diff options
author | Phil Sutter <phil@nwl.cc> | 2017-08-09 13:16:43 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-08-14 11:32:20 +0200 |
commit | ba801025d639248e13ca662ed5068beaa80271c2 (patch) | |
tree | afc60680974f89e79e2ca8435f3cbd3e7f049a0e /tests | |
parent | b99c4d072d9969f7a0dfc539b2b68b517f90af68 (diff) |
tests: Add a simple test suite for --echo option
The fancy thing about this is that it uses the actual echo output to
undo the changes to the rule set.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/echo/run-tests.sh | 45 | ||||
-rw-r--r-- | tests/echo/testcases/simple.t | 12 |
2 files changed, 57 insertions, 0 deletions
diff --git a/tests/echo/run-tests.sh b/tests/echo/run-tests.sh new file mode 100755 index 00000000..da7934d1 --- /dev/null +++ b/tests/echo/run-tests.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +cd $(dirname $0) +nft=../../src/nft +nft_opts="-nn -a --echo" +debug=false + +debug_echo() { + $debug || return + + echo "$@" +} + +trap "$nft flush ruleset" EXIT + +for testcase in testcases/*.t; do + echo "running tests from file $(basename $testcase)" + # files are like this: + # + # <input command>[;;<output regexp>] + + $nft flush ruleset + + while read line; do + [[ -z "$line" || "$line" == "#"* ]] && continue + + # XXX: this only works if there is no semicolon in output + input="${line%;;*}" + output="${line##*;;}" + + [[ -z $output ]] && output="$input" + + debug_echo "calling '$nft $nft_opts $input'" + cmd_out=$($nft $nft_opts $input) + # strip trailing whitespace (happens when adding a named set) + cmd_out="${cmd_out% }" + debug_echo "got output '$cmd_out'" + [[ $cmd_out == $output ]] || { + echo "Warning: Output differs:" + echo "# nft $nft_opts $input" + echo "- $output" + echo "+ $cmd_out" + } + done <$testcase +done diff --git a/tests/echo/testcases/simple.t b/tests/echo/testcases/simple.t new file mode 100644 index 00000000..566fd7e0 --- /dev/null +++ b/tests/echo/testcases/simple.t @@ -0,0 +1,12 @@ +add table ip t +add chain ip t c + +# note the added handle output +add rule ip t c accept;;add rule ip t c accept # handle * +add rule ip t c tcp dport { 22, 80, 443 } accept;;add rule ip t c tcp dport { 22, 80, 443 } accept # handle * + +add set ip t ipset { type ipv4_addr; } +add element ip t ipset { 192.168.0.1 } + +# counter output comes with statistics +add counter ip t cnt;;add counter ip t cnt * |