From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by dpdk.org (Postfix) with ESMTP id 6A00B7D30 for ; Tue, 2 Jan 2018 09:16:53 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2018 00:16:52 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,495,1508828400"; d="scan'208";a="163517815" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by orsmga004.jf.intel.com with ESMTP; 02 Jan 2018 00:16:52 -0800 Received: from FMSMSX110.amr.corp.intel.com (10.18.116.10) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 2 Jan 2018 00:16:51 -0800 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx110.amr.corp.intel.com (10.18.116.10) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 2 Jan 2018 00:16:50 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.213]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.93]) with mapi id 14.03.0319.002; Tue, 2 Jan 2018 16:16:49 +0800 From: "Liu, Yong" To: "Xu, GangX" , "dts@dpdk.org" CC: "Xu, GangX" Thread-Topic: [dts] [PATCH V1] add test suite inline_ipsec Thread-Index: AQHTgIvA1ocgwYdKj0GzIi+x0tny3KNgPWhg Date: Tue, 2 Jan 2018 08:16:49 +0000 Message-ID: <86228AFD5BCD8E4EBFD2B90117B5E81E62F3CCF4@SHSMSX103.ccr.corp.intel.com> References: <1514541643-92480-1-git-send-email-gangx.xu@intel.com> <1514541643-92480-2-git-send-email-gangx.xu@intel.com> In-Reply-To: <1514541643-92480-2-git-send-email-gangx.xu@intel.com> Accept-Language: zh-CN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYjRlOWMzMGYtZTA3NS00Y2ZlLThiNzYtYzE3YjdhYTBjNGM3IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiJaV3ppckpYQ1o0azV0VjA4WGJla3ErcEs3d0pmbFprZUFNXC9ub0RZT05odjVkZndjUjNOajdSSWNad0lXV1R6dSJ9 x-ctpclassification: CTP_IC dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dts] [PATCH V1] add test suite inline_ipsec X-BeenThere: dts@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: test suite reviews and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Jan 2018 08:16:54 -0000 Gang, some comments are inline. Thanks, Marvin > -----Original Message----- > From: dts [mailto:dts-bounces@dpdk.org] On Behalf Of xu,gang > Sent: Friday, December 29, 2017 6:01 PM > To: dts@dpdk.org > Cc: Xu, GangX > Subject: [dts] [PATCH V1] add test suite inline_ipsec >=20 > Signed-off-by: xu,gang > --- > tests/TestSuite_inline_ipsec.py | 405 > ++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 405 insertions(+) > create mode 100644 tests/TestSuite_inline_ipsec.py >=20 > diff --git a/tests/TestSuite_inline_ipsec.py > b/tests/TestSuite_inline_ipsec.py > new file mode 100644 > index 0000000..ba90caf > --- /dev/null > +++ b/tests/TestSuite_inline_ipsec.py > @@ -0,0 +1,405 @@ > +# BSD LICENSE > +# > +# Copyright(c) 2010-2017 Intel Corporation. All rights reserved. > +# All rights reserved. > +# > +# Redistribution and use in source and binary forms, with or without > +# modification, are permitted provided that the following conditions > +# are met: > +# > +# * Redistributions of source code must retain the above copyright > +# notice, this list of conditions and the following disclaimer. > +# * Redistributions in binary form must reproduce the above copyright > +# notice, this list of conditions and the following disclaimer