From d196dccf1853039656f15c8da94ad349a3b7d07c Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 8 May 2018 13:08:45 +0200 Subject: tests/py: Support testing JSON input and output as well This extends nft-test.py by optional JSON testing capabilities, activated via '-j'/'--enable-json' parameter). JSON testing happens for all rules which are supposed to work: After a rule has been added and the existing tests (payload, ruleset listing output) have been performed, basically the same test is done again using a recorded JSON equivalent and (if necessary) a recorded listing output. The code tries to ease new test case creation overhead by auto-generating JSON equivalent input via listing the (non-JSON) rule in JSON format. Also, differing netlink debug and listing output are stored in *.got files to assist in analyzing/fixing failing test cases. Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- tests/py/ip/tcp.t.json | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 tests/py/ip/tcp.t.json (limited to 'tests/py/ip/tcp.t.json') diff --git a/tests/py/ip/tcp.t.json b/tests/py/ip/tcp.t.json new file mode 100644 index 00000000..e04cc1e2 --- /dev/null +++ b/tests/py/ip/tcp.t.json @@ -0,0 +1,59 @@ +# ip protocol tcp tcp dport ssh accept +[ + { + "match": { + "left": { + "payload": { + "field": "protocol", + "name": "ip" + } + }, + "right": "tcp" + } + }, + { + "match": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": "ssh" + } + }, + { + "accept": null + } +] + +# ip protocol ne tcp udp dport ssh accept +[ + { + "match": { + "left": { + "payload": { + "field": "protocol", + "name": "ip" + } + }, + "op": "!=", + "right": "tcp" + } + }, + { + "match": { + "left": { + "payload": { + "field": "dport", + "name": "udp" + } + }, + "right": "ssh" + } + }, + { + "accept": null + } +] + -- cgit v1.2.3