ndt-dev - [ndt-dev] [ndt] r432 committed - Added Simple firewall test description.
Subject: NDT-DEV email list created
List archive
- From:
- To:
- Subject: [ndt-dev] [ndt] r432 committed - Added Simple firewall test description.
- Date: Mon, 01 Aug 2011 13:38:40 +0000
Revision: 432
Author:
Date: Mon Aug 1 06:38:17 2011
Log: Added Simple firewall test description.
http://code.google.com/p/ndt/source/detail?r=432
Modified:
/wiki/NDTProtocol.wiki
=======================================
--- /wiki/NDTProtocol.wiki Mon Aug 1 05:12:48 2011
+++ /wiki/NDTProtocol.wiki Mon Aug 1 06:38:17 2011
@@ -234,6 +234,50 @@
=== Middlebox test ===
=== Simple firewall test ===
+
+Simple firewall test tries to find out any firewalls between Client and Server that will prevent connections to ephemeral port numbers. Test is performed in both directions (i.e. Client is trying to connect to Server (c2s) and Server is trying to connect to Client (s2c)).
+
+==== Possible test results ====
+
+Simple firewall test defines the following result codes for both c2s and s2c tests:
+
+|| *C constant name* || *Integer value* || *Description* ||
+|| SFW_NOTTESTED || 0 || Test was not started ||
+|| SFW_NOFIREWALL || 1 || Test was successful (i.e. connection to ephemeral port was possible) ||
+|| SFW_UNKNOWN || 2 || There was a connection to ephemeral port, but it was not recognized properly ||
+|| SFW_POSSIBLE || 3 || There was no connection to ephemeral port within the specified time ||
+
+==== SFW protocol ====
+
+As a first step Server MUST bind ephemeral port and send TEST_PREPARE message containing this port number and test time (in seconds) to Client. Port number and test time MUST be encoded as strings and separated by a single space, for example:
+{{{
+50123 3
+}}}
+
+Next, Client MUST bind ephemeral port and send TEST_MSG message containing only this port number to Server. Port number MUST be encoded as string.
+
+Server SHOULD start test by sending empty TEST_START message immediately after it receives Client's ephemeral port number.
+
+Test SHOULD be performed in both direction in parallel. Client SHOULD try to connect to Server's ephemeral port and MUST send TEST_MSG message containing a pre-defined string "Simple firewall test" of length 20. The whole message looks as following:
+
+{{{
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | 5 | 20 | 'S' |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
+ | 'i' | 'm' | 'p' | 'l' |
+ | 'e' | ' ' | 'f' | 'i' |
+ | 'r' | 'e' | 'w' | 'a' |
+ | 'l' | 'l' | ' ' | 't' |
+ | 'e' | 's' | 't' +-+-+-+-+-+-+-+-+
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+}}}
+
+After performing Simple firewall test in both directions, Server MUST send to Client its c2s results encoded as string in the TEST_MSG message.
+
+At the end Server MUST close SFW test session by sending an empty TEST_FINALIZE message.
+
=== C2S throughput test ===
=== S2C throughput test ===
=== META test ===
- [ndt-dev] [ndt] r432 committed - Added Simple firewall test description., ndt, 08/01/2011
Archive powered by MHonArc 2.6.16.