mirror of
https://github.com/netbirdio/netbird.git
synced 2024-12-11 09:21:49 +01:00
2475473227
All routes are now installed in a custom netbird routing table. Management and wireguard traffic is now marked with a custom fwmark. When the mark is present the traffic is routed via the main routing table, bypassing the VPN. When the mark is absent the traffic is routed via the netbird routing table, if: - there's no match in the main routing table - it would match the default route in the routing table IPv6 traffic is blocked when a default route IPv4 route is configured to avoid leakage.
81 lines
2.2 KiB
Go
81 lines
2.2 KiB
Go
//go:build !linux || android
|
|
|
|
package routemanager
|
|
|
|
import (
|
|
"net"
|
|
"net/netip"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestIsSubRange(t *testing.T) {
|
|
addresses, err := net.InterfaceAddrs()
|
|
if err != nil {
|
|
t.Fatal("shouldn't return error when fetching interface addresses: ", err)
|
|
}
|
|
|
|
var subRangeAddressPrefixes []netip.Prefix
|
|
var nonSubRangeAddressPrefixes []netip.Prefix
|
|
for _, address := range addresses {
|
|
p := netip.MustParsePrefix(address.String())
|
|
if !p.Addr().IsLoopback() && p.Addr().Is4() && p.Bits() < 32 {
|
|
p2 := netip.PrefixFrom(p.Masked().Addr(), p.Bits()+1)
|
|
subRangeAddressPrefixes = append(subRangeAddressPrefixes, p2)
|
|
nonSubRangeAddressPrefixes = append(nonSubRangeAddressPrefixes, p.Masked())
|
|
}
|
|
}
|
|
|
|
for _, prefix := range subRangeAddressPrefixes {
|
|
isSubRangePrefix, err := isSubRange(prefix)
|
|
if err != nil {
|
|
t.Fatal("shouldn't return error when checking if address is sub-range: ", err)
|
|
}
|
|
if !isSubRangePrefix {
|
|
t.Fatalf("address %s should be sub-range of an existing route in the table", prefix)
|
|
}
|
|
}
|
|
|
|
for _, prefix := range nonSubRangeAddressPrefixes {
|
|
isSubRangePrefix, err := isSubRange(prefix)
|
|
if err != nil {
|
|
t.Fatal("shouldn't return error when checking if address is sub-range: ", err)
|
|
}
|
|
if isSubRangePrefix {
|
|
t.Fatalf("address %s should not be sub-range of an existing route in the table", prefix)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestExistsInRouteTable(t *testing.T) {
|
|
require.NoError(t, setupRouting())
|
|
t.Cleanup(func() {
|
|
assert.NoError(t, cleanupRouting())
|
|
})
|
|
|
|
addresses, err := net.InterfaceAddrs()
|
|
if err != nil {
|
|
t.Fatal("shouldn't return error when fetching interface addresses: ", err)
|
|
}
|
|
|
|
var addressPrefixes []netip.Prefix
|
|
for _, address := range addresses {
|
|
p := netip.MustParsePrefix(address.String())
|
|
if p.Addr().Is4() {
|
|
addressPrefixes = append(addressPrefixes, p.Masked())
|
|
}
|
|
}
|
|
|
|
for _, prefix := range addressPrefixes {
|
|
exists, err := existsInRouteTable(prefix)
|
|
if err != nil {
|
|
t.Fatal("shouldn't return error when checking if address exists in route table: ", err)
|
|
}
|
|
if !exists {
|
|
t.Fatalf("address %s should exist in route table", prefix)
|
|
}
|
|
}
|
|
}
|