summaryrefslogtreecommitdiffstats
path: root/iptables/tests/shell/testcases/iptables/0004-return-codes_0
diff options
context:
space:
mode:
Diffstat (limited to 'iptables/tests/shell/testcases/iptables/0004-return-codes_0')
-rwxr-xr-xiptables/tests/shell/testcases/iptables/0004-return-codes_038
1 files changed, 38 insertions, 0 deletions
diff --git a/iptables/tests/shell/testcases/iptables/0004-return-codes_0 b/iptables/tests/shell/testcases/iptables/0004-return-codes_0
new file mode 100755
index 00000000..34dffeee
--- /dev/null
+++ b/iptables/tests/shell/testcases/iptables/0004-return-codes_0
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+# make sure error return codes are as expected useful cases
+# (e.g. commands to check ruleset state)
+
+global_rc=0
+
+cmd() { # (rc, cmd, [args ...])
+ rc_exp=$1; shift
+
+ $XT_MULTI "$@"
+ rc=$?
+
+ [ $rc -eq $rc_exp ] || {
+ echo "---> expected $rc_exp, got $rc for command '$@'"
+ global_rc=1
+ }
+}
+
+# test chain creation
+cmd 0 iptables -N foo
+cmd 1 iptables -N foo
+# iptables-nft allows this - bug or feature?
+#cmd 2 iptables -N "invalid name"
+
+# test rule adding
+cmd 0 iptables -A INPUT -j ACCEPT
+cmd 1 iptables -A noexist -j ACCEPT
+
+# test rule checking
+cmd 0 iptables -C INPUT -j ACCEPT
+cmd 1 iptables -C FORWARD -j ACCEPT
+cmd 1 iptables -C nonexist -j ACCEPT
+cmd 2 iptables -C INPUT -j foobar
+cmd 2 iptables -C INPUT -m foobar -j ACCEPT
+cmd 3 iptables -t foobar -C INPUT -j ACCEPT
+
+exit $global_rc