diff options
Diffstat (limited to 'tests/monitor')
| -rwxr-xr-x | tests/monitor/run-tests.sh | 77 | ||||
| -rw-r--r-- | tests/monitor/testcases/map-expr.t | 6 | ||||
| -rw-r--r-- | tests/monitor/testcases/object.t | 2 | ||||
| -rw-r--r-- | tests/monitor/testcases/set-concat-interval.t | 12 | ||||
| -rw-r--r-- | tests/monitor/testcases/set-interval.t | 5 | ||||
| -rw-r--r-- | tests/monitor/testcases/simple.t | 8 |
6 files changed, 80 insertions, 30 deletions
diff --git a/tests/monitor/run-tests.sh b/tests/monitor/run-tests.sh index ffb833a7..f1ac790a 100755 --- a/tests/monitor/run-tests.sh +++ b/tests/monitor/run-tests.sh @@ -1,7 +1,7 @@ #!/bin/bash cd $(dirname $0) -nft=../../src/nft +nft=${NFT:-../../src/nft} debug=false test_json=false @@ -9,17 +9,24 @@ mydiff() { diff -w -I '^# ' "$@" } -if [ "$(id -u)" != "0" ] ; then - echo "this requires root!" +err() { + echo "$*" >&2 +} + +die() { + err "$*" exit 1 +} + +if [ "$(id -u)" != "0" ] ; then + die "this requires root!" fi testdir=$(mktemp -d) if [ ! -d $testdir ]; then - echo "Failed to create test directory" >&2 - exit 1 + die "Failed to create test directory" fi -trap "rm -rf $testdir; $nft flush ruleset" EXIT +trap 'rm -rf $testdir; $nft flush ruleset' EXIT command_file=$(mktemp -p $testdir) output_file=$(mktemp -p $testdir) @@ -56,6 +63,7 @@ monitor_run_test() { monitor_output=$(mktemp -p $testdir) monitor_args="" $test_json && monitor_args="vm json" + local rc=0 $nft -nn monitor $monitor_args >$monitor_output & monitor_pid=$! @@ -66,46 +74,50 @@ monitor_run_test() { echo "command file:" cat $command_file } - $nft -f $command_file || { - echo "nft command failed!" - kill $monitor_pid - wait >/dev/null 2>&1 - exit 1 + $nft -f - <$command_file || { + err "nft command failed!" + rc=1 } sleep 0.5 kill $monitor_pid wait >/dev/null 2>&1 $test_json && json_output_filter $monitor_output - if ! mydiff -q $monitor_output $output_file >/dev/null 2>&1; then - echo "monitor output differs!" - mydiff -u $output_file $monitor_output - exit 1 + mydiff -q $monitor_output $output_file >/dev/null 2>&1 + if [[ $rc == 0 && $? != 0 ]]; then + err "monitor output differs!" + mydiff -u $output_file $monitor_output >&2 + rc=1 fi rm $command_file rm $output_file touch $command_file touch $output_file + return $rc } echo_run_test() { echo_output=$(mktemp -p $testdir) + local rc=0 + $debug && { echo "command file:" cat $command_file } - $nft -nn -e -f $command_file >$echo_output || { - echo "nft command failed!" - exit 1 + $nft -nn -e -f - <$command_file >$echo_output || { + err "nft command failed!" + rc=1 } - if ! mydiff -q $echo_output $output_file >/dev/null 2>&1; then - echo "echo output differs!" - mydiff -u $output_file $echo_output - exit 1 + mydiff -q $echo_output $output_file >/dev/null 2>&1 + if [[ $rc == 0 && $? != 0 ]]; then + err "echo output differs!" + mydiff -u $output_file $echo_output >&2 + rc=1 fi rm $command_file rm $output_file touch $command_file touch $output_file + return $rc } testcases="" @@ -143,12 +155,16 @@ else variants="monitor echo" fi +rc=0 for variant in $variants; do run_test=${variant}_run_test output_append=${variant}_output_append for testcase in ${testcases:-testcases/*.t}; do - echo "$variant: running tests from file $(basename $testcase)" + filename=$(basename $testcase) + echo "$variant: running tests from file $filename" + rc_start=$rc + # files are like this: # # I add table ip t @@ -162,7 +178,10 @@ for variant in $variants; do while read dir line; do case $dir in I) - $input_complete && $run_test + $input_complete && { + $run_test + let "rc += $?" + } input_complete=false cmd_append "$line" ;; @@ -179,6 +198,14 @@ for variant in $variants; do ;; esac done <$testcase - $input_complete && $run_test + $input_complete && { + $run_test + let "rc += $?" + } + + let "rc_diff = rc - rc_start" + [[ $rc_diff -ne 0 ]] && \ + echo "$variant: $rc_diff tests from file $filename failed" done done +exit $rc diff --git a/tests/monitor/testcases/map-expr.t