diff options
author | Phil Sutter <phil@nwl.cc> | 2017-07-19 15:05:29 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-07-19 19:24:39 +0200 |
commit | abd40b25d2ed413994e19699425964115ef49aa5 (patch) | |
tree | f0296a9f79cac884b60a1f2e6667b00386eed2b1 /tests | |
parent | 504439a02da3ca284e17b9755f3734e45a68cc44 (diff) |
tests: Add basic monitor testing framework
This implements testing of 'nft monitor' output correctness and adds a
number of testcases for named sets.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/monitor/run-tests.sh | 78 | ||||
-rw-r--r-- | tests/monitor/testcases/set-maps.t | 11 | ||||
-rw-r--r-- | tests/monitor/testcases/set-mixed.t | 19 | ||||
-rw-r--r-- | tests/monitor/testcases/set-multiple.t | 13 | ||||
-rw-r--r-- | tests/monitor/testcases/set-simple.t | 47 |
5 files changed, 168 insertions, 0 deletions
diff --git a/tests/monitor/run-tests.sh b/tests/monitor/run-tests.sh new file mode 100755 index 00000000..7447adf1 --- /dev/null +++ b/tests/monitor/run-tests.sh @@ -0,0 +1,78 @@ +#!/bin/bash + +cd $(dirname $0) + +testdir=$(mktemp -d) +if [ ! -d $testdir ]; then + echo "Failed to create test directory" >&2 + exit 0 +fi +trap "rm -rf $testdir" EXIT + +nft=../../src/nft +command_file=$(mktemp -p $testdir) +output_file=$(mktemp -p $testdir) + +cmd_append() { + echo "$*" >>$command_file +} +output_append() { + echo "$*" >>$output_file +} +run_test() { + monitor_output=$(mktemp -p $testdir) + $nft monitor >$monitor_output & + monitor_pid=$! + + sleep 0.5 + + $nft -f $command_file || { + echo "nft command failed!" + kill $monitor_pid + wait >/dev/null 2>&1 + exit 1 + } + sleep 0.5 + kill $monitor_pid + wait >/dev/null 2>&1 + if ! diff -Z -q $monitor_output $output_file >/dev/null 2>&1; then + echo "monitor output differs!" + diff -Z -u $output_file $monitor_output + exit 1 + fi + rm $command_file + rm $output_file + touch $command_file + touch $output_file +} + +for testcase in testcases/*.t; do + echo "running tests from file $(basename $testcase)" + # files are like this: + # + # I add table ip t + # O add table ip t + # I add chain ip t c + # O add chain ip t c + + $nft flush ruleset + + input_complete=false + while read dir line; do + case $dir in + I) + $input_complete && run_test + input_complete=false + cmd_append "$line" + ;; + O) + input_complete=true + output_append "$line" + ;; + '#'|'') + # ignore comments and empty lines + ;; + esac + done <$testcase + $input_complete && run_test +done diff --git a/tests/monitor/testcases/set-maps.t b/tests/monitor/testcases/set-maps.t new file mode 100644 index 00000000..d94016be --- /dev/null +++ b/tests/monitor/testcases/set-maps.t @@ -0,0 +1,11 @@ +# first the setup +I add table ip t +O add table ip t +I add map ip t portip { type inet_service: ipv4_addr; flags interval; } +O add map ip t portip { type inet_service : ipv4_addr;flags interval } + +I add element ip t portip { 80-100: 10.0.0.1 } +O add element ip t portip { 80-100 : 10.0.0.1 } + +I add element ip t portip { 1024-65535: 10.0.0.1 } +O add element ip t portip { 1024-65535 : 10.0.0.1 } diff --git a/tests/monitor/testcases/set-mixed.t b/tests/monitor/testcases/set-mixed.t new file mode 100644 index 00000000..c4699eda --- /dev/null +++ b/tests/monitor/testcases/set-mixed.t @@ -0,0 +1,19 @@ +# first the setup +I add table ip t +O add table ip t +I add set ip t portrange { type inet_service; flags interval; } +O add set ip t portrange { type inet_service;flags interval } +I add set ip t ports { type inet_service; } +O add set ip t ports { type inet_service;} + +# make sure concurrent adds work +I add element ip t portrange { 1024-65535 } +I add element ip t ports { 10 } +O add element ip t portrange { 1024-65535 } +O add element ip t ports { 10 } + +# delete items again +I delete element ip t portrange { 1024-65535 } +I delete element ip t ports { 10 } +O delete element ip t portrange { 1024-65535 } +O delete element ip t ports { 10 } diff --git a/tests/monitor/testcases/set-multiple.t b/tests/monitor/testcases/set-multiple.t new file mode 100644 index 00000000..d94f941b --- /dev/null +++ b/tests/monitor/testcases/set-multiple.t @@ -0,0 +1,13 @@ +# first the setup +I add table ip t +O add table ip t +I add set ip t portrange { type inet_service; flags interval; } +O add set ip t portrange { type inet_service;flags interval } +I add set ip t portrange2 { type inet_service; flags interval; } +O add set ip t portrange2 { type inet_service;flags interval } + +# make sure concurrent adds work +I add element ip t portrange { 1024-65535 } +I add element ip t portrange2 { 10-20 } +O add element ip t portrange { 1024-65535 } +O add element ip t portrange2 { 10-20 } diff --git a/tests/monitor/testcases/set-simple.t b/tests/monitor/testcases/set-simple.t new file mode 100644 index 00000000..22f648db --- /dev/null +++ b/tests/monitor/testcases/set-simple.t @@ -0,0 +1,47 @@ +# first the setup +I add table ip t +O add table ip t +I add set ip t portrange { type inet_service; flags interval; } +O add set ip t portrange { type inet_service;flags interval } + +# adding some ranges +I add element ip t portrange { 1-10 } +O add element ip t portrange { 1-10 } +I add element ip t portrange { 1024-65535 } +O add element ip t portrange { 1024-65535 } +I add element ip t portrange { 20-30, 40-50 } +O add element ip t portrange { 20-30 } +O add element ip t portrange { 40-50 } + +# test flushing -> elements are removed in reverse +I flush set ip t portrange +O delete element ip t portrange { 1024-65535 } +O delete element ip t portrange { 40-50 } +O delete element ip t portrange { 20-30 } +O delete element ip t portrange { 1-10 } + +# make sure lower scope boundary works +I add element ip t portrange { 0-10 } +O add element ip t portrange { 0-10 } + +# make sure half open before other element works +I add element ip t portrange { 1024-65535 } +I add element ip t portrange { 100-200 } +O add element ip t portrange { 1024-65535 } +O add element ip t portrange { 100-200 } + +# make sure deletion of elements works +I delete element ip t portrange { 0-10 } +O delete element ip t portrange { 0-10 } +I delete element ip t portrange { 100-200 } +I delete element ip t portrange { 1024-65535 } +O delete element ip t portrange { 100-200 } +O delete element ip t portrange { 1024-65535 } + +# make sure mixed add/delete works +I add element ip t portrange { 10-20 } +I add element ip t portrange { 1024-65535 } +I delete element ip t portrange { 10-20 } +O add element ip t portrange { 10-20 } +O add element ip t portrange { 1024-65535 } +O delete element ip t portrange { 10-20 } |