mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2024-12-15 11:22:49 +03:00
8842b2df90
Updates #6233.
Squashed commit of the following:
commit ef7692fb78a287a51a6b50c4ac0f1c33857a9ff0
Merge: b3ef5de41 8b6c260de
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Mon Oct 9 13:07:10 2023 +0300
Merge branch 'master' into 6233-ipset-cached-entries
commit b3ef5de411d2ebb2f344430daf81e05a33ae4e78
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Mon Oct 9 13:06:23 2023 +0300
all: fix typo
commit d42a970336d1d7e8a2f7c8459bf862762cdac8f6
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Fri Oct 6 19:26:51 2023 +0300
all: imp chlog
commit 818931a136c7b851820f8ff8e05ada5360da2090
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Fri Oct 6 18:30:52 2023 +0300
all: upd chlog
commit af3dc60c038f04690882eca30a6f9c7d23f7c371
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Fri Oct 6 18:03:01 2023 +0300
ipset: imp docs
commit 2c9d6c0c88ba2c2185b4d29212272ad5d48ae474
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Fri Oct 6 16:53:42 2023 +0300
all: add tests
commit 0d41eaabf7a275c6a9eb4a1d64aa551d4d8de367
Author: Stanislav Chzhen <s.chzhen@adguard.com>
Date: Fri Oct 6 15:12:54 2023 +0300
ipset: rm cache
156 lines
3.4 KiB
Go
156 lines
3.4 KiB
Go
//go:build linux
|
|
|
|
package ipset
|
|
|
|
import (
|
|
"net"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/AdguardTeam/golibs/errors"
|
|
"github.com/digineo/go-ipset/v2"
|
|
"github.com/mdlayher/netlink"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
"github.com/ti-mo/netfilter"
|
|
)
|
|
|
|
// fakeConn is a fake ipsetConn for tests.
|
|
type fakeConn struct {
|
|
ipv4Header *ipset.HeaderPolicy
|
|
ipv4Entries *[]*ipset.Entry
|
|
ipv6Header *ipset.HeaderPolicy
|
|
ipv6Entries *[]*ipset.Entry
|
|
}
|
|
|
|
// Add implements the [ipsetConn] interface for *fakeConn.
|
|
func (c *fakeConn) Add(name string, entries ...*ipset.Entry) (err error) {
|
|
if strings.Contains(name, "ipv4") {
|
|
*c.ipv4Entries = append(*c.ipv4Entries, entries...)
|
|
|
|
return nil
|
|
} else if strings.Contains(name, "ipv6") {
|
|
*c.ipv6Entries = append(*c.ipv6Entries, entries...)
|
|
|
|
return nil
|
|
}
|
|
|
|
return errors.Error("test: ipset not found")
|
|
}
|
|
|
|
// Close implements the [ipsetConn] interface for *fakeConn.
|
|
func (c *fakeConn) Close() (err error) {
|
|
return nil
|
|
}
|
|
|
|
// Header implements the [ipsetConn] interface for *fakeConn.
|
|
func (c *fakeConn) Header(name string) (p *ipset.HeaderPolicy, err error) {
|
|
if strings.Contains(name, "ipv4") {
|
|
return c.ipv4Header, nil
|
|
} else if strings.Contains(name, "ipv6") {
|
|
return c.ipv6Header, nil
|
|
}
|
|
|
|
return nil, errors.Error("test: ipset not found")
|
|
}
|
|
|
|
func TestManager_Add(t *testing.T) {
|
|
ipsetConf := []string{
|
|
"example.com,example.net/ipv4set",
|
|
"example.org,example.biz/ipv6set",
|
|
}
|
|
|
|
var ipv4Entries []*ipset.Entry
|
|
var ipv6Entries []*ipset.Entry
|
|
|
|
fakeDial := func(
|
|
pf netfilter.ProtoFamily,
|
|
conf *netlink.Config,
|
|
) (conn ipsetConn, err error) {
|
|
return &fakeConn{
|
|
ipv4Header: &ipset.HeaderPolicy{
|
|
Family: ipset.NewUInt8Box(uint8(netfilter.ProtoIPv4)),
|
|
},
|
|
ipv4Entries: &ipv4Entries,
|
|
ipv6Header: &ipset.HeaderPolicy{
|
|
Family: ipset.NewUInt8Box(uint8(netfilter.ProtoIPv6)),
|
|
},
|
|
ipv6Entries: &ipv6Entries,
|
|
}, nil
|
|
}
|
|
|
|
m, err := newManagerWithDialer(ipsetConf, fakeDial)
|
|
require.NoError(t, err)
|
|
|
|
ip4 := net.IP{1, 2, 3, 4}
|
|
ip6 := net.IP{
|
|
0x12, 0x34, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x56, 0x78,
|
|
}
|
|
|
|
n, err := m.Add("example.net", []net.IP{ip4}, nil)
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, 1, n)
|
|
|
|
require.Len(t, ipv4Entries, 1)
|
|
|
|
gotIP4 := ipv4Entries[0].IP.Value
|
|
assert.Equal(t, ip4, gotIP4)
|
|
|
|
n, err = m.Add("example.biz", nil, []net.IP{ip6})
|
|
require.NoError(t, err)
|
|
|
|
assert.Equal(t, 1, n)
|
|
|
|
require.Len(t, ipv6Entries, 1)
|
|
|
|
gotIP6 := ipv6Entries[0].IP.Value
|
|
assert.Equal(t, ip6, gotIP6)
|
|
|
|
err = m.Close()
|
|
assert.NoError(t, err)
|
|
}
|
|
|
|
// ipsetPropsSink is the typed sink for benchmark results.
|
|
var ipsetPropsSink []props
|
|
|
|
func BenchmarkManager_LookupHost(b *testing.B) {
|
|
propsLong := []props{{
|
|
name: "example.com",
|
|
family: netfilter.ProtoIPv4,
|
|
}}
|
|
|
|
propsShort := []props{{
|
|
name: "example.net",
|
|
family: netfilter.ProtoIPv4,
|
|
}}
|
|
|
|
m := &manager{
|
|
domainToIpsets: map[string][]props{
|
|
"": propsLong,
|
|
"example.net": propsShort,
|
|
},
|
|
}
|
|
|
|
b.Run("long", func(b *testing.B) {
|
|
const name = "a.very.long.domain.name.inside.the.domain.example.com"
|
|
for i := 0; i < b.N; i++ {
|
|
ipsetPropsSink = m.lookupHost(name)
|
|
}
|
|
|
|
require.Equal(b, propsLong, ipsetPropsSink)
|
|
})
|
|
|
|
b.Run("short", func(b *testing.B) {
|
|
const name = "example.net"
|
|
for i := 0; i < b.N; i++ {
|
|
ipsetPropsSink = m.lookupHost(name)
|
|
}
|
|
|
|
require.Equal(b, propsShort, ipsetPropsSink)
|
|
})
|
|
}
|