]>
Commit | Line | Data |
---|---|---|
ab7c1721 | 1 | # Create a set with timeout |
ad4de228 | 2 | 0 ipset create test hash:net,net hashsize 128 timeout 4 |
ab7c1721 OS |
3 | # Add zero valued element |
4 | 1 ipset add test 0.0.0.0/0,0.0.0.0/0 | |
5 | # Test zero valued element | |
6 | 1 ipset test test 0.0.0.0/0,0.0.0.0/0 | |
7 | # Delete zero valued element | |
8 | 1 ipset del test 0.0.0.0/0,0.0.0.0/0 | |
9 | # Try to add /0 | |
10 | 1 ipset add test 1.1.1.1/0,1.1.1.1/0 | |
11 | # Try to add /32 | |
12 | 0 ipset add test 1.1.1.1/32,1.1.1.2/32 | |
13 | # Add almost zero valued element | |
14 | 0 ipset add test 0.0.0.0/1,0.0.0.0/1 | |
15 | # Test almost zero valued element | |
16 | 0 ipset test test 0.0.0.0/1,0.0.0.0/1 | |
17 | # Delete almost zero valued element | |
18 | 0 ipset del test 0.0.0.0/1,0.0.0.0/1 | |
19 | # Test deleted element | |
20 | 1 ipset test test 0.0.0.0/1,0.0.0.0/1 | |
21 | # Delete element not added to the set | |
22 | 1 ipset del test 0.0.0.0/1,0.0.0.0/1 | |
23 | # Add first random network | |
24 | 0 ipset add test 2.0.0.1/24,2.0.1.1/24 | |
25 | # Add second random network | |
26 | 0 ipset add test 192.168.68.69/27,192.168.129.69/27 | |
27 | # Test first random value | |
28 | 0 ipset test test 2.0.0.255,2.0.1.255 | |
29 | # Test second random value | |
30 | 0 ipset test test 192.168.68.95,192.168.129.75 | |
31 | # Test value not added to the set | |
32 | 1 ipset test test 2.0.1.0,2.0.0.1 | |
33 | # Try to add IP address | |
34 | 0 ipset add test 2.0.0.1,2.0.0.2 | |
35 | # List set | |
00e8bd9b | 36 | 0 ipset list test > .foo0 && ./sort.sh .foo0 |
ab7c1721 | 37 | # Check listing |
00e8bd9b | 38 | 0 ./diff.sh .foo hash:net,net.t.list0 |
ab7c1721 OS |
39 | # Sleep 5s so that element can time out |
40 | 0 sleep 5 | |
41 | # List set | |
00e8bd9b | 42 | 0 ipset -L test > .foo0 && ./sort.sh .foo0 |
ab7c1721 | 43 | # Check listing |
00e8bd9b | 44 | 0 ./diff.sh .foo hash:net,net.t.list1 |
ab7c1721 OS |
45 | # Flush test set |
46 | 0 ipset flush test | |
47 | # Delete test set | |
48 | 0 ipset destroy test | |
49 | # Create test set | |
50 | 0 ipset new test hash:net,net | |
51 | # Add networks in range notation | |
52 | 0 ipset add test 10.2.0.0-10.2.1.12,10.3.0.0-10.3.1.12 | |
53 | # List set | |
00e8bd9b | 54 | 0 ipset -L test > .foo0 && ./sort.sh .foo0 |
ab7c1721 | 55 | # Check listing |
00e8bd9b | 56 | 0 ./diff.sh .foo hash:net,net.t.list2 |
ab7c1721 OS |
57 | # Delete test set |
58 | 0 ipset destroy test | |
59 | # Stress test with range notation | |
60 | 0 ./netnetgen.sh | ipset restore | |
61 | # List set and check the number of elements | |
62 | 0 n=`ipset -L test|grep '^10.'|wc -l` && test $n -eq 87040 | |
63 | # Destroy test set | |
64 | 0 ipset destroy test | |
65 | # Create test set with timeout support | |
66 | 0 ipset create test hash:net,net timeout 30 | |
67 | # Add a non-matching IP address entry | |
68 | 0 ipset -A test 1.1.1.1,1.1.1.2 nomatch | |
69 | # Add an overlapping matching small net | |
70 | 0 ipset -A test 1.1.1.0/30,1.1.1.0/30 | |
71 | # Add an overlapping non-matching larger net | |
72 | 0 ipset -A test 1.1.1.0/28,1.1.1.0/28 nomatch | |
