From a9f937785bf1cecfd9a2879bcc8ad3a91045b207 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sat, 3 Nov 2018 14:40:26 +0100 Subject: iptables-tests: add % to run iptables commands Lines starting by % allows you to run iptables commands, use it for rateest test. Signed-off-by: Pablo Neira Ayuso --- extensions/libxt_rateest.t | 8 ++++---- iptables-test.py | 8 ++++++++ 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/extensions/libxt_rateest.t b/extensions/libxt_rateest.t index c53b4b62..c5158614 100644 --- a/extensions/libxt_rateest.t +++ b/extensions/libxt_rateest.t @@ -1,10 +1,10 @@ :INPUT,FORWARD,OUTPUT -@iptables -I INPUT -j RATEEST --rateest-name RE1 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms +%iptables -I INPUT -j RATEEST --rateest-name RE1 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms -m rateest --rateest RE1 --rateest-lt --rateest-bps 8bit;=;OK -m rateest --rateest RE1 --rateest-eq --rateest-pps 5;=;OK -m rateest --rateest RE1 --rateest-gt --rateest-bps 5kbit;-m rateest --rateest RE1 --rateest-gt --rateest-bps 5000bit;OK -m rateest --rateest-delta --rateest RE1 --rateest-bps1 8bit --rateest-lt --rateest-bps2 16bit;=;OK -@iptables -I INPUT -j RATEEST --rateest-name RE2 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms +%iptables -I INPUT -j RATEEST --rateest-name RE2 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms -m rateest --rateest1 RE1 --rateest-lt --rateest-bps --rateest2 RE2;=;OK -m rateest --rateest-delta --rateest1 RE1 --rateest-pps1 0 --rateest-lt --rateest-pps2 42 --rateest2 RE2;=;OK -m rateest --rateest-delta --rateest RE1 --rateest-bps1 8bit --rateest-eq --rateest-bps2 16bit;=;OK @@ -12,5 +12,5 @@ -m rateest --rateest-delta --rateest RE1 --rateest-pps1 8 --rateest-lt --rateest-pps2 9;=;OK -m rateest --rateest-delta --rateest RE1 --rateest-pps1 8 --rateest-eq --rateest-pps2 9;=;OK -m rateest --rateest-delta --rateest RE1 --rateest-pps1 8 --rateest-gt --rateest-pps2 9;=;OK -@iptables -D INPUT -j RATEEST --rateest-name RE1 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms -@iptables -D INPUT -j RATEEST --rateest-name RE2 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms +%iptables -D INPUT -j RATEEST --rateest-name RE1 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms +%iptables -D INPUT -j RATEEST --rateest-name RE2 --rateest-interval 250.0ms --rateest-ewmalog 500.0ms diff --git a/iptables-test.py b/iptables-test.py index 7858f187..34a04042 100755 --- a/iptables-test.py +++ b/iptables-test.py @@ -227,6 +227,14 @@ def run_test_file(filename, netns): execute_cmd(external_cmd, filename, lineno) continue + # external iptables invocation, executed as is. + if line[0] == "%": + external_cmd = line.rstrip()[1:] + if netns: + external_cmd = "ip netns exec ____iptables-container-test " + EXECUTEABLE + " " + external_cmd + execute_cmd(external_cmd, filename, lineno) + continue + if line[0] == "*": table = line.rstrip()[1:] continue -- cgit v1.2.3