From ba3f160318b392f40133cb4d320bd742ddc11f69 Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev@intel.com>
Date: Wed, 26 Jun 2019 00:16:49 +0100
Subject: [PATCH] examples/ipsec-secgw: add bypass test case

Add simple test-case with all traffic in BYPASS mode.
Useful for some basic test of your network environment.

Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
---
 examples/ipsec-secgw/test/bypass_defs.sh | 45 ++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 examples/ipsec-secgw/test/bypass_defs.sh

diff --git a/examples/ipsec-secgw/test/bypass_defs.sh b/examples/ipsec-secgw/test/bypass_defs.sh
new file mode 100644
index 0000000000..12a8a5aff7
--- /dev/null
+++ b/examples/ipsec-secgw/test/bypass_defs.sh
@@ -0,0 +1,45 @@
+#! /bin/bash
+
+CRYPTO_DEV=${CRYPTO_DEV:-'--vdev="crypto_null0"'}
+
+#generate cfg file for ipsec-secgw
+config_secgw()
+{
+	cat <<EOF > ${SGW_CFG_FILE}
+
+sp ipv4 in esp bypass pri 1 sport 0:65535 dport 0:65535
+sp ipv6 in esp bypass pri 1 sport 0:65535 dport 0:65535
+
+sp ipv4 out esp bypass pri 1 sport 0:65535 dport 0:65535
+sp ipv6 out esp bypass pri 1 sport 0:65535 dport 0:65535
+
+#Routing rules
+rt ipv4 dst ${REMOTE_IPV4}/32 port 0
+rt ipv4 dst ${LOCAL_IPV4}/32 port 1
+
+rt ipv6 dst ${REMOTE_IPV6}/128 port 0
+rt ipv6 dst ${LOCAL_IPV6}/128 port 1
+
+#neighbours
+neigh port 0 ${REMOTE_MAC}
+neigh port 1 ${LOCAL_MAC}
+EOF
+
+	cat ${SGW_CFG_FILE}
+}
+
+SGW_CMD_XPRM='-w 300'
+
+config_remote_xfrm()
+{
+	ssh ${REMOTE_HOST} ip xfrm policy flush
+	ssh ${REMOTE_HOST} ip xfrm state flush
+
+	ssh ${REMOTE_HOST} ip xfrm policy list
+	ssh ${REMOTE_HOST} ip xfrm state list
+}
+
+config6_remote_xfrm()
+{
+	config_remote_xfrm
+}
-- 
2.20.1