73 | # Add an even larger matching net | |
74 | 0 ipset -A test 1.1.1.0/26,1.1.1.0/26 | |
75 | # Check non-matching IP | |
76 | 1 ipset -T test 1.1.1.1,1.1.1.2 | |
77 | # Check matching IP from non-matchin small net | |
78 | 0 ipset -T test 1.1.1.3,1.1.1.2 | |
79 | # Check non-matching IP from larger net | |
80 | 1 ipset -T test 1.1.1.4,1.1.1.4 | |
81 | # Check matching IP from even larger net | |
82 | 0 ipset -T test 1.1.1.16,1.1.1.16 | |
83 | # Update non-matching IP to matching one | |
84 | 0 ipset -! -A test 1.1.1.1,1.1.1.2 | |
85 | # Delete overlapping small net | |
86 | 0 ipset -D test 1.1.1.0/30,1.1.1.0/30 | |
87 | # Check matching IP | |
88 | 0 ipset -T test 1.1.1.1,1.1.1.2 | |
89 | # Add overlapping small net | |
90 | 0 ipset -A test 1.1.1.0/30,1.1.1.0/30 | |
91 | # Update matching IP as a non-matching one, with shorter timeout | |
92 | 0 ipset -! -A test 1.1.1.1,1.1.1.2 nomatch timeout 2 | |
93 | # Check non-matching IP | |
94 | 1 ipset -T test 1.1.1.1,1.1.1.2 | |
95 | # Sleep 3s so that element can time out | |
96 | 0 sleep 3 | |
97 | # Check non-matching IP | |
98 | 0 ipset -T test 1.1.1.1,1.1.1.2 | |
99 | # Check matching IP | |
100 | 0 ipset -T test 1.1.1.3,1.1.1.2 | |
101 | # flush ipset | |
102 | 0 ipset -F test | |
103 | # Add matching IP | |
104 | 0 ipset -A test 10.0.0.0/16,192.168.0.0/24 | |
105 | # Add more-specific non-matching IP | |
106 | 0 ipset -A test 10.0.0.0/24,192.168.0.0/24 nomatch | |
107 | # Add even more-specific matching IP | |
108 | 0 ipset -A test 10.0.0.0/30,192.168.0.0/23 | |
109 | # Check non-matching IP | |
110 | 1 ipset -T test 10.0.0.10,192.168.0.1 | |
111 | # Check non-matching IP with nomatch specified | |
112 | 0 ipset -T test 10.0.0.10,192.168.0.1 nomatch | |
113 | # Check matching IP | |
114 | 0 ipset -T test 10.0.0.1,192.168.0.1 | |
115 | # Delete test set | |
116 | 0 ipset destroy test | |
117 | # Timeout: Check that resizing keeps timeout values | |
118 | 0 ./resizet.sh -4 netnet | |
119 | # Nomatch: Check that resizing keeps the nomatch flag | |
120 | 0 ./resizen.sh -4 netnet | |
121 | # Counters: create set | |
122 | 0 ipset n test hash:net,net counters | |
123 | # Counters: add element with packet, byte counters | |
124 | 0 ipset a test 2.0.0.1/24,2.0.0.1/24 packets 5 bytes 3456 | |
125 | # Counters: check element | |
126 | 0 ipset t test 2.0.0.1/24,2.0.0.1/24 | |
127 | # Counters: check counters | |
128 | 0 ./check_counters test 2.0.0.0/24,2.0.0.0/24 5 3456 | |
129 | # Counters: delete element | |
130 | 0 ipset d test 2.0.0.1/24,2.0.0.1/24 | |
131 | # Counters: test deleted element | |
132 | 1 ipset t test 2.0.0.1/24,2.0.0.1/24 | |
133 | # Counters: add element with packet, byte counters | |
134 | 0 ipset a test 2.0.0.20/25,2.0.0.20/25 packets 12 bytes 9876 | |
135 | # Counters: check counters | |
136 | 0 ./check_counters test 2.0.0.0/25,2.0.0.0/25 12 9876 | |
137 | # Counters: update counters | |
138 | 0 ipset -! a test 2.0.0.20/25,2.0.0.20/25 packets 13 bytes 12479 | |
139 | # Counters: check counters | |
140 | 0 ./check_counters test 2.0.0.0/25,2.0.0.0/25 13 12479 | |
141 | # Counters: destroy set | |
142 | 0 ipset x test | |
