blob: 43e3bc8721dbd1a76900cdd608c8478a4e071150 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#!/bin/bash
# iptables may print match/target specific help texts
# help output should work for unprivileged users
run() {
echo "running: $*" >&2
runuser -u nobody -- "$@"
}
grep_or_rc() {
declare -g rc
grep -q "$*" && return 0
echo "missing in output: $*" >&2
return 1
}
out=$(run $XT_MULTI iptables --help)
let "rc+=$?"
grep_or_rc "iptables -h (print this help information)" <<< "$out"
let "rc+=$?"
out=$(run $XT_MULTI iptables -m limit --help)
let "rc+=$?"
grep_or_rc "limit match options:" <<< "$out"
let "rc+=$?"
out=$(run $XT_MULTI iptables -p tcp --help)
let "rc+=$?"
grep_or_rc "tcp match options:" <<< "$out"
let "rc+=$?"
out=$(run $XT_MULTI iptables -j DNAT --help)
let "rc+=$?"
grep_or_rc "DNAT target options:" <<< "$out"
let "rc+=$?"
out=$(run $XT_MULTI iptables -p tcp -j DNAT --help)
let "rc+=$?"
grep_or_rc "tcp match options:" <<< "$out"
let "rc+=$?"
out=$(run $XT_MULTI iptables -p tcp -j DNAT --help)
let "rc+=$?"
grep_or_rc "DNAT target options:" <<< "$out"
let "rc+=$?"
run $XT_MULTI iptables -L 2>&1 | \
grep_or_rc "Permission denied"
let "rc+=$?"
run $XT_MULTI iptables -A FORWARD -p tcp --dport 123 2>&1 | \
grep_or_rc "Permission denied"
let "rc+=$?"
run $XT_MULTI iptables -A FORWARD -j DNAT --to-destination 1.2.3.4 2>&1 | \
grep_or_rc "Permission denied"
let "rc+=$?"
exit $rc
|
