diff options
Diffstat (limited to 'iptables-test.py')
-rwxr-xr-x | iptables-test.py | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/iptables-test.py b/iptables-test.py index 6f63cdbe..22b445df 100755 --- a/iptables-test.py +++ b/iptables-test.py @@ -28,6 +28,8 @@ EBTABLES_SAVE = "ebtables-save" #IPTABLES_SAVE = ['xtables-save','-4'] #IP6TABLES_SAVE = ['xtables-save','-6'] +COMPAT_ARG = "" + EXTENSIONS_PATH = "extensions" LOGFILE="/tmp/iptables-test.log" log_file = None @@ -83,7 +85,7 @@ def run_test(iptables, rule, rule_save, res, filename, lineno, netns): ''' ret = 0 - cmd = iptables + " -A " + rule + cmd = iptables + COMPAT_ARG + " -A " + rule ret = execute_cmd(cmd, filename, lineno, netns) # @@ -318,7 +320,7 @@ def run_test_file_fast(iptables, filename, netns): # load all rules via iptables_restore - command = EXECUTABLE + " " + iptables + "-restore" + command = EXECUTABLE + " " + iptables + "-restore" + COMPAT_ARG if netns: command = "ip netns exec " + netns + " " + command @@ -558,6 +560,8 @@ def main(): help='Check for missing tests') parser.add_argument('-n', '--nftables', action='store_true', help='Test iptables-over-nftables') + parser.add_argument('-c', '--nft-compat', action='store_true', + help='Test iptables-over-nftables in compat mode') parser.add_argument('-N', '--netns', action='store_const', const='____iptables-container-test', help='Test netnamespace path') @@ -577,8 +581,10 @@ def main(): variants.append("legacy") if args.nftables: variants.append("nft") + if args.nft_compat: + variants.append("nft_compat") if len(variants) == 0: - variants = [ "legacy", "nft" ] + variants = [ "legacy", "nft", "nft_compat" ] if os.getuid() != 0: print("You need to be root to run this, sorry", file=sys.stderr) @@ -598,7 +604,12 @@ def main(): total_tests = 0 for variant in variants: global EXECUTABLE - EXECUTABLE = "xtables-" + variant + "-multi" + global COMPAT_ARG + if variant == "nft_compat": + EXECUTABLE = "xtables-nft-multi" + COMPAT_ARG = " --compat" + else: + EXECUTABLE = "xtables-" + variant + "-multi" test_files = 0 tests = 0 |