143 | # Counters and timeout: create set | |
144 | 0 ipset n test hash:net,net counters timeout 600 | |
145 | # Counters and timeout: add element with packet, byte counters | |
146 | 0 ipset a test 2.0.0.1/24,2.0.0.1/24 packets 5 bytes 3456 | |
147 | # Counters and timeout: check element | |
148 | 0 ipset t test 2.0.0.1/24,2.0.0.1/24 | |
149 | # Counters and timeout: check counters | |
150 | 0 ./check_extensions test 2.0.0.0/24,2.0.0.0/24 600 5 3456 | |
151 | # Counters and timeout: delete element | |
152 | 0 ipset d test 2.0.0.1/24,2.0.0.1/24 | |
153 | # Counters and timeout: test deleted element | |
154 | 1 ipset t test 2.0.0.1/24,2.0.0.1/24 | |
155 | # Counters and timeout: add element with packet, byte counters | |
156 | 0 ipset a test 2.0.0.20/25,2.0.0.20/25 packets 12 bytes 9876 | |
157 | # Counters and timeout: check counters | |
158 | 0 ./check_extensions test 2.0.0.0/25,2.0.0.0/25 600 12 9876 | |
159 | # Counters and timeout: update counters | |
160 | 0 ipset -! a test 2.0.0.20/25,2.0.0.20/25 packets 13 bytes 12479 | |
161 | # Counters and timeout: check counters | |
162 | 0 ./check_extensions test 2.0.0.0/25,2.0.0.0/25 600 13 12479 | |
163 | # Counters and timeout: update timeout | |
164 | 0 ipset -! a test 2.0.0.20/25,2.0.0.20/25 timeout 700 | |
165 | # Counters and timeout: check counters | |
166 | 0 ./check_extensions test 2.0.0.0/25,2.0.0.0/25 700 13 12479 | |
167 | # Counters and timeout: destroy set | |
168 | 0 ipset x test | |
31fc637c VP |
169 | # Network: Create a set with timeout and netmask |
170 | 0 ipset -N test hash:net,net --hashsize 128 --netmask 24 timeout 4 | |
171 | # Network: Add first random network | |
172 | 0 ipset -A test 2.0.10.1,2.10.10.254 | |
173 | # Network: Add second random network | |
174 | 0 ipset -A test 192.168.68.1,192.168.68.254 | |
175 | # Network: Test first random value | |
176 | 0 ipset -T test 2.0.10.11,2.10.10.25 | |
177 | # Network: Test second random value | |
178 | 0 ipset -T test 192.168.68.11,192.168.68.5 | |
179 | # Network: Test value not added to the set | |
180 | 1 ipset -T test 2.10.1.0,21.0.1.0 | |
181 | # Network: Add third element | |
182 | 0 ipset -A test 200.100.10.1,200.100.10.100 timeout 0 | |
183 | # Network: Add third random network | |
184 | 0 ipset -A test 200.100.0.12,200.100.0.13 | |
185 | # Network: Delete the same network | |
186 | 0 ipset -D test 200.100.0.12,200.100.0.13 | |
187 | # Network: List set | |
188 | 0 ipset -L test > .foo0 && ./sort.sh .foo0 | |
189 | # Network: Check listing | |
190 | 0 ./diff.sh .foo hash:net,net.t.list3 | |
191 | # Sleep 5s so that elements can time out | |
192 | 0 sleep 5 | |
193 | # Network: List set | |
194 | 0 ipset -L test > .foo | |
195 | # Network: Check listing | |
196 | 0 ./diff.sh .foo hash:net,net.t.list4 | |
197 | # Network: Flush test set | |
198 | 0 ipset -F test | |
199 | # Network: add element with 1s timeout | |
200 | 0 ipset add test 200.100.0.12,80.20.0.12 timeout 1 | |
201 | # Network: readd element with 3s timeout | |
202 | 0 ipset add test 200.100.0.12,80.20.0.12 timeout 3 -exist | |
203 | # Network: sleep 2s | |
204 | 0 sleep 2s | |
205 | # Network: check readded element | |
