summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorArturo Borrero Gonzalez <arturo@netfilter.org>2018-04-16 19:18:24 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-04-18 15:57:40 +0200
commitee640bcddf2f478ea00e96a695ff84cb4cd69574 (patch)
tree7c88e881258befdaf09cb09e53bdd3534f1c7b0e /doc
parent89f0ea845ef570e3e9c5eb35236c85d54f4dcd52 (diff)
tests: reallocate cli testing script
Move this to test/ Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'doc')
-rw-r--r--doc/cli/test.sh106
1 files changed, 0 insertions, 106 deletions
diff --git a/doc/cli/test.sh b/doc/cli/test.sh
deleted file mode 100644
index 2a0fef7..0000000
--- a/doc/cli/test.sh
+++ /dev/null
@@ -1,106 +0,0 @@
-CONNTRACK=conntrack
-
-SRC=1.1.1.1
-DST=2.2.2.2
-SPORT=2005
-DPORT=21
-
-case $1 in
- dump)
- echo "Dumping conntrack table"
- $CONNTRACK -L
- ;;
- flush)
- echo "Flushing conntrack table"
- $CONNTRACK -F
- ;;
- new)
- echo "creating a new conntrack"
- $CONNTRACK -I --orig-src $SRC --orig-dst $DST \
- --reply-src $DST --reply-dst $SRC -p tcp \
- --orig-port-src $SPORT --orig-port-dst $DPORT \
- --reply-port-src $DPORT --reply-port-dst $SPORT \
- --state LISTEN -u SEEN_REPLY -t 50
- ;;
- new-simple)
- echo "creating a new conntrack (simplified)"
- $CONNTRACK -I -s $SRC -d $DST \
- -p tcp --sport $SPORT --dport $DPORT \
- --state LISTEN -u SEEN_REPLY -t 50
- ;;
- new-nat)
- echo "creating a new conntrack (NAT)"
- $CONNTRACK -I -s $SRC -d $DST \
- -p tcp --sport $SPORT --dport $DPORT \
- --state LISTEN -u SEEN_REPLY -t 50 --dst-nat 8.8.8.8
- ;;
- get)
- echo "getting a conntrack"
- $CONNTRACK -G -s $SRC -d $DST \
- -p tcp --sport $SPORT --dport $DPORT
- ;;
- change)
- echo "change a conntrack"
- $CONNTRACK -U -s $SRC -d $DST \
- -p tcp --sport $SPORT --dport $DPORT \
- --state TIME_WAIT -u ASSURED,SEEN_REPLY -t 500
- ;;
- delete)
- $CONNTRACK -D -s $SRC -d $DST \
- -p tcp --sport $SPORT --dport $DPORT
- ;;
- output)
- proc=$(cat /proc/net/ip_conntrack | wc -l)
- netl=$($CONNTRACK -L | wc -l)
- count=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count)
- if [ $proc -ne $netl ]; then
- echo "proc is $proc and netl is $netl and count is $count"
- else
- if [ $proc -ne $count ]; then
- echo "proc is $proc and netl is $netl and count is $count"
- else
- echo "now $proc"
- fi
- fi
- ;;
- dump-expect)
- $CONNTRACK -L expect
- ;;
- flush-expect)
- $CONNTRACK -F expect
- ;;
- create-expect)
- # requires modprobe ip_conntrack_ftp
- $CONNTRACK -I expect --orig-src $SRC --orig-dst $DST \
- --tuple-src 4.4.4.4 --tuple-dst 5.5.5.5 \
- --mask-src 255.255.255.0 --mask-dst 255.255.255.255 \
- -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT \
- -t 200 --tuple-port-src 10240 --tuple-port-dst 10241\
- --mask-port-src 10 --mask-port-dst 300
- ;;
- get-expect)
- $CONNTRACK -G expect --orig-src 4.4.4.4 --orig-dst 5.5.5.5 \
- --p tcp --orig-port-src 10240 --orig-port-dst 10241
- ;;
- delete-expect)
- $CONNTRACK -D expect --orig-src 4.4.4.4 \
- --orig-dst 5.5.5.5 -p tcp --orig-port-src 10240 \
- --orig-port-dst 10241
- ;;
- *)
- echo "Usage: $0 [dump"
- echo " |new"
- echo " |new-simple"
- echo " |new-nat"
- echo " |get"
- echo " |change"
- echo " |delete"
- echo " |output"
- echo " |flush"
- echo " |dump-expect"
- echo " |flush-expect"
- echo " |create-expect"
- echo " |get-expect"
- echo " |delete-expect]"
- ;;
-esac