in > +# the documentation and/or other materials provided with the > +# distribution. > +# * Neither the name of Intel Corporation nor the names of its > +# contributors may be used to endorse or promote products derived > +# from this software without specific prior written permission. > +# > +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR > +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT > +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, > +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT > +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, > +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY > +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT > +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE > +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > + > + > +""" > +DPDK Test suite. > +Test inline_ipsec. > +""" > + > +import utils > +import string > +import time > +import re > +import threading > +from test_case import TestCase > +import getopt > +from scapy.all import * > + > +ETHER_STANDARD_MTU =3D 1518 > +ETHER_JUMBO_FRAME_MTU =3D 9000 > + > + > +class TestInlineIpsec(TestCase): > + > + def set_up_all(self): > + """ > + Run at the start of each test suite. > + """ > + self.verify(self.nic in ["niantic"], "%s NIC not support" % > self.nic) > + self.dut_ports =3D self.dut.get_ports(self.nic) > + self.verify(len(self.dut_ports) >=3D 2, "Insufficient ports") > + cores =3D self.dut.get_core_list("1S/4C/1T") > + self.coremask =3D utils.create_mask(cores) > + > + # get test port info > + self.rxport =3D self.tester.get_local_port(1) > + self.txport =3D self.tester.get_local_port(0) > + self.rxItf =3D self.tester.get_interface(self.rxport) > + self.txItf =3D self.tester.get_interface(self.txport) > + # get dut port pci > + self.portpci_0 =3D self.dut.get_port_pci(self.dut_ports[0]) > + self.portpci_1 =3D self.dut.get_port_pci(self.dut_ports[1]) > + > + # enable tester mtu > + self.rxnetobj =3D self.tester.ports_info[self.rxport]['port'] > + self.rxnetobj.enable_jumbo(framesize=3DETHER_JUMBO_FRAME_MTU + 1= 00) > + self.txnetobj =3D self.tester.ports_info[self.txport]['port'] > + self.txnetobj.enable_jumbo(framesize=3DETHER_JUMBO_FRAME_MTU + 1= 00) > + > + self.path =3D "./examples/ipsec-secgw/build/ipsec-secgw" > + # add print code in IPSEC app > + sedcmd =3D r"""sed -i -e '/process_pkts(qconf, pkts, nb_rx, > portid);/i\\printf("[debug]receive %hhu packet in rxqueueid=3D%hhu\\n",nb= _rx, > queueid);' examples/ipsec-secgw/ipsec-secgw.c""" > + self.dut.send_expect(sedcmd, "#", 60) > + > + # build sample app > + out =3D self.dut.build_dpdk_apps("./examples/ipsec-secgw") > + self.verify("Error" not in out, "compilation error 1") > + self.verify("No such file" not in out, "compilation error 2") > + > + self.cfg_prepare() > + > + def set_up(self): > + """ > + Run before each test case. > + """ > + pass > + > + def cfg_prepare(self): > + """ > + write the inline_ipsec configuration file > + """ > + enc =3D """ > +#SP IPv4 rules > +sp ipv4 out esp protect 1005 pri 1 dst 192.168.105.0/24 sport 0:65535 > dport 0:65535 > + > +#SA rules > +sa out 1005 aead_algo aes-128-gcm aead_key > 2b:7e:15:16:28:ae:d2:a6:ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef \ > +mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \ > +port_id 1 \ > +type inline-crypto-offload \ > + > +#Routing rules > +rt ipv4 dst 172.16.2.5/32 port 1 > +""" You can use parentheses which is more readable for multiple lines string.