539c7e67aa
This test case includes four scenarios: 1. Connect to the server from outside the cgroup and close the connection from outside the cgroup. 2. Connect to the server from outside the cgroup and close the connection from inside the cgroup. 3. Connect to the server from inside the cgroup and close the connection from outside the cgroup. 4. Connect to the server from inside the cgroup and close the connection from inside the cgroup. The test case is to verify that cgroup_skb/{egress, ingress} filters receive expected packets including SYN, SYN/ACK, ACK, FIN, and FIN/ACK. Signed-off-by: Kui-Feng Lee <kuifeng@meta.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20230624014600.576756-3-kuifeng@meta.com
36 lines
915 B
C
36 lines
915 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
|
|
|
|
/* Define states of a socket to tracking messages sending to and from the
|
|
* socket.
|
|
*
|
|
* These states are based on rfc9293 with some modifications to support
|
|
* tracking of messages sent out from a socket. For example, when a SYN is
|
|
* received, a new socket is transiting to the SYN_RECV state defined in
|
|
* rfc9293. But, we put it in SYN_RECV_SENDING_SYN_ACK state and when
|
|
* SYN-ACK is sent out, it moves to SYN_RECV state. With this modification,
|
|
* we can track the message sent out from a socket.
|
|
*/
|
|
|
|
#ifndef __CGROUP_TCP_SKB_H__
|
|
#define __CGROUP_TCP_SKB_H__
|
|
|
|
enum {
|
|
INIT,
|
|
CLOSED,
|
|
SYN_SENT,
|
|
SYN_RECV_SENDING_SYN_ACK,
|
|
SYN_RECV,
|
|
ESTABLISHED,
|
|
FIN_WAIT1,
|
|
FIN_WAIT2,
|
|
CLOSE_WAIT_SENDING_ACK,
|
|
CLOSE_WAIT,
|
|
CLOSING,
|
|
LAST_ACK,
|
|
TIME_WAIT_SENDING_ACK,
|
|
TIME_WAIT,
|
|
};
|
|
|
|
#endif /* __CGROUP_TCP_SKB_H__ */
|