| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As per the manual[1]:
"When no test protocol is in use, an exit status of 0 from a test script
will denote a success, an exit status of 77 a skipped test, an exit
status of 99 a hard error, and any other exit status will denote a
failure."
[1] https://www.gnu.org/software/automake/manual/html_node/Scripts_002dbased-Testsuites.html
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
| |
|
|
|
|
|
| |
Valgrind is run as user nobody, let everyone write into the temporary
directory.
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
| |
|
|
|
|
| |
If any test fails, return a non-zero exit code.
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
| |
|
|
|
|
|
| |
The script has quite a few options nowadays, so add a bit of help text
also.
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wrap every call to $XT_MULTI with valgrind, or actually a wrapper script
which does the valgrind wrap and stores the log if it contains something
relevant.
Carefully name the wrapper script(s) so that test cases' checks on
$XT_MULTI name stay intact.
This mode slows down testsuite execution horribly. Luckily, it's not
meant for constant use, though.
For now, ignore commands with non-zero exit status - error paths
typically hit direct exit() calls and therefore leave reachable memory
in place.
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
| |
|
|
|
|
|
|
|
| |
After some changes, one might want to test a single variant only. Allow
this by supporting -n/--nft and -l/--legacy parameters, each disabling
the other variant.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Florian Westphal <fw@strlen.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add -H/--host parameter to run the testsuite against host system's
binaries.
While being at it, rewrite parameter parsing:
* Parse all parameters in a loop, this frees any ordering constraints.
* Set extglob option so strict pattern matching for single testcase mode
can be done via bash globbing.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
| |
|
|
|
|
|
|
|
| |
Pablo reports that tests that should return nozero now fail.
Reason is that $? is checking return value of "echo" and not the script.
Fixes: 17c66a50608 ("iptables: tests: shell: Add README")
Reported-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
1) README is added to run test suite.
2) Rename two test-case scripts to follow proper numerical order.
3) "echo -en "\033[1A\033[K" # clean the [EXECUTING] foobar line" command
should only used when verbose("-v") option is not there else instead of
clearing "[EXECUTING]" prompt it is clearing last prompt of the test file.
Signed-off-by: Arushi Singhal <arushisinghal19971997@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add script to restore ipt-save files and compare it with save output.
This should be extended to cover as many rulesets as possible, so this
is only a start.
The test script is changed to pass XT_MULTI instead of
iptables/ip6tables.
This allows ip(6)tables/ebt/arp only test scripts and avoids running all scripts
multiple times for ip/ip6tables.
Current expected output:
I: [OK] ./iptables/tests/shell/testcases/chain/0001duplicate_1
I: [OK] ./iptables/tests/shell/testcases/chain/000newchain_0
I: [OK] ./iptables/tests/shell/testcases/chain/0005rename_1
I: [OK] ./iptables/tests/shell/testcases/ipt-save/0001load-dumps_0
I: legacy results: [OK] 10 [FAILED] 0 [TOTAL] 10
I: [OK] ./iptables/tests/shell/testcases/chain/0001duplicate_1
I: [OK] ./iptables/tests/shell/testcases/chain/0004newchain_0
I: [OK] ./iptables/tests/shell/testcases/chain/0005rename_1
I: [OK] ./iptables/tests/shell/testcases/ipt-save/0001load-dumps_0
I: nft results: [OK] 10 [FAILED] 0 [TOTAL] 10
I: combined results: [OK] 20 [FAILED] 0 [TOTAL] 20
Signed-off-by: Florian Westphal <fw@strlen.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While at it, make following changes/fixes:
1. run each test in a fresh net namespace
2. remove rmmod use, its very distuptive and not needed after 1.
3. avoid -e use if possible
4. make sure we exit 0 when test is expected to fail
5. set XT_LIBDIR so we point at the correct extensions to be used
Also delete 0003duplicate_1, its same test as 0001duplicate_1.
NB: I don't think its good to have this 'encode retval in name' scheme.
These are scripts, so they should always return 0, i.e. do
iptables --this-command-should-fail || exit 0
echo "succeess, should fail"
exit 1
Much simpler, imo. This was inherited from nft shell tests
though and changing it there is rather intrusive so use same scheme for
now.
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
To run the test suite (as root):
% cd iptables/tests/shell
% ./run-tests.sh
Test files are executables files with the pattern <<name_N>> , where
N is the expected return code of the executable. Since they are
located with `find', test-files can be spreaded in any sub-directories.
You can turn on a verbose execution by calling:
% ./run-tests.sh -v
Before each call to the test-files, `kernel_cleanup' will be called.
Also, test-files will receive the environment variable $IPTABLES which
contains the path to the iptables binary being tested.
You can pass an arbitrary $IPTABLES value as well:
% IPTABLES=/../../xtables-multi iptables ./run-tests.sh
Signed-off-by: Arushi Singhal <arushisinghal19971997@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
