diff options
author | Phil Sutter <phil@nwl.cc> | 2018-05-08 13:08:45 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-11 12:17:45 +0200 |
commit | d196dccf1853039656f15c8da94ad349a3b7d07c (patch) | |
tree | ada3c2446bd764efd12fed37ea7a9bc16ab4b328 /tests/py/ip/objects.t.json | |
parent | 875232bc3e6bf55cc31f3763449503a80a7c2382 (diff) |
tests/py: Support testing JSON input and output as well
This extends nft-test.py by optional JSON testing capabilities,
activated via '-j'/'--enable-json' parameter).
JSON testing happens for all rules which are supposed to work: After a
rule has been added and the existing tests (payload, ruleset listing
output) have been performed, basically the same test is done again using
a recorded JSON equivalent and (if necessary) a recorded listing output.
The code tries to ease new test case creation overhead by
auto-generating JSON equivalent input via listing the (non-JSON) rule in
JSON format. Also, differing netlink debug and listing output are stored
in *.got files to assist in analyzing/fixing failing test cases.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/py/ip/objects.t.json')
-rw-r--r-- | tests/py/ip/objects.t.json | 185 |
1 files changed, 185 insertions, 0 deletions
diff --git a/tests/py/ip/objects.t.json b/tests/py/ip/objects.t.json new file mode 100644 index 00000000..c83cc6a4 --- /dev/null +++ b/tests/py/ip/objects.t.json @@ -0,0 +1,185 @@ +# ip saddr 192.168.1.3 counter name "cnt2" +[ + { + "match": { + "left": { + "payload": { + "field": "saddr", + "name": "ip" + } + }, + "right": "192.168.1.3" + } + }, + { + "counter": "cnt2" + } +] + +# counter name tcp dport map {443 : "cnt1", 80 : "cnt2", 22 : "cnt1"} +[ + { + "counter": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 443, + "cnt1" + ], + [ + 80, + "cnt2" + ], + [ + 22, + "cnt1" + ] + ] + } + } + } + } +] + +# ip saddr 192.168.1.3 quota name "qt1" +[ + { + "match": { + "left": { + "payload": { + "field": "saddr", + "name": "ip" + } + }, + "right": "192.168.1.3" + } + }, + { + "quota": "qt1" + } +] + +# quota name tcp dport map {443 : "qt1", 80 : "qt2", 22 : "qt1"} +[ + { + "quota": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 443, + "qt1" + ], + [ + 80, + "qt2" + ], + [ + 22, + "qt1" + ] + ] + } + } + } + } +] + +# ct helper set "cthelp1" +[ + { + "cthelper": "cthelp1" + } +] + +# ct helper set tcp dport map {21 : "cthelp1", 2121 : "cthelp1" } +[ + { + "cthelper": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 21, + "cthelp1" + ], + [ + 2121, + "cthelp1" + ] + ] + } + } + } + } +] + +# ip saddr 192.168.1.3 limit name "lim1" +[ + { + "match": { + "left": { + "payload": { + "field": "saddr", + "name": "ip" + } + }, + "right": "192.168.1.3" + } + }, + { + "limit": "lim1" + } +] + +# limit name tcp dport map {443 : "lim1", 80 : "lim2", 22 : "lim1"} +[ + { + "limit": { + "map": { + "left": { + "payload": { + "field": "dport", + "name": "tcp" + } + }, + "right": { + "set": [ + [ + 22, + "lim1" + ], + [ + 80, + "lim2" + ], + [ + 443, + "lim1" + ] + ] + } + } + } + } +] + |