From ed9cfe1b4852647be7faa9d5262d315707a0a0c6 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Tue, 26 Jun 2018 23:16:22 +0200
Subject: tests: add initial save/restore test cases

Add script to restore ipt-save files and compare it with save output.
This should be extended to cover as many rulesets as possible, so this
is only a start.

The test script is changed to pass XT_MULTI instead of
iptables/ip6tables.

This allows ip(6)tables/ebt/arp only test scripts and avoids running all scripts
multiple times for ip/ip6tables.

Current expected output:

I: [OK]          ./iptables/tests/shell/testcases/chain/0001duplicate_1
I: [OK]          ./iptables/tests/shell/testcases/chain/000newchain_0
I: [OK]          ./iptables/tests/shell/testcases/chain/0005rename_1
I: [OK]          ./iptables/tests/shell/testcases/ipt-save/0001load-dumps_0
I: legacy results: [OK] 10 [FAILED] 0 [TOTAL] 10
I: [OK]          ./iptables/tests/shell/testcases/chain/0001duplicate_1
I: [OK]          ./iptables/tests/shell/testcases/chain/0004newchain_0
I: [OK]          ./iptables/tests/shell/testcases/chain/0005rename_1
I: [OK]          ./iptables/tests/shell/testcases/ipt-save/0001load-dumps_0
I: nft results: [OK] 10 [FAILED] 0 [TOTAL] 10
I: combined results: [OK] 20 [FAILED] 0 [TOTAL] 20

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 .../shell/testcases/ipt-save/0001load-dumps_0      | 52 ++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100755 iptables/tests/shell/testcases/ipt-save/0001load-dumps_0

(limited to 'iptables/tests/shell/testcases/ipt-save/0001load-dumps_0')

diff --git a/iptables/tests/shell/testcases/ipt-save/0001load-dumps_0 b/iptables/tests/shell/testcases/ipt-save/0001load-dumps_0
new file mode 100755
index 00000000..acbc7b73
--- /dev/null
+++ b/iptables/tests/shell/testcases/ipt-save/0001load-dumps_0
@@ -0,0 +1,52 @@
+#!/bin/bash
+
+RET=0
+tmpfile=""
+set -x
+
+
+clean_tmpfile()
+{
+        if [ ! -z "$tmpfile" ];then
+                rm -f "$tmpfile"
+        fi
+}
+
+trap clean_tmpfile EXIT
+
+do_diff()
+{
+	A="$1"
+	B="$2"
+
+	AT=$(mktemp)
+	grep -v "^#" "$A" > "$AT"
+
+	diff -u "$AT" "$B"
+
+	x=$?
+	rm -f "$AT"
+	echo "Return $x for $XT_MULTI $A"
+
+	return $x
+}
+
+tmpfile=$(mktemp) || exit 1
+do_simple()
+{
+	iptables="$1"
+	dumpfile="$2"
+
+	$XT_MULTI ${iptables}-restore < "$dumpfile"
+	$XT_MULTI ${iptables}-save | grep -v "^#" > "$tmpfile"
+	do_diff $dumpfile "$tmpfile"
+	if [ $? -ne 0 ]; then
+		# cp "$tmpfile" "$dumpfile.got"
+		RET=1
+	fi
+}
+
+do_simple "iptables" $(dirname "$0")/dumps/ipt-save-filter.txt
+do_simple "iptables" $(dirname "$0")/dumps/policy-drop.txt
+
+exit $RET
-- 
cgit v1.2.3