From 0fdd9806bdf69f1027497ec9a5ec452f2c0e99f0 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 7 Oct 2010 17:43:58 +0200
Subject: utils: more realistic expectation creation for FTP helper

This patch changes the existing example to make it more realistic.
It also removes the timeout setup since this field is ignored by
ctnetlink if we specify a kernel-space conntrack helper to be used.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 utils/conntrack_create.c |  1 -
 utils/expect_create.c    | 11 ++++++-----
 utils/expect_delete.c    |  6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

(limited to 'utils')

diff --git a/utils/conntrack_create.c b/utils/conntrack_create.c
index e304fef..a168d2c 100644
--- a/utils/conntrack_create.c
+++ b/utils/conntrack_create.c
@@ -29,7 +29,6 @@ int main()
 
 	nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_SYN_SENT);
 	nfct_set_attr_u32(ct, ATTR_TIMEOUT, 100);
-	nfct_set_attr(ct, ATTR_HELPER_NAME, "ftp");
 
 	h = nfct_open(CONNTRACK, 0);
 	if (!h) {
diff --git a/utils/expect_create.c b/utils/expect_create.c
index f05df6b..9e3c7fb 100644
--- a/utils/expect_create.c
+++ b/utils/expect_create.c
@@ -37,8 +37,9 @@ int main()
 
 	nfct_setobjopt(master, NFCT_SOPT_SETUP_REPLY);
 
-	nfct_set_attr_u8(master, ATTR_TCP_STATE, TCP_CONNTRACK_SYN_SENT);
+	nfct_set_attr_u8(master, ATTR_TCP_STATE, TCP_CONNTRACK_ESTABLISHED);
 	nfct_set_attr_u32(master, ATTR_TIMEOUT, 200);
+	nfct_set_attr(master, ATTR_HELPER_NAME, "ftp");
 
 	h = nfct_open(CONNTRACK, 0);
 	if (!h) {
@@ -63,11 +64,11 @@ int main()
 	}
 
 	nfct_set_attr_u8(expected, ATTR_L3PROTO, AF_INET);
-	nfct_set_attr_u32(expected, ATTR_IPV4_SRC, inet_addr("4.4.4.4"));
-	nfct_set_attr_u32(expected, ATTR_IPV4_DST, inet_addr("5.5.5.5"));
+	nfct_set_attr_u32(expected, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
+	nfct_set_attr_u32(expected, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
 
 	nfct_set_attr_u8(expected, ATTR_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(expected, ATTR_PORT_SRC, htons(10240));
+	nfct_set_attr_u16(expected, ATTR_PORT_SRC, 0);
 	nfct_set_attr_u16(expected, ATTR_PORT_DST, htons(10241));
 
 	mask = nfct_new();
@@ -81,7 +82,7 @@ int main()
 	nfct_set_attr_u32(mask, ATTR_IPV4_DST, 0xffffffff);
 
 	nfct_set_attr_u8(mask, ATTR_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(mask, ATTR_PORT_SRC, 0xffff);
+	nfct_set_attr_u16(mask, ATTR_PORT_SRC, 0x0000);
 	nfct_set_attr_u16(mask, ATTR_PORT_DST, 0xffff);
 
 	/*
diff --git a/utils/expect_delete.c b/utils/expect_delete.c
index a402757..d6b56f1 100644
--- a/utils/expect_delete.c
+++ b/utils/expect_delete.c
@@ -18,11 +18,11 @@ int main()
 	}
 
 	nfct_set_attr_u8(expected, ATTR_L3PROTO, AF_INET);
-	nfct_set_attr_u32(expected, ATTR_IPV4_SRC, inet_addr("4.4.4.4"));
-	nfct_set_attr_u32(expected, ATTR_IPV4_DST, inet_addr("5.5.5.5"));
+	nfct_set_attr_u32(expected, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
+	nfct_set_attr_u32(expected, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
 
 	nfct_set_attr_u8(expected, ATTR_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(expected, ATTR_PORT_SRC, htons(10240));
+	nfct_set_attr_u16(expected, ATTR_PORT_SRC, 0);
 	nfct_set_attr_u16(expected, ATTR_PORT_DST, htons(10241));
 
 	exp = nfexp_new();
-- 
cgit v1.2.3