| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
We are not interested in sysctl echoing the value it just set.
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
|
| |
|
|
|
|
|
|
| |
This test case covers missing hashtable buckets and max entries configuration options. There should
be a value for them, otherwise the daemon segfaults.
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
|
| |
|
|
|
|
|
|
|
| |
This allows for running the script away from the test infrastructure,
which is convenient when developing new tests. This also allows for
reusing the same netns setup from new tests.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces a new scenario with a virtual network layout that was previously designed by
Pablo (see commit 7f1fb5dad90f04caa94f4fcefd1340aeb2c2f0e3).
The scenario is called 'basic_2_peer_network_tcp_notrack' and can be used to test conntrack entry
replication in TCP/NOTRACK mode with both caches disables. In this mode entry syncronization should
happen basically in the same instant the event is produced.
The testcase is very simple, but works really well:
* send 1 ping to a network peer across the router
* verify the conntrack entry has been replicated to the stand-by router
=== 8< ===
$ cd tests ; sudo ./conntrackd-tests.py --single tcp_notrack_replicate_icmp
[conntrackd-tests.py] INFO: --- running test: tcp_notrack_replicate_icmp
[conntrackd-tests.py] INFO: --- passed test: tcp_notrack_replicate_icmp
[conntrackd-tests.py] INFO: ---
[conntrackd-tests.py] INFO: --- finished
[conntrackd-tests.py] INFO: --- passed tests: 1
[conntrackd-tests.py] INFO: --- failed tests: 0
[conntrackd-tests.py] INFO: --- scenario failure: 0
[conntrackd-tests.py] INFO: --- total tests: 1
=== 8< ===
Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
framework
Introduce some initial basic testcases for configuration parsing and standard daemon startup and
shutdown routines.
This should give an example of how the framework works.
Here is an example of running this:
=== 8< ===
$ cd tests/conntrackd ; sudo ./conntrackd-tests.py
[conntrackd-tests.py] INFO: --- running test: stats_general
[conntrackd-tests.py] INFO: --- passed test: stats_general
[conntrackd-tests.py] INFO: --- running test: stats_network
[conntrackd-tests.py] INFO: --- passed test: stats_network
[conntrackd-tests.py] INFO: --- running test: stats_runtime
[conntrackd-tests.py] INFO: --- passed test: stats_runtime
[conntrackd-tests.py] INFO: --- running test: stats_process
[conntrackd-tests.py] INFO: --- passed test: stats_process
[conntrackd-tests.py] INFO: --- running test: stats_queue
[conntrackd-tests.py] INFO: --- passed test: stats_queue
[conntrackd-tests.py] INFO: --- running test: stats_ct
[conntrackd-tests.py] INFO: --- passed test: stats_ct
[conntrackd-tests.py] INFO: --- running test: stats_expect
[conntrackd-tests.py] INFO: --- passed test: stats_expect
[conntrackd-tests.py] INFO: ---
[conntrackd-tests.py] INFO: --- finished
[conntrackd-tests.py] INFO: --- passed tests: 7
[conntrackd-tests.py] INFO: --- failed tests: 0
[conntrackd-tests.py] INFO: --- scenario failure: 0
[conntrackd-tests.py] INFO: --- total tests: 7
=== 8< ===
Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This test suite should help us develop better tests for conntrack-tools in general and conntrackd
in particular.
The framework is composed of a runner script, written in python3, and 3 yaml files for
configuration and testcase definition:
- scenarios.yaml: contains information on network scenarios for tests to use
- tests.yaml: contains testcase definition
- env.yaml: contains default values for environment variables
The test cases can be anything, from a simple command to an external script call to perform more
complex operations. See follow-up patches to know more on how this works.
The plan is to replace or call from this framework the other testsuites in this tree.
The runner script is rather simple, and it should be more or less straight forward to use it.
On Debian machines, it requires the *python3-yaml* package to be installed as a dependency.
For reference, here are the script options:
=== 8< ===
$ tests/conntrackd/conntrackd-tests.py --help
usage: conntrackd-tests.py [-h] [--tests-file TESTS_FILE]
[--scenarios-file SCENARIOS_FILE]
[--env-file ENV_FILE]
[--single SINGLE]
[--start-scenario START_SCENARIO]
[--stop-scenario STOP_SCENARIO]
[--debug]
Utility to run tests for conntrack-tools
optional arguments:
-h, --help show this help message and exit
--tests-file TESTS_FILE
File with testcase definitions. Defaults to 'tests.yaml'
--scenarios-file SCENARIOS_FILE
File with configuration scenarios for tests. Defaults to 'scenarios.yaml'
--env-file ENV_FILE File with environment variables for scenarios/tests. Defaults to 'env.yaml'
--single SINGLE Execute a single testcase and exit. Use this for developing testcases
--start-scenario START_SCENARIO
Execute scenario start commands and exit. Use this for developing testcases
--stop-scenario STOP_SCENARIO
Execute scenario stop commands and exit. Use this for cleanup
--debug debug mode
=== 8< ===
To run it, simply use:
=== 8< ===
$ cd tests/conntrackd/ ; sudo ./conntrackd-tests.py
[..]
=== 8< ===
Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a script that creates a ip netns testbed. The network
topology looks like this:
veth0---veth0
host nsr1 ns2
veth0----veth0
ns1 veth2
|
veth0
nsr2
* ns1 and ns2 are clients to generate traffic
* nsr1 and nsr2 run conntrackd to synchronize states
* nsr1 is the primary gateway
- veth2 is used to synchronize states
* nsr2 is the backup gateway
- veth0 is used to synchronize states
To set up the testbed:
% sudo ./conntrackd-netns-test.sh start
To test your testbed works, from ns2:
% sudo ip netns exec ns2 nc -l -p 8080
From ns1:
% sudo ip netns exec ns1 nc -vvv 10.0.1.2 8080
From nsr1:
% sudo ip netns exec nsr1 conntrackd -s -C conntrackd-nsr1.conf
cache internal:
current active connections: 1
[...]
cache external:
current active connections: 0
From nsr2:
% sudo ip netns exec nsr1 conntrackd -s -C conntrackd-nsr2.conf
cache internal:
current active connections: 0
[...]
cache external:
current active connections: 1
To stop it:
% sudo ./conntrackd-netns-test.sh stop
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
I decided to move it to:
http://git.netfilter.org/conntrackd-helper-tests
to reduce the bloat of this tree, most people are not interested
in this stuff when they grab it via git clone.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
| |
|
|
|
|
|
| |
This patch fixes few compile warnings and errors.
Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
This patch adds the automated testing infrastructure the user-space
helpers. Basically, this adds the `cthelper-test' program that can
be invoked from the command line:
./cthelper-test pcaps/oracle-tns-redirect.pcap tns tcp 1521
To test the helper with one PCAP file that contains traces of Oracle TNS
traffic. It also provides tweaks to test the DNAT content mangling code:
./cthelper-test pcaps/oracle-tns-redirect.pcap tns tcp 1521 dnat
This will also allow fuzzy testing of user-space helper, for further
validation, not yet implemented.
To compile this tool, you have to run:
./configure
make check
under the qa/cthelper-test/ directory. I'm doing like this because
this directory is not included in the standalone tarball that
make distcheck generates (I don't want to bloat it with development
tools that can be retrieved from the git repository).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
