From c9b81d7160651322ed81520e851152e9e9fb2644 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Sun, 24 Nov 2019 00:59:39 +0000
Subject: [PATCH] stest: Check that received packet is as expected

It turns out that if secnet decides the link to the peer is too
broken, it loops outbound packets back to its host.  Normally this is
not obvious, because the host naturally drops such packets.

But in stest we weren't actually looking at the incoming packets at
all, so we would treat this as success!

So, instead, match the start of the packet, including the source and
destination addresses and the icmp type.  (This crude match will fail
if the reply contains any IP options, but the ping comes from the peer
secnet so it won't have.)

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 stest/common.tcl | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/stest/common.tcl b/stest/common.tcl
index 566757c..7891e1d 100644
--- a/stest/common.tcl
+++ b/stest/common.tcl
@@ -180,8 +180,15 @@ proc netlink-got-packet {location site data} {
     if {![hbytes length $data]} return 
     switch -exact $site {
 	inside {
-	    puts OK
-	    finish 0
+	    switch -glob $data {
+		45000054ed9d4000fe0166d9ac12e802ac12e80900* {
+		    puts "OK $data"
+		    finish 0
+		}
+		* {
+		    error "unexpected $site $data"
+		}
+	    }
 	}
 	outside {
 	    error "inside rx'd!"
-- 
2.30.2