206 | 0 ipset test test 200.100.0.12,80.20.0.12 | |
207 | # Network: Delete test set | |
208 | 0 ipset -X test | |
209 | # Network: Create a set with timeout and bitmask | |
210 | 0 ipset -N test hash:net,net --hashsize 128 --bitmask 255.255.255.0 timeout 4 | |
211 | # Network: Add first random network | |
212 | 0 ipset -A test 2.0.10.1,2.10.10.254 | |
213 | # Network: Add second random network | |
214 | 0 ipset -A test 192.168.68.1,192.168.68.254 | |
215 | # Network: Test first random value | |
216 | 0 ipset -T test 2.0.10.11,2.10.10.25 | |
217 | # Network: Test second random value | |
218 | 0 ipset -T test 192.168.68.11,192.168.68.5 | |
219 | # Network: Test value not added to the set | |
220 | 1 ipset -T test 2.10.1.0,21.0.1.0 | |
221 | # Network: Add third element | |
222 | 0 ipset -A test 200.100.10.1,200.100.10.100 timeout 0 | |
223 | # Network: Add third random network | |
224 | 0 ipset -A test 200.100.0.12,200.100.0.13 | |
225 | # Network: Delete the same network | |
226 | 0 ipset -D test 200.100.0.12,200.100.0.13 | |
227 | # Network: List set | |
228 | 0 ipset -L test > .foo0 && ./sort.sh .foo0 | |
229 | # Network: Check listing | |
230 | 0 ./diff.sh .foo hash:net,net.t.list5 | |
231 | # Sleep 5s so that elements can time out | |
232 | 0 sleep 5 | |
233 | # Network: List set | |
234 | 0 ipset -L test > .foo | |
235 | # Network: Check listing | |
236 | 0 ./diff.sh .foo hash:net,net.t.list6 | |
237 | # Network: Flush test set | |
238 | 0 ipset -F test | |
239 | # Network: add element with 1s timeout | |
240 | 0 ipset add test 200.100.0.12,80.20.0.12 timeout 1 | |
241 | # Network: readd element with 3s timeout | |
242 | 0 ipset add test 200.100.0.12,80.20.0.12 timeout 3 -exist | |
243 | # Network: sleep 2s | |
244 | 0 sleep 2s | |
245 | # Network: check readded element | |
246 | 0 ipset test test 200.100.0.12,80.20.0.12 | |
247 | # Network: Delete test set | |
248 | 0 ipset -X test | |
249 | # Network: Create a set with bitmask which is not a valid netmask | |
250 | 0 ipset -N test hash:net,net --hashsize 128 --bitmask 255.255.0.255 | |
251 | # Network: Add zero valued element | |
252 | 1 ipset -A test 0.0.0.0 | |
253 | # Network: Test zero valued element | |
254 | 1 ipset -T test 0.0.0.0 | |
255 | # Network: Delete zero valued element | |
256 | 1 ipset -D test 0.0.0.0 | |
257 | # Network: Add first random network | |
258 | 0 ipset -A test 1.2.3.4,22.23.24.25 | |
259 | # Network: Add second random network | |
260 | 0 ipset -A test 1.168.122.124,122.23.45.50 | |
261 | # Network: Test first random value | |
262 | 0 ipset -T test 1.2.43.4,22.23.2.25 | |
263 | # Network: Test second random value | |
264 | 0 ipset -T test 1.168.12.124,122.23.4.50 | |
265 | # Network: Test value not added to the set | |
266 | 1 ipset -T test 2.168.122.124,22.23.45.50 | |
267 | # Network: Test delete value | |
268 | 0 ipset -D test 1.168.12.124,122.23.0.50 | |
269 | # Network: List set | |
270 | 0 ipset -L test > .foo | |
271 | # Network: Check listing | |
272 | 0 ./diff.sh .foo hash:net,net.t.list7 | |
273 | # Network: Delete test set | |
274 | 0 ipset -X test | |
ab7c1721 | 275 | # eof |