=20 eg: enc =3D ("#SP IPv4 rules" "sp ipv4 out esp protect 1005 pri 1 dst 192.168.105.0/24 sport 0:655= 35 dport 0:65535" "#SA rules" "sa out 1005 aead_algo aes-128-gcm aead_key 2b:7e:15:16:28:ae:d2:a6:= ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef mode ipv4-tunnel src 172.16.1.5 dst 172= .16.2.5 port_id 1 type inline-crypto-offload" ) > + dec =3D """ > +#SA rules > +sa in 5 aead_algo aes-128-gcm aead_key > 2b:7e:15:16:28:ae:d2:a6:ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef \ > +mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \ > +port_id 1 \ > +type inline-crypto-offload \ > + > +#Routing rules > +rt ipv4 dst 192.168.105.10/32 port 0 > +""" > + enc_rss =3D """ > +#SP IPv4 rules > +sp ipv4 out esp protect 1002 pri 1 dst 192.168.102.0/24 sport 0:65535 > dport 0:65535 > + > +sa out 1002 aead_algo aes-128-gcm aead_key > 2b:7e:15:16:28:ae:d2:a6:ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef \ > +mode ipv4-tunnel src 172.16.31.35 dst 172.16.32.35 \ > +port_id 1 \ > +type inline-crypto-offload \ > + > +#Routing rules > +rt ipv4 dst 172.16.32.35/32 port 1 > +""" > + dec_rss =3D """ > +#SA rules > +sa in 3 aead_algo aes-128-gcm aead_key > 2b:7e:15:16:28:ae:d2:a6:ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef \ > +mode ipv4-tunnel src 172.16.21.25 dst 172.16.22.25 \ > +port_id 1 \ > +type inline-crypto-offload \ > + > +#Routing rules > +rt ipv4 dst 192.168.105.10/32 port 0 > +""" > + dec_wrong_key =3D """ > +#SA rules > +sa in 5 aead_algo aes-128-gcm aead_key > 2f:7e:15:16:28:ae:d2:a6:ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef \ > +mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \ > +port_id 1 \ > +type inline-crypto-offload \ > + > +#Routing rules > +rt ipv4 dst 192.168.105.10/32 port 0 > +""" > + enc_dec =3D """ > +#SP IPv4 rules > +sp ipv4 out esp protect 1005 pri 1 dst 192.168.105.0/24 sport 0:65535 > dport 0:65535 > + > +#SA rules > +sa out 1005 aead_algo aes-128-gcm aead_key > 2b:7e:15:16:28:ae:d2:a6:ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef \ > +mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \ > +port_id 1 \ > +type inline-crypto-offload \ > + > +sa in 5 aead_algo aes-128-gcm aead_key > 2b:7e:15:16:28:ae:d2:a6:ab:f7:15:88:09:cf:4f:3d:de:ad:be:ef \ > +mode ipv4-tunnel src 172.16.1.5 dst 172.16.2.5 \ > +port_id 1 \ > +type inline-crypto-offload \ > + > +#Routing rules > +rt ipv4 dst 172.16.2.5/32 port 1 > +rt ipv4 dst 192.168.105.10/32 port 0 > +""" > + self.set_cfg('enc.cfg', enc) > + self.set_cfg('dec.cfg', dec) > + self.set_cfg('enc_rss.cfg', enc_rss) > + self.set_cfg('dec_rss.cfg', dec_rss) > + self.set_cfg('enc_dec.cfg', enc_dec) > + self.set_cfg('dec_wrong_key.cfg', dec_wrong_key) > + > + def set_cfg(self, filename, cfg): > + """ > + open file and write cfg, scp it to dut /root/dpdk/ > + """ > + with open(filename, 'w') as f: > + f.write(cfg) > + self.dut.session.copy_file_to(filename, '/root/dpdk/') > + > + def send_encryption_package(self, intface, paysize=3D64, > do_encrypt=3DFalse, send_spi=3D5, count=3D1, mydst=3D'192.168.105.10', > sa_src=3D'172.16.1.5', sa_dst=3D'172.16.2.5'): > + """ Please either use abbreviation "intf" or full word "interface". "mydst" should be "inner_dst" or "data_dst". > + make a package and send > + """ > + test =3D 'test-' * 2000 > + payload =3D test[0:int(paysize)] > + sa_gcm =3D SecurityAssociation(ESP, spi=3Dsend_spi, > + crypt_algo=3D'AES-GCM', > + > crypt_key=3D'\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f= \x3 > d\xde\xad\xbe\xef', > + auth_algo=3D'NULL', auth_key=3DNone= , > + tunnel_header=3DIP(src=3Dsa_src, > dst=3Dsa_dst)) > + sa_gcm.crypt_algo.icv_size =3D 16 > + > + p =3D IP(src=3D'192.168.105.10', dst=3Dmydst) > + p /=3D "|->" > + p /=3D payload > + p /=3D "<-|" > + p =3D IP(str(p)) Why add "|->" and "<-|" in the payload? > + > + if do_encrypt =3D=3D True: > + print "send encrypt package" > + e =3D sa_gcm.encrypt(p) > + else: > + print "send normal package" > + e =3D p > + > + eth_e =3D Ether() / e > + eth_e.src =3D "52:54:00:21:68:1c" > + eth_e.dst =3D "52:54:00:16:f6:b0" Please remove hard-coded mac, should be tester and DUT port's mac address. > + session_send =3D self.tester.create_session( > + name=3D'send_encryption_package') > + sendp(eth_e, iface=3Dintface, count=3Dcount) > + self.tester.destroy_session(session_send) > + > + return payload > + > + def Ipsec_Encryption(self, config, file_name, txItf, rxItf, > paysize=3D32, jumboframe=3D1518, do_encrypt=3DFalse, verify=3DTrue, send_= spi=3D5, > receive_spi=3D1005, count=3D1, mydst=3D'192.168.105.10', sa_src=3D'172.16= .1.5', > sa_dst=3D'172.16.2.5'): > + """ > + verify Ipsec receive package > + """ > + cmd =3D self.path + " -l 20,21 -w %s -w %s --vdev 'crypto_null' = -- > log-level 8 --socket-mem 1024,1 -- -p 0xf -P -u 0x2 -j %s --config=3D'%s'= - > f %s" % ( > + self.portpci_0, self.portpci_1, jumboframe, config, file_nam= e) > + self.dut.send_expect(cmd, "IPSEC", 60) > + > + session_receive =3D self.tester.create_session( > + name=3D'receive_encryption_package') > + sa_gcm =3D r"sa_gcm=3DSecurityAssociation(ESP,spi=3D%s,crypt_alg= o=3D'AES- > GCM',crypt_key=3D'\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xc= f\x > 4f\x3d\xde\xad\xbe\xef',auth_algo=3D'NULL',auth_key=3DNone,tunnel_header= =3DIP(sr > c=3D'172.16.1.5',dst=3D'172.16.2.5'))" % receive_spi > + > + session_receive.send_expect("scapy", "Welcome to Scapy", 10) Should wait for ">>>" which is commonly used in scapy related command. > + session_receive.send_expect( > + "pkts=3Dsniff(iface=3D'%s',count=3D1,timeout=3D10)" % rxItf,= "", 30) > + send_package =3D self.send_encryption_package( > + txItf, paysize, do_encrypt, send_spi, count, mydst, sa_src, > sa_dst) > + > + time.sleep(10) > + out =3D session_receive.send_expect("pkts", "", 30) > + if do_encrypt: > + out =3D session_receive.send_expect("pkts[0]['IP'] ", ">>>",= 10) > + else: > + session_receive.send_expect(sa_gcm, ">>>", 10) > + session_receive.send_expect( > + "results=3Dsa_gcm.decrypt(pkts[0]['IP'])", ">>>", 10) > + out =3D