diff options
Diffstat (limited to 'iptables/tests/shell/testcases')
3 files changed, 101 insertions, 0 deletions
diff --git a/iptables/tests/shell/testcases/ipt-restore/0001load-specific-table_0 b/iptables/tests/shell/testcases/ipt-restore/0001load-specific-table_0 new file mode 100755 index 00000000..ce3bef3a --- /dev/null +++ b/iptables/tests/shell/testcases/ipt-restore/0001load-specific-table_0 @@ -0,0 +1,41 @@ +#!/bin/bash + +RET=0 +tmpfile="" + +set -x + +clean_tempfile() +{ + if [ -n "${tmpfile}" ]; then + rm -f "${tmpfile}" + fi +} + +trap clean_tempfile EXIT + +tmpfile=$(mktemp) || exit 1 + +do_simple() +{ + iptables="${1}" + table="${2}" + dumpfile="$(dirname "${0}")/dumps/${iptables}.dump" + + "$XT_MULTI" "${iptables}-restore" --table="${table}" <"${dumpfile}"; rv=$? + + if [ "${rv}" -ne 0 ]; then + RET=1 + fi +} + +do_simple "iptables" "filter" +do_simple "iptables" "mangle" +do_simple "iptables" "raw" +do_simple "iptables" "nat" +do_simple "ip6tables" "filter" +do_simple "ip6tables" "mangle" +do_simple "ip6tables" "raw" +do_simple "ip6tables" "nat" + +exit "${RET}" diff --git a/iptables/tests/shell/testcases/ipt-restore/dumps/ip6tables.dump b/iptables/tests/shell/testcases/ipt-restore/dumps/ip6tables.dump new file mode 100644 index 00000000..4ac4f882 --- /dev/null +++ b/iptables/tests/shell/testcases/ipt-restore/dumps/ip6tables.dump @@ -0,0 +1,30 @@ +*nat +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] +:OUTPUT ACCEPT [8:656] +:POSTROUTING ACCEPT [8:656] +COMMIT + +*mangle +:PREROUTING ACCEPT [794:190738] +:INPUT ACCEPT [794:190738] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [991:170303] +:POSTROUTING ACCEPT [991:170303] +COMMIT + +*raw +:PREROUTING ACCEPT [794:190738] +:OUTPUT ACCEPT [991:170303] +COMMIT + +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [991:170303] +-A INPUT -i lo -j ACCEPT +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -p ipv6-icmp -j ACCEPT +-A OUTPUT -p tcp -m tcp --dport 137 -j REJECT --reject-with icmp6-port-unreachable +-A OUTPUT -p udp -m udp --dport 137 -j REJECT --reject-with icmp6-port-unreachable +COMMIT diff --git a/iptables/tests/shell/testcases/ipt-restore/dumps/iptables.dump b/iptables/tests/shell/testcases/ipt-restore/dumps/iptables.dump new file mode 100644 index 00000000..6e4e42d3 --- /dev/null +++ b/iptables/tests/shell/testcases/ipt-restore/dumps/iptables.dump @@ -0,0 +1,30 @@ +*nat +:PREROUTING ACCEPT [1:89] +:INPUT ACCEPT [0:0] +:OUTPUT ACCEPT [351:24945] +:POSTROUTING ACCEPT [351:24945] +COMMIT + +*mangle +:PREROUTING ACCEPT [3270:1513114] +:INPUT ACCEPT [3270:1513114] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [3528:1087907] +:POSTROUTING ACCEPT [3546:1090751] +COMMIT + +*raw +:PREROUTING ACCEPT [3270:1513114] +:OUTPUT ACCEPT [3528:1087907] +COMMIT + +*filter +:INPUT DROP [37:4057] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [3528:1087907] +-A INPUT -i lo -j ACCEPT +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -p icmp -j ACCEPT +-A OUTPUT -p tcp -m tcp --dport 137 -j REJECT --reject-with icmp-port-unreachable +-A OUTPUT -p udp -m udp --dport 137 -j REJECT --reject-with icmp-port-unreachable +COMMIT |