diff options
author | Elise Lennion <elise.lennion@gmail.com> | 2017-01-06 19:44:57 -0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-10 22:31:12 +0100 |
commit | d791f349f913d3555415321ebce6c08155cbc841 (patch) | |
tree | 9809fef50ef906f47b2f2bc4961c89a774d6d220 /tests/shell | |
parent | 14ee0a979b622f95676eab77043b61cc5aab4270 (diff) |
tests: shell: add maps tests
Test adding elements to simple and interval maps.
Based on original work from Richard Mörbitz and Pablo Neira.
Signed-off-by: Elise Lennion <elise.lennion@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
4 files changed, 228 insertions, 0 deletions
diff --git a/tests/shell/testcases/maps/0003map_add_many_elements_0 b/tests/shell/testcases/maps/0003map_add_many_elements_0 new file mode 100755 index 00000000..a2233e39 --- /dev/null +++ b/tests/shell/testcases/maps/0003map_add_many_elements_0 @@ -0,0 +1,61 @@ +#!/bin/bash + +# test adding many map elements + +HOWMANY=31 + +tmpfile=$(mktemp) +if [ ! -w $tmpfile ] ; then + echo "Failed to create tmp file" >&2 + exit 0 +fi + +trap "rm -rf $tmpfile" EXIT # cleanup if aborted + +generate_add() { + echo -n "{" + for ((i=HOWMANY; i>=1; i--)) ; do + for ((j=HOWMANY; j>=1; j--)) ; do + [ "$i" == 1 ] && [ "$j" == 1 ] && break + echo -n "10.0.${i}.${j} : 10.0.${i}.${j}, " + done + done + echo -n "}" +} + +generate_test() { + elements="" + for ((i=1; i<=HOWMANY; i++)) ; do + for ((j=1; j<=HOWMANY; j++)) ; do + elements="$elements 10.0.${i}.${j} : 10.0.${i}.${j}" + [ "$i" == "$HOWMANY" ] && [ "$j" == "$HOWMANY" ] && break + elements="${elements}, " + done + done + echo $elements +} + +echo "add table x +add map x y { type ipv4_addr : ipv4_addr; } +add element x y $(generate_add)" > $tmpfile + +set -e +$NFT -f $tmpfile + +n=$HOWMANY +echo "add element x y { 10.0.1.1 : 10.0.1.1 }" > $tmpfile +$NFT -f $tmpfile + +EXPECTED="table ip x { + map y { + type ipv4_addr : ipv4_addr + elements = { $(generate_test)} + } +}" +GET=$($NFT list ruleset) +if [ "$EXPECTED" != "$GET" ] ; then + DIFF="$(which diff)" + [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") + exit 1 +fi + diff --git a/tests/shell/testcases/maps/0004interval_map_create_once_0 b/tests/shell/testcases/maps/0004interval_map_create_once_0 new file mode 100755 index 00000000..7d4877eb --- /dev/null +++ b/tests/shell/testcases/maps/0004interval_map_create_once_0 @@ -0,0 +1,60 @@ +#!/bin/bash + +# test adding many elements to an interval map +# this always works because nft is only called once + +HOWMANY=63 + +tmpfile=$(mktemp) +if [ ! -w $tmpfile ] ; then + echo "Failed to create tmp file" >&2 + exit 0 +fi + +trap "rm -rf $tmpfile" EXIT # cleanup if aborted + +generate_add() { + echo -n "{" + for ((i=1; i<=HOWMANY; i++)) ; do + for ((j=1; j<=HOWMANY; j++)) ; do + echo -n "10.${i}.${j}.0/24 : 10.0.${i}.${j}" + [ "$i" == "$HOWMANY" ] && [ "$j" == "$HOWMANY" ] && break + echo -n ", " + done + done + echo -n "}" +} + +generate_test() { + elements="" + for ((i=1; i<=HOWMANY; i++)) ; do + for ((j=1; j<=HOWMANY; j++)) ; do + elements="$elements 10.${i}.${j}.0/24 : 10.0.${i}.