summaryrefslogtreecommitdiffstats
path: root/tests/runtest.sh
blob: 05550c668733e1302c7b4b17414b4a72c44d3d73 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/bin/bash

# set -x

ipset=${IPSET_BIN:-../src/ipset}

tests="init"
tests="$tests ipmap bitmap:ip"
tests="$tests macipmap portmap"
tests="$tests iphash hash:ip hash:ip6"
tests="$tests ipporthash hash:ip,port hash:ip6,port"
tests="$tests ipmarkhash hash:ip,mark hash:ip6,mark"
tests="$tests ipportiphash hash:ip,port,ip hash:ip6,port,ip6"
tests="$tests nethash hash:net hash:net6 hash:net,port hash:net6,port"
tests="$tests hash:ip,port,net hash:ip6,port,net6 hash:net,net hash:net6,net6"
tests="$tests hash:net,port,net hash:net6,port,net6"
tests="$tests hash:net,iface.t hash:mac.t"
tests="$tests comment setlist restore"
# tests="$tests iptree iptreemap"

# For correct sorting:
LC_ALL=C
export LC_ALL

add_tests() {
	# inet|inet6 network
	if [ $1 = "inet" ]; then
		cmd=iptables-save
		add="match_target match_flags"
	else
		cmd=ip6tables-save
		add=match_target6
	fi
	#line="`dmesg | tail -1 | cut -d " " -f 2-`"
	#if [ ! -e /var/log/kern.log -o -z "`grep -F \"$line\" /var/log/kern.log`" ]; then
	#	echo "The destination for kernel log is not /var/log/kern.log, skipping $1 match and target tests"
	#	return
	#fi
	c=${cmd%%-save}
	if [ "`$c -m set -h 2>&1| grep 'cannot open shared object'`" ]; then
		echo "$c does not support set match, skipping $1 match and target tests"
		return
	fi
	if [ `$cmd -t filter | wc -l` -eq 7 -a \
	     `$cmd -t filter | grep ACCEPT | wc -l` -eq 3 ]; then
	     	if [ -z "`which sendip`" ]; then
	     		echo "sendip utility is missig: skipping $1 match and target tests"
	     	elif [ -n "`netstat --protocol $1 -n | grep $2`" ]; then
	     		echo "Our test network $2 in use: skipping $1 match and target tests"
	     	else
	     		tests="$tests $add"
	     	fi
	     	:
	else
		echo "You have got iptables rules: skipping $1 match and target tests"
	fi
}

if [ "$1" ]; then
	tests="init $@"
else
	add_tests inet 10.255.255
	add_tests inet6 1002:1002:1002:1002::
fi

# Make sure the scripts are executable
chmod a+x check_* *.sh

for types in $tests; do
    $ipset -X test >/dev/null 2>&1
    if [ -f $types ]; then
    	filename=$types
    else
    	filename=$types.t
    fi
    while read ret cmd; do
	case $ret in
	    \#)
	    	if [ "$cmd" = "eof" ]; then
	    		break
	    	fi
	    	what=$cmd
		continue
		;;
	    skip)
	    	eval $cmd
	    	if [ $? -ne 0 ]; then
	    		echo "Skipping tests, '$cmd' failed"
	    		break
	    	fi
	    	continue
	    	;;
	    *)
		;;
	esac
	echo -ne "$types: $what: "
	cmd=`echo $cmd | sed "s|ipset|$ipset 2>.foo.err|"`
	eval $cmd
	r=$?
	# echo $ret $r
	if [ "$ret" = "$r" ]; then
		echo "passed"
	else
		echo "FAILED"
		echo "Failed test: $cmd"
		cat .foo.err
		exit 1
	fi
	# sleep 1
    done < $filename
done
# Remove test sets created by setlist.t
$ipset -X >/dev/null 2>&1
for x in $tests; do
	case $x in
	init)
		;;
	*)
		for x in `lsmod | grep ip_set_ | awk '{print $1}'`; do
			rmmod $x >/dev/null 2>&1
		done
		;;
	esac
done
rmmod ip_set >/dev/null 2>&1
rm -f .foo*
echo "All tests are passed"