From d196dccf1853039656f15c8da94ad349a3b7d07c Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 8 May 2018 13:08:45 +0200 Subject: tests/py: Support testing JSON input and output as well This extends nft-test.py by optional JSON testing capabilities, activated via '-j'/'--enable-json' parameter). JSON testing happens for all rules which are supposed to work: After a rule has been added and the existing tests (payload, ruleset listing output) have been performed, basically the same test is done again using a recorded JSON equivalent and (if necessary) a recorded listing output. The code tries to ease new test case creation overhead by auto-generating JSON equivalent input via listing the (non-JSON) rule in JSON format. Also, differing netlink debug and listing output are stored in *.got files to assist in analyzing/fixing failing test cases. Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- tests/py/ip/objects.t.json | 185 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 tests/py/ip/objects.t.json (limited to 'tests/py/ip/objects.t.json') diff --git a/tests/py/ip/objects.t.json b/tests/py/ip/objects.t.json new file mode 100644 index 00000000..c83cc6a4 --- /dev/null +++ b/tests/py/ip/objects.t.json @@ -0,0 +1,185 @@ +# ip saddr 192.168.1.3 counter name "cnt2" +[ + { + "match": { + "left": { + "payload": { + "field": "saddr", + "name": "ip" + } + }, + "right": "192.168.1.3" + } + }, + { + "counter": "cnt2" + } +] + +# counter name tcp dport map {443 : "cnt1", 80 : "cnt2", 22 : "cnt1"} +[ + { + "counter": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 443, + "cnt1" + ], + [ + 80, + "cnt2" + ], + [ + 22, + "cnt1" + ] + ] + } + } + } + } +] + +# ip saddr 192.168.1.3 quota name "qt1" +[ + { + "match": { + "left": { + "payload": { + "field": "saddr", + "name": "ip" + } + }, + "right": "192.168.1.3" + } + }, + { + "quota": "qt1" + } +] + +# quota name tcp dport map {443 : "qt1", 80 : "qt2", 22 : "qt1"} +[ + { + "quota": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 443, + "qt1" + ], + [ + 80, + "qt2" + ], + [ + 22, + "qt1" + ] + ] + } + } + } + } +] + +# ct helper set "cthelp1" +[ + { + "cthelper": "cthelp1" + } +] + +# ct helper set tcp dport map {21 : "cthelp1", 2121 : "cthelp1" } +[ + { + "cthelper": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 21, + "cthelp1" + ], + [ + 2121, + "cthelp1" + ] + ] + } + } + } + } +] + +# ip saddr 192.168.1.3 limit name "lim1" +[ + { + "match": { + "left": { + "payload": { + "field": "saddr", + "name": "ip" + } + }, + "right": "192.168.1.3" + } + }, + { + "limit": "lim1" + } +] + +# limit name tcp dport map {443 : "lim1", 80 : "lim2", 22 : "lim1"} +[ + { + "limit": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 22, + "lim1" + ], + [ + 80, + "lim2" + ], + [ + 443, + "lim1" + ] + ] + } + } + } + } +] + -- cgit v1.2.3