b/tests/monitor/testcases/map-expr.t new file mode 100644 index 00000000..8729c0b4 --- /dev/null +++ b/tests/monitor/testcases/map-expr.t @@ -0,0 +1,6 @@ +# first the setup +I add table ip t +I add map ip t m { typeof meta day . meta hour : verdict; flags interval; counter; } +O - +J {"add": {"table": {"family": "ip", "name": "t", "handle": 0}}} +J {"add": {"map": {"family": "ip", "name": "m", "table": "t", "type": ["day", "hour"], "handle": 0, "map": "verdict", "flags": ["interval"], "stmt": [{"counter": null}]}}} diff --git a/tests/monitor/testcases/object.t b/tests/monitor/testcases/object.t index 2afe33c8..53a9f8c5 100644 --- a/tests/monitor/testcases/object.t +++ b/tests/monitor/testcases/object.t @@ -37,7 +37,7 @@ I delete ct helper ip t cth O - J {"delete": {"ct helper": {"family": "ip", "name": "cth", "table": "t", "handle": 0, "type": "sip", "protocol": "tcp", "l3proto": "ip"}}} -I add ct timeout ip t ctt { protocol udp; l3proto ip; policy = { unreplied : 15, replied : 12 }; } +I add ct timeout ip t ctt { protocol udp; l3proto ip; policy = { unreplied : 15s, replied : 12s }; } O - J {"add": {"ct timeout": {"family": "ip", "name": "ctt", "table": "t", "handle": 0, "protocol": "udp", "l3proto": "ip", "policy": {"unreplied": 15, "replied": 12}}}} diff --git a/tests/monitor/testcases/set-concat-interval.t b/tests/monitor/testcases/set-concat-interval.t new file mode 100644 index 00000000..763dc319 --- /dev/null +++ b/tests/monitor/testcases/set-concat-interval.t @@ -0,0 +1,12 @@ +# setup first +I add table ip t +I add chain ip t c +O - +J {"add": {"table": {"family": "ip", "name": "t", "handle": 0}}} +J {"add": {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}} + +# add set with elements, monitor output expectedly differs +I add map ip t s { typeof udp length . @ih,32,32 : verdict; flags interval; elements = { 20-80 . 0x14 : accept, 1-10 . 0xa : drop }; } +O add map ip t s { typeof udp length . @ih,32,32 : verdict; flags interval; } +O add element ip t s { 20-80 . 0x14 : accept } +O add element ip t s { 1-10 . 0xa : drop } diff --git a/tests/monitor/testcases/set-interval.t b/tests/monitor/testcases/set-interval.t index 1fbcfe22..5053c596 100644 --- a/tests/monitor/testcases/set-interval.t +++ b/tests/monitor/testcases/set-interval.t @@ -23,3 +23,8 @@ J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "ex I add rule ip t c tcp dport { 20, 30-40 } O - J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [20, {"range": [30, 40]}]}}}]}}} + +# ... and anon concat range +I add rule ip t c ether saddr . ip saddr { 08:00:27:40:f7:09 . 192.168.56.10-192.168.56.12 } +O - +J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ether", "field": "saddr"}}, {"payload": {"protocol": "ip", "field": "saddr"}}]}, "right": {"set": [{"concat": ["08:00:27:40:f7:09", {"range": ["192.168.56.10", "192.168.56.12"]}]}]}}}]}}} diff --git a/tests/monitor/testcases/simple.t b/tests/monitor/testcases/simple.t index 78fd6616..67be5c85 100644 --- a/tests/monitor/testcases/simple.t +++ b/tests/monitor/testcases/simple.t @@ -14,14 +14,14 @@ O - J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22, 80, 443]}}}, {"accept": null}]}}} I insert rule ip t c counter accept -O add rule ip t c counter packets 0 bytes 0 accept -J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}} +O insert rule ip t c counter packets 0 bytes 0 accept +J {"insert": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}} I replace rule ip t c handle 2 accept comment "foo bar" -O add rule ip t c accept comment "foo bar" O delete rule ip t c handle 2 -J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "comment": "foo bar", "expr": [{"accept": null}]}}} +O add rule ip t c handle 5 accept comment "foo bar" J {"delete": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"accept": null}]}}} +J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "comment": "foo bar", "expr": [{"accept": null}]}}} I add counter ip t cnt O add counter ip t cnt { packets 0 bytes 0 } |