${j}" + [ "$i" == "$HOWMANY" ] && [ "$j" == "$HOWMANY" ] && break + elements="${elements}, " + done + done + echo $elements +} + +echo "add table x +add map x y { type ipv4_addr : ipv4_addr; flags interval; } +add element x y $(generate_add)" > $tmpfile + +set -e +$NFT -f $tmpfile + +EXPECTED="table ip x { + map y { + type ipv4_addr : ipv4_addr + flags interval + elements = { $(generate_test)} + } +}" +GET=$($NFT list ruleset) +if [ "$EXPECTED" != "$GET" ] ; then + DIFF="$(which diff)" + [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") + exit 1 +fi + diff --git a/tests/shell/testcases/maps/0005interval_map_add_many_elements_0 b/tests/shell/testcases/maps/0005interval_map_add_many_elements_0 new file mode 100755 index 00000000..824f2c85 --- /dev/null +++ b/tests/shell/testcases/maps/0005interval_map_add_many_elements_0 @@ -0,0 +1,66 @@ +#!/bin/bash + +# test adding many elements to an interval map +# even with HOWMANY=2 there are memory allocation failures in the current +# master - the patch fixes that +# NOTE this is only an issue with two separate nft calls + +HOWMANY=2 + +tmpfile=$(mktemp) +if [ ! -w $tmpfile ] ; then + echo "Failed to create tmp file" >&2 + exit 0 +fi + +trap "rm -rf $tmpfile" EXIT # cleanup if aborted + +generate_add() { + echo -n "{" + for ((i=1; i<=HOWMANY; i++)) ; do + for ((j=1; j<=HOWMANY; j++)) ; do + [ "$i" == "$HOWMANY" ] && [ "$j" == "$HOWMANY" ] && break + echo -n "10.${i}.${j}.0/24 : 10.0.${i}.${j}, " + done + done + echo -n "}" +} + +generate_test() { + elements="" + for ((i=1; i<=HOWMANY; i++)) ; do + for ((j=1; j<=HOWMANY; j++)) ; do + elements="$elements 10.${i}.${j}.0/24 : 10.0.${i}.${j}" + [ "$i" == "$HOWMANY" ] && [ "$j" == "$HOWMANY" ] && break + elements="${elements}, " + done + done + echo $elements +} + +echo "add table x +add map x y { type ipv4_addr : ipv4_addr; flags interval; } +add element x y $(generate_add)" > $tmpfile + +set -e +$NFT -f $tmpfile + +n=$HOWMANY +echo "add element x y { 10.${n}.${n}.0/24 : 10.0.${n}.${n} }" > $tmpfile + +$NFT -f $tmpfile + +EXPECTED="table ip x { + map y { + type ipv4_addr : ipv4_addr + flags interval + elements = { $(generate_test)} + } +}" +GET=$($NFT list ruleset) +if [ "$EXPECTED" != "$GET" ] ; then + DIFF="$(which diff)" + [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") + exit 1 +fi + diff --git a/tests/shell/testcases/maps/0006interval_map_overlap_0 b/tests/shell/testcases/maps/0006interval_map_overlap_0 new file mode 100755 index 00000000..c1bf3de1 --- /dev/null +++ b/tests/shell/testcases/maps/0006interval_map_overlap_0 @@ -0,0 +1,41 @@ +#!/bin/bash + +# test adding elements to an interval map +# shows how disjoint intervals are seen as overlaps +# NOTE this is only an issue with two separate nft calls + +tmpfile=$(mktemp) +if [ ! -w $tmpfile ] ; then + echo "Failed to create tmp file" >&2 + exit 0 +fi + +trap "rm -rf $tmpfile" EXIT # cleanup if aborted + +n=1 +echo "add table x +add map x y { type ipv4_addr : ipv4_addr; flags interval; } +add element x y { 10.0.${n}.0/24 : 10.0.0.${n} }" > $tmpfile + +set -e +$NFT -f $tmpfile + +n=2 +echo "add element x y { 10.0.${n}.0/24 : 10.0.0.${n} }" > $tmpfile + +$NFT -f $tmpfile + +EXPECTED="table ip x { + map y { + type ipv4_addr : ipv4_addr + flags interval + elements = { 10.0.1.0/24 : 10.0.0.1, 10.0.2.0/24 : 10.0.0.2} + } +}" +GET=$($NFT list ruleset) +if [ "$EXPECTED" != "$GET" ] ; then + DIFF="$(which diff)" + [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") + exit 1 +fi + |