iptables/tests/shell/testcases/iptables/0002-verbose-output_0


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

#!/bin/bash

set -e
#set -x

# ensure verbose output is identical between legacy and nft tools

RULE1='-i eth2 -o eth3 -s 10.0.0.1 -d 10.0.0.2 -j ACCEPT'
VOUT1='ACCEPT  all opt -- in eth2 out eth3  10.0.0.1  -> 10.0.0.2'
RULE2='-i eth2 -o eth3 -s 10.0.0.4 -d 10.0.0.5 -j ACCEPT'
VOUT2='ACCEPT  all opt -- in eth2 out eth3  10.0.0.4  -> 10.0.0.5'

diff -u -Z <(echo -e "$VOUT1") <($XT_MULTI iptables -v -A FORWARD $RULE1)
diff -u -Z <(echo -e "$VOUT2") <($XT_MULTI iptables -v -I FORWARD 2 $RULE2)

diff -u -Z <(echo -e "$VOUT1") <($XT_MULTI iptables -v -C FORWARD $RULE1)
diff -u -Z <(echo -e "$VOUT2") <($XT_MULTI iptables -v -C FORWARD $RULE2)

EXPECT='Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  eth2   eth3    10.0.0.1             10.0.0.2
    0     0 ACCEPT     all  --  eth2   eth3    10.0.0.4             10.0.0.5

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -v -n -L)

[[ -z $($XT_MULTI iptables -v -N foobar) ]] || exit 1

diff -u -Z <(echo -e "$VOUT1") <($XT_MULTI iptables -v -D FORWARD $RULE1)
diff -u -Z <(echo -e "$VOUT2") <($XT_MULTI iptables -v -D FORWARD $RULE2)

EXPECT="Flushing chain \`INPUT'
Flushing chain \`FORWARD'
Flushing chain \`OUTPUT'
Flushing chain \`foobar'"

diff -u <(echo -e "$EXPECT") <($XT_MULTI iptables -v -F)

EXPECT="Zeroing chain \`INPUT'
Zeroing chain \`FORWARD'
Zeroing chain \`OUTPUT'
Zeroing chain \`foobar'"

diff -u <(echo -e "$EXPECT") <($XT_MULTI iptables -v -Z)

diff -u <(echo "Flushing chain \`OUTPUT'") <($XT_MULTI iptables -v -F OUTPUT)
diff -u <(echo "Zeroing chain \`OUTPUT'") <($XT_MULTI iptables -v -Z OUTPUT)
diff -u <(echo "Flushing chain \`foobar'") <($XT_MULTI iptables -v -F foobar)
diff -u <(echo "Zeroing chain \`foobar'") <($XT_MULTI iptables -v -Z foobar)

diff -u <(echo "Deleting chain \`foobar'") <($XT_MULTI iptables -v -X foobar)

# make sure non-verbose mode is silent
diff -u <(echo -n "") <(
	$XT_MULTI iptables -N foobar
	$XT_MULTI iptables -A foobar $RULE1
	$XT_MULTI iptables -A foobar $RULE2
	$XT_MULTI iptables -C foobar $RULE1
	$XT_MULTI iptables -D foobar $RULE2
	$XT_MULTI iptables -F foobar
	$XT_MULTI iptables -X foobar
)