From 2e4b2a9d50e2f823e99aa9b03b1c5a4f3ecbf8dc Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 26 May 2020 15:03:18 +0200
Subject: conntrack: add a few more tests

Extend testsuite with a few more tests.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/conntrack/testsuite/00create |  6 ++++++
 tests/conntrack/testsuite/01delete | 16 ++++++++++++++++
 2 files changed, 22 insertions(+)

(limited to 'tests')

diff --git a/tests/conntrack/testsuite/00create b/tests/conntrack/testsuite/00create
index afe4342..4e55a7b 100644
--- a/tests/conntrack/testsuite/00create
+++ b/tests/conntrack/testsuite/00create
@@ -6,6 +6,8 @@
 -I -s 1.1.1.1 -d 2.2.2.2 --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
 #missing source port
 -I -s 1.1.1.1 -d 2.2.2.2 -p tcp --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
+#missing destination port
+-I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
 #missing timeout
 -I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY ; BAD
 # create a conntrack
@@ -14,10 +16,14 @@
 -I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
 # delete
 -D -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 ; OK
+# delete again
+-D -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 ; BAD
 # create from reply
 -I -r 2.2.2.2 -q 1.1.1.1 -p tcp --reply-port-src 11 --reply-port-dst 21 --state LISTEN -u SEEN_REPLY -t 50 ; OK
 # delete reverse
 -D -r 2.2.2.2 -q 1.1.1.1 -p tcp --reply-port-src 11 --reply-port-dst 21 ; OK
+# delete reverse again
+-D -r 2.2.2.2 -q 1.1.1.1 -p tcp --reply-port-src 11 --reply-port-dst 21 ; BAD
 # create a v6 conntrack
 -I -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
 # delete v6 conntrack
diff --git a/tests/conntrack/testsuite/01delete b/tests/conntrack/testsuite/01delete
index 194d999..2755491 100644
--- a/tests/conntrack/testsuite/01delete
+++ b/tests/conntrack/testsuite/01delete
@@ -2,8 +2,22 @@
 -I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
 # delete bad source
 -D -s 2.2.2.2 -p tcp --sport 10 --dport 20 ; BAD
+# delete bad destination
+-D -d 1.1.1.1 -p tcp --sport 10 --dport 20 ; BAD
+# delete bad source port
+-I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 20 --dport 20 ; BAD
+# delete bad destination port
+-I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 10 ; BAD
 # delete by source
 -D -s 1.1.1.1 ; OK
+# re-create dummy with mark
+-I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 -m 20 ; OK
+# delete bad mark
+-D -m 10 ; BAD
+# delete by mark
+-D -m 20 ; OK
+# delete by mark (does not exist anymore)
+-D -m 20 ; BAD
 # re-create dummy
 -I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
 # delete by netmask
@@ -14,3 +28,5 @@
 -I -s 1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
 # try same command again but with CIDR
 -D -s 1.1.1.0/24 -d 2.2.2.0/24 ; OK
+# try same command again but with CIDR (no matching found)
+-D -s 1.1.1.0/24 -d 2.2.2.0/24 ; BAD
-- 
cgit v1.2.3