, tstest/natlab: start hooking up natlab to magicsock
Also adds ephemeral port support to natlab.

Work in progress.

Pairing with @danderson.
4 years ago
Brad Fitzpatrick 7883e5c5e7 go.mod: restore staticcheck module, make it stick around, go mod tidy
It kept coming & going as different people ran go mod tidy and others
ran staticcheck.

Make it stop going away with go mod tidy by adding a dep to it.
4 years ago
David Anderson 0aea087766 tstest/natlab: add PacketHandler and Inject.
Together, they can be used to plug custom packet processors into
Machines.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 73db7e99ab tstest/natlab: make Machine constructible directly.
This is a prelude to adding more fields, which would otherwise
become more unnamed function params.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson d94593e884 tstest/natlab: unregister conn4 if registration of conn6 fails.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson d7bc4ec029 tstest/natlab: use common helper for conn registration.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 80a14c49c6 tstest/natlab: add comments to conns4/conns6.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson c53b154171 tstest/natlab: use &Network in test.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 622c0d0cb3 tstest/natlab: print trace data when NATLAB_TRACE is set.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 1d4f9852a7 tstest/natlab: correctly handle dual-stacked PacketConns.
Adds a test with multiple networks, one of which is v4-only.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson 771eb05bcb tstest/natlab: first network attached becomes the default route.
Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
David Anderson f2e5da916a tstest/natlab: allow sensible default construction of networks.
Add a test for LAN->LAN traffic.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 97910ce712 tstest/natlab: remove unused PacketConner type 4 years ago
Brad Fitzpatrick 14b4213c17 tstest/natlab: add missing tests from earlier commits
Now you can actually see that packet delivery works.

Pairing with @danderson
4 years ago
Brad Fitzpatrick 3f4f1cfe66 tstest/natlab: basic NAT-free packet delivery works
Pairing with @danderson
4 years ago
Brad Fitzpatrick a477e70632 tstest/natlab: network address allocation
Pairing with @danderson
4 years ago
Brad Fitzpatrick bb1a9e4700 tstest/natlab: bit more of in-memory network testing package
Pairing with @danderson
4 years ago
Brad Fitzpatrick 23c93da942 tstest/natlab: start of in-memory network testing package
Pairing with @danderson
4 years ago
Brad Fitzpatrick 5ec7ac1d02 tstest: document PanicOnLog 5 years ago
Avery Pennarun 4f128745d8 magicsock/test: oops, fix a data race in nested-test logf hack.
Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
5 years ago
Avery Pennarun 08acb502e5 Add tstest.PanicOnLog(), and fix various problems detected by this.
If a test calls log.Printf, 'go test' horrifyingly rearranges the
output to no longer be in chronological order, which makes debugging
virtually impossible. Let's stop that from happening by making
log.Printf panic if called from any module, no matter how deep, during
tests.

This required us to change the default error handler in at least one
http.Server, as well as plumbing a bunch of logf functions around,
especially in magicsock and wgengine, but also in logtail and backoff.

To add insult to injury, 'go test' also rearranges the output when a
parent test has multiple sub-tests (all the sub-test's t.Logf is always
printed after all the parent tests t.Logf), so we need to screw around
with a special Logf that can point at the "current" t (current_t.Logf)
in some places. Probably our entire way of using subtests is wrong,
since 'go test' would probably like to run them all in parallel if you
called t.Parallel(), but it definitely can't because the're all
manipulating the shared state created by the parent test. They should
probably all be separate toplevel tests instead, with common
setup/teardown logic. But that's a job for another time.

Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
5 years ago
Avery Pennarun e0b666c5d2 tstest.ResourceCheck: clarify success message.
Inclusion of the word "assert" made it seem like a failure, even though
it was supposed to be identifying the name of the function (Assert()).

Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
5 years ago
David Anderson 0038223632 tstest: rename from testy.
Signed-off-by: David Anderson <danderson@tailscale.com>
5 years ago