tstest/natlab/vnet: add easyAF

Endpoint-indepedent Mapping with only Address (but not port) dependent filtering. Updates #13038 Change-Id: I1ec88301acafcb79bf878f9600a7286e8af0f173 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-12-04 20:09:03 +00:00 · 2024-08-08 20:58:24 -07:00
parent d4cc074187
commit 44d634395b
3 changed files with 119 additions and 4 deletions
--- a/tstest/integration/nat/nat_test.go
+++ b/tstest/integration/nat/nat_test.go
@@ -102,6 +102,13 @@ func easy(c *vnet.Config) *vnet.Node {
 		fmt.Sprintf("192.168.%d.1/24", n), vnet.EasyNAT))
 }

+func easyAF(c *vnet.Config) *vnet.Node {
+	n := c.NumNodes() + 1
+	return c.AddNode(c.AddNetwork(
+		fmt.Sprintf("2.%d.%d.%d", n, n, n), // public IP
+		fmt.Sprintf("192.168.%d.1/24", n), vnet.EasyAFNAT))
+}
+
 func sameLAN(c *vnet.Config) *vnet.Node {
 	nw := c.FirstNetwork()
 	if nw == nil {
@@ -391,6 +398,11 @@ func TestEasyHard(t *testing.T) {
 	nt.runTest(easy, hard)
 }

+func TestEasyAFHard(t *testing.T) {
+	nt := newNatTest(t)
+	nt.runTest(easyAF, hard)
+}
+
 func TestEasyHardPMP(t *testing.T) {
 	nt := newNatTest(t)
 	nt.runTest(easy, hardPMP)
@@ -430,6 +442,7 @@ func TestGrid(t *testing.T) {
 	}
 	types := []nodeType{
 		{"easy", easy},
+		{"easyAF", easyAF},
 		{"hard", hard},
 		{"easyPMP", easyPMP},
 		{"hardPMP", hardPMP},
@@ -483,10 +496,13 @@ func TestGrid(t *testing.T) {
 		pf := func(format string, args ...any) {
 			fmt.Fprintf(&hb, format, args...)
 		}
+		rewrite := func(s string) string {
+			return strings.ReplaceAll(s, "PMP", "+pm")
+		}
 		pf("<html><table border=1 cellpadding=5>")
 		pf("<tr><td></td>")
 		for _, a := range types {
-			pf("<td><b>%s</b></td>", a.name)
+			pf("<td><b>%s</b></td>", rewrite(a.name))
 		}
 		pf("</tr>\n")

@@ -494,7 +510,7 @@ func TestGrid(t *testing.T) {
 			if a.name == "sameLAN" {
 				continue
 			}
-			pf("<tr><td><b>%s</b></td>", a.name)
+			pf("<tr><td><b>%s</b></td>", rewrite(a.name))
 			for _, b := range types {
 				key := a.name + "-" + b.name
 				key2 := b.name + "-" + a.name
@@ -509,7 +525,14 @@ func TestGrid(t *testing.T) {
 			}
 			pf("</tr>\n")
 		}
-		pf("</table></html>")
+		pf("</table>")
+		pf("<b>easy</b>: Endpoint-Independent Mapping, Address and Port-Dependent Filtering (e.g. Linux, Google Wifi, Unifi, eero)<br>")
+		pf("<b>easyAF</b>: Endpoint-Independent Mapping, Address-Dependent Filtering (James says telephony things or Zyxel type things)<br>")
+		pf("<b>hard</b>: Address and Port-Dependent Mapping, Address and Port-Dependent Filtering (FreeBSD, OPNSense, pfSense)<br>")
+		pf("<b>one2one</b>: One-to-One NAT (e.g. an EC2 instance with a public IPv4)<br>")
+		pf("<b>x+pm</b>: x, with port mapping (NAT-PMP, PCP, UPnP, etc)<br>")
+		pf("<b>sameLAN</b>: a second node in the same LAN as the first<br>")
+		pf("</html>")

 		if err := os.WriteFile("grid.html", hb.Bytes(), 0666); err != nil {
 			t.Fatalf("writeFile: %v", err)