From 94e75add9867fb6f0e05e73b23f723f139da829e Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 6 Mar 2012 12:10:55 +0100 Subject: qa: add some stress tools to test conntrack via ctnetlink ct_stress adds plenty of flows in assured state (worst case for the conntrack table). ct_events_reliable forces reliable event delivery. You have to use this tools together: ./ct_events_reliable & then: ./ct_stress 65535 # your ct table size If things go well, you will end up hitting ENOMEM. Both as root, of course. Signed-off-by: Pablo Neira Ayuso --- qa/ct_events_reliable.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 qa/ct_events_reliable.c (limited to 'qa/ct_events_reliable.c') diff --git a/qa/ct_events_reliable.c b/qa/ct_events_reliable.c new file mode 100644 index 0000000..e95623a --- /dev/null +++ b/qa/ct_events_reliable.c @@ -0,0 +1,59 @@ +#include +#include +#include +#include + +#include + +static int event_cb(enum nf_conntrack_msg_type type, + struct nf_conntrack *ct, + void *data) +{ + static int i = 0; + static int new, destroy; + + if (type == NFCT_T_NEW) + new++; + else if (type == NFCT_T_DESTROY) + destroy++; + + if ((++i % 10000) == 0) + printf("%d events received (%d new, %d destroy)\n", + i, new, destroy); + + return NFCT_CB_CONTINUE; +} + +int main(void) +{ + int ret; + struct nfct_handle *h; + int on = 1; + + h = nfct_open(CONNTRACK, NFCT_ALL_CT_GROUPS); + if (!h) { + perror("nfct_open"); + return 0; + } + + setsockopt(nfct_fd(h), SOL_NETLINK, + NETLINK_BROADCAST_SEND_ERROR, &on, sizeof(int)); + setsockopt(nfct_fd(h), SOL_NETLINK, + NETLINK_NO_ENOBUFS, &on, sizeof(int)); + + nfct_callback_register(h, NFCT_T_ALL, event_cb, NULL); + + printf("TEST: waiting for events...\n"); + + ret = nfct_catch(h); + + printf("TEST: conntrack events "); + if (ret == -1) + printf("(%d)(%s)\n", ret, strerror(errno)); + else + printf("(OK)\n"); + + nfct_close(h); + + ret == -1 ? exit(EXIT_FAILURE) : exit(EXIT_SUCCESS); +} -- cgit v1.2.3