From adb03c3f06ff1f3ac23d3b7b7f10f91122029914 Mon Sep 17 00:00:00 2001 From: Jeremy Sowden Date: Sat, 12 Feb 2022 16:58:30 +0000 Subject: tests: add `NOMATCH` test result Currently, there are two supported test results: `OK` and `FAIL`. It is expected that either the iptables command fails, or it succeeds and dumping the rule has the correct output. However, it is possible that the command may succeed but the output may not be correct. Add a `NOMATCH` result to cover this outcome. Make a few white-space improvements at the same time. Signed-off-by: Jeremy Sowden Signed-off-by: Florian Westphal --- iptables-test.py | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) (limited to 'iptables-test.py') diff --git a/iptables-test.py b/iptables-test.py index 91c77e3d..4a587a29 100755 --- a/iptables-test.py +++ b/iptables-test.py @@ -73,9 +73,9 @@ def run_test(iptables, rule, rule_save, res, filename, lineno, netns): Executes an unit test. Returns the output of delete_rule(). Parameters: - :param iptables: string with the iptables command to execute + :param iptables: string with the iptables command to execute :param rule: string with iptables arguments for the rule to test - :param rule_save: string to find the rule in the output of iptables -save + :param rule_save: string to find the rule in the output of iptables-save :param res: expected result of the rule. Valid values: "OK", "FAIL" :param filename: name of the file tested (used for print_error purposes) :param lineno: line number being tested (used for print_error purposes) @@ -92,7 +92,7 @@ def run_test(iptables, rule, rule_save, res, filename, lineno, netns): # report failed test # if ret: - if res == "OK": + if res != "FAIL": reason = "cannot load: " + cmd print_error(reason, filename, lineno) return -1 @@ -146,10 +146,20 @@ def run_test(iptables, rule, rule_save, res, filename, lineno, netns): # find the rule matching = out.find(rule_save.encode('utf-8')) if matching < 0: - reason = "cannot find: " + iptables + " -I " + rule - print_error(reason, filename, lineno) - delete_rule(iptables, rule, filename, lineno) - return -1 + if res == "OK": + reason = "cannot find: " + iptables + " -I " + rule + print_error(reason, filename, lineno) + delete_rule(iptables, rule, filename, lineno) + return -1 + else: + # do not report this error + return 0 + else: + if res != "OK": + reason = "should not match: " + cmd + print_error(reason, filename, lineno) + delete_rule(iptables, rule, filename, lineno) + return -1 # Test "ip netns del NETNS" path with rules in place if netns: @@ -190,14 +200,18 @@ def variant_res(res, variant): result. Therefore map @res to itself if given variant is current, invert it otherwise. - :param res: expected result from test spec ("OK" or "FAIL") + :param res: expected result from test spec ("OK", "FAIL" or "NOMATCH") :param variant: variant @res is scoped to by test spec ("NFT" or "LEGACY") ''' variant_executable = { - "NFT": "xtables-nft-multi", - "LEGACY": "xtables-legacy-multi" + "NFT": "xtables-nft-multi", + "LEGACY": "xtables-legacy-multi" + } + res_inverse = { + "OK": "FAIL", + "FAIL": "OK", + "NOMATCH": "OK" } - res_inverse = { "OK": "FAIL", "FAIL": "OK" } if variant_executable[variant] == EXECUTABLE: return res -- cgit v1.2.3