session_receive.send_expect("results", ">>>", 10) > + > + if verify: > + self.verify(send_package in out, > + "Unreceived package or get other package") > + else: > + self.verify(send_package not in out, > + "The function is not in effect") > + session_receive.send_expect("quit()", "#", 10) > + self.tester.destroy_session(session_receive) > + > + def test_Ipsec_Encryption(self): > + """ > + test Ipsec Encryption > + """ > + config =3D '(0,0,21),(1,0,21)' > + paysize =3D random.randint(1, ETHER_STANDARD_MTU) > + self.Ipsec_Encryption(config, '/root/dpdk/enc.cfg', > + self.txItf, self.rxItf, paysize) > + > + def test_Ipsec_Encryption_Jumboframe(self): > + """ > + test Ipsec Encryption Jumboframe > + """ > + config =3D '(0,0,21),(1,0,21)' > + paysize =3D random.randint(ETHER_STANDARD_MTU, > ETHER_JUMBO_FRAME_MTU) > + self.Ipsec_Encryption(config, '/root/dpdk/enc.cfg', > + self.txItf, self.rxItf, paysize, > ETHER_JUMBO_FRAME_MTU) > + > + def test_Ipsec_Encryption_Rss(self): > + """ > + test Ipsec Encryption Rss > + """ > + config =3D '(0,0,20),(0,1,20),(1,0,21),(1,1,21)' > + self.Ipsec_Encryption(config, '/root/dpdk/enc_rss.cfg', > self.txItf, > + self.rxItf, send_spi=3D2, receive_spi=3D10= 02, > mydst=3D'192.168.102.10') > + out =3D self.dut.get_session_output() > + verifycode =3D "receive 1 packet in rxqueueid=3D1" > + self.verify(verifycode in out, "rxqueueid error") > + > + def test_IPSec_Decryption(self): > + """ > + test IPSec Decryption > + """ > + config =3D '(0,0,21),(1,0,21)' > + paysize =3D random.randint(1, ETHER_STANDARD_MTU) > + self.Ipsec_Encryption(config, '/root/dpdk/dec.cfg', self.rxItf, > + self.txItf, paysize, do_encrypt=3DTrue, > count=3D2) > + > + def test_IPSec_Decryption_Jumboframe(self): > + """ > + test IPSec Decryption Jumboframe > + """ > + config =3D '(0,0,21),(1,0,21)' > + paysize =3D random.randint(ETHER_STANDARD_MTU, > ETHER_JUMBO_FRAME_MTU) > + self.Ipsec_Encryption(config, '/root/dpdk/dec.cfg', self.rxItf, > + self.txItf, paysize, ETHER_JUMBO_FRAME_MTU= , > do_encrypt=3DTrue, count=3D2) > + > + def test_Ipsec_Decryption_Rss(self): > + """ > + test Ipsec Decryption Rss > + """ > + config =3D '(0,0,20),(0,1,20),(1,0,21),(1,1,21)' > + self.Ipsec_Encryption(config, '/root/dpdk/dec_rss.cfg', > self.rxItf, self.txItf, do_encrypt=3DTrue, > + send_spi=3D3, receive_spi=3D1003, count=3D= 2, > sa_src=3D'172.16.21.25', sa_dst=3D'172.16.22.25') > + out =3D self.dut.get_session_output() > + verifycode =3D "receive 1 packet in rxqueueid=3D1" > + self.verify(verifycode in out, "rxqueueid error") > + > + def test_Ipsec_Decryption_wrongkey(self): > + """ > + test Ipsec Decryption wrongkey > + """ > + config =3D '(0,0,21),(1,0,21)' > + paysize =3D random.randint(1, ETHER_STANDARD_MTU) > + self.Ipsec_Encryption(config, '/root/dpdk/dec_wrong_key.cfg', > self.rxItf, > + self.txItf, paysize, do_encrypt=3DTrue, > verify=3DFalse, count=3D2) > + out =3D self.dut.get_session_output() > + verifycode =3D "IPSEC_ESP: failed crypto op" > + self.verify(verifycode in out, "Ipsec Decryption wrongkey failed= ") > + > + def test_Ipsec_Encryption_Decryption(self): > + """ > + test Ipsec Encryption Decryption > + """ > + cmd =3D self.path + " -l 20,21 -w %s -w %s --vdev 'crypto_null' = -- > log-level 8 --socket-mem 1024,1 -- -p 0xf -P -u 0x2 -j %s --config=3D'%s'= - > f %s" % ( > + self.portpci_0, self.portpci_1, '1518', '(0,0,21),(1,0,21)', > '/root/dpdk/enc_dec.cfg') > + self.dut.send_expect(cmd, "IPSEC", 60) > + session_receive =3D self.tester.create_session( > + name=3D'receive_encryption_package') > + sa_gcm =3D r"sa_gcm=3DSecurityAssociation(ESP, > spi=3D1005,crypt_algo=3D'AES- > GCM',crypt_key=3D'\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xc= f\x > 4f\x3d\xde\xad\xbe\xef',auth_algo=3D'NULL', > auth_key=3DNone,tunnel_header=3DIP(src=3D'172.16.1.5', dst=3D'172.16.2.5'= ))" > + > + session_receive.send_expect("scapy", "Welcome to Scapy", 60) > + session_receive.send_expect(sa_gcm, ">>>", 60) > + session_receive.send_expect( > + "pkts=3Dsniff(iface=3D'%s',count=3D3)" % self.rxItf, "", 60) > + session_receive2 =3D self.tester.create_session( > + name=3D'receive_encryption_package2') > + > + session_receive2.send_expect("scapy", "Welcome to Scapy", 60) > + session_receive2.send_expect(sa_gcm, ">>>", 60) > + session_receive2.send_expect( > + "pkts=3Dsniff(iface=3D'%s',count=3D2)" % self.txItf, "", 60) > + > + payload =3D "test for Ipsec Encryption Decryption simultaneously= " > + sa_gcm =3D SecurityAssociation(ESP, spi=3D5, > + crypt_algo=3D'AES-GCM', > + > crypt_key=3D'\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f= \x3 > d\xde\xad\xbe\xef', > + auth_algo=3D'NULL', auth_key=3DNone= , > + tunnel_header=3DIP(src=3D'172.16.1.= 5', > dst=3D'172.16.2.5')) > + sa_gcm.crypt_algo.icv_size =3D 16 > + > + p =3D IP(src=3D'192.168.105.10', dst=3D'192.168.105.10') > + p /=3D "|->" > + p /=3D payload > + p /=3D "<-|" > + p =3D IP(str(p)) > + > + e1 =3D sa_gcm.encrypt(p) > + e2 =3D p > + > + eth_e1 =3D Ether() / e1 > + eth_e1.src =3D "52:54:00:21:68:1c" > + eth_e1.dst =3D "52:54:00:16:f6:b0" > + eth_e2 =3D Ether() / e2 > + eth_e2.src =3D "52:54:00:21:68:1c" > + eth_e2.dst =3D "52:54:00:16:f6:b0" > + > + t1 =3D threading.Thread(target=3Dsendp(eth_e1, iface=3Dself.rxIt= f, > count=3D2)) > + t1.start() > + t2 =3D threading.Thread(target=3Dsendp(eth_e2, iface=3Dself.txIt= f, > count=3D1)) > + t2.start() We'd like to enable threading support in the framework rather than the suit= e. If there is no special need for threading module, please remove it. > + session_receive.send_expect("^C", ">>>", 60) > + session_receive2.send_expect("^C", ">>>", 60) > + session_receive.send_expect( > + "results=3Dsa_gcm.decrypt(pkts[2]['IP'])", ">>>", 60) > + out =3D session_receive.send_expect("results", ">>>", 60) > + self.verify(payload in out, "Get a error package") Please clear the error reason, not just an announcement.=20 > + out =3D session_receive2.send_expect("pkts[1]", ">>>", 60) > + self.verify(payload in out, "Get a error package") > + > + def tear_down(self): > + """ > + Run after each test case. > + """ > + self.tester.send_expect("^C", "#", 5) > + self.dut.kill_all() > + time.sleep(2) > + > + def tear_down_all(self): > + """ > + Run after each test suite. > + """ > + self.rxnetobj.enable_jumbo(framesize=3DETHER_STANDARD_MTU) > + self.txnetobj.enable_jumbo(framesize=3DETHER_STANDARD_MTU) > -- > 1.9.3