summaryrefslogtreecommitdiffstats
path: root/tests/nft-table-test.c
diff options
context:
space:
mode:
authorAna Rey <anarey@gmail.com>2013-11-20 12:23:12 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2013-11-20 23:55:11 +0100
commit47d11ab2153447d7291a5c325cf0cf7bc124b05d (patch)
tree5226c7511943e7973a4178d104470f9d5760fcfc /tests/nft-table-test.c
parent2fad0c845c6dee51d8756a4f558783d8a2344784 (diff)
tests: add unit tests for libnftables
These tests create an initial object 'a' whose attributes are set to arbitrary values. Then, that object is converted to a Netlink message which is parsed to obtain the object 'b'. If things go well, the original object 'a' and the transformed object 'b' should be equivalent. Thus, we make sure that object transformations through the main library APIs are correct. These tests have helped to catch the following bugs in this library: (3cf788a72 expr: fix leak in target and match expressions) (4182e574f expr: match: fix wrong flag setting in nft_rule_expr_match_parse) (0bec6bc5e expr: log: release prefix) (2b690deea expr: log: fix missing \0 when sending log prefix to kernel) (e55c7afcf expr: target: fix wrong info length in nft_rule_expr_target_parse) (8fc4d4bd2 expr: log: fix wrong attribute type in nft_rule_expr_log_parse) Signed-off-by: Ana Rey <anarey@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/nft-table-test.c')
-rw-r--r--tests/nft-table-test.c74
1 files changed, 74 insertions, 0 deletions
diff --git a/tests/nft-table-test.c b/tests/nft-table-test.c
new file mode 100644
index 0000000..fd85f42
--- /dev/null
+++ b/tests/nft-table-test.c
@@ -0,0 +1,74 @@
+/*
+ * (C) 2013 by Ana Rey Botello <anarey@gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <netinet/in.h>
+
+#include <linux/netfilter/nf_tables.h>
+#include <libnftables/table.h>
+
+static int test_ok = 1;
+
+static void print_err(const char *msg)
+{
+ test_ok = 0;
+ printf("\033[31mERROR:\e[0m %s\n", msg);
+}
+
+static void cmp_nft_table(struct nft_table *a, struct nft_table *b)
+{
+ if (strcmp(nft_table_attr_get_str(a, NFT_TABLE_ATTR_NAME),
+ nft_table_attr_get_str(b, NFT_TABLE_ATTR_NAME)) != 0)
+ print_err("table name mismatches");
+ if (nft_table_attr_get_u32(a, NFT_TABLE_ATTR_FLAGS) !=
+ nft_table_attr_get_u32(b, NFT_TABLE_ATTR_FLAGS))
+ print_err("table flags mismatches");
+ if (nft_table_attr_get_u8(a, NFT_TABLE_ATTR_FAMILY) !=
+ nft_table_attr_get_u8(b, NFT_TABLE_ATTR_FAMILY))
+ print_err("tabke family mismatches");
+}
+
+int main(int argc, char *argv[])
+{
+ char buf[4096];
+ struct nlmsghdr *nlh;
+
+ struct nft_table *a = NULL;
+ struct nft_table *b = NULL;
+ a = nft_table_alloc();
+ b = nft_table_alloc();
+
+ if (a == NULL || b == NULL)
+ print_err("OOM");
+
+ nft_table_attr_set_str(a, NFT_TABLE_ATTR_NAME, "test");
+ nft_table_attr_set_u8(a, NFT_TABLE_ATTR_FAMILY, AF_INET);
+ nft_table_attr_set_u32(a, NFT_TABLE_ATTR_FLAGS, 0);
+
+ /* cmd extracted from include/linux/netfilter/nf_tables.h */
+ nlh = nft_table_nlmsg_build_hdr(buf, NFT_MSG_NEWTABLE, AF_INET, 0,
+ 1234);
+ nft_table_nlmsg_build_payload(nlh, a);
+
+ if (nft_table_nlmsg_parse(nlh, b) < 0)
+ print_err("parsing problems");
+
+ cmp_nft_table(a,b);
+
+ nft_table_free(a);
+ nft_table_free(b);
+ if (!test_ok)
+ exit(EXIT_FAILURE);
+
+ printf("%s: \033[32mOK\e[0m\n", argv[0]);
+ return EXIT_SUCCESS;
+}