--- /dev/null
+#!/bin/bash
+
+cd $(dirname $0)
+
+testdir=$(mktemp -d)
+if [ ! -d $testdir ]; then
+ echo "Failed to create test directory" >&2
+ exit 0
+fi
+trap "rm -rf $testdir" EXIT
+
+nft=../../src/nft
+command_file=$(mktemp -p $testdir)
+output_file=$(mktemp -p $testdir)
+
+cmd_append() {
+ echo "$*" >>$command_file
+}
+output_append() {
+ echo "$*" >>$output_file
+}
+run_test() {
+ monitor_output=$(mktemp -p $testdir)
+ $nft monitor >$monitor_output &
+ monitor_pid=$!
+
+ sleep 0.5
+
+ $nft -f $command_file || {
+ echo "nft command failed!"
+ kill $monitor_pid
+ wait >/dev/null 2>&1
+ exit 1
+ }
+ sleep 0.5
+ kill $monitor_pid
+ wait >/dev/null 2>&1
+ if ! diff -Z -q $monitor_output $output_file >/dev/null 2>&1; then
+ echo "monitor output differs!"
+ diff -Z -u $output_file $monitor_output
+ exit 1
+ fi
+ rm $command_file
+ rm $output_file
+ touch $command_file
+ touch $output_file
+}
+
+for testcase in testcases/*.t; do
+ echo "running tests from file $(basename $testcase)"
+ # files are like this:
+ #
+ # I add table ip t
+ # O add table ip t
+ # I add chain ip t c
+ # O add chain ip t c
+
+ $nft flush ruleset
+
+ input_complete=false
+ while read dir line; do
+ case $dir in
+ I)
+ $input_complete && run_test
+ input_complete=false
+ cmd_append "$line"
+ ;;
+ O)
+ input_complete=true
+ output_append "$line"
+ ;;
+ '#'|'')
+ # ignore comments and empty lines
+ ;;
+ esac
+ done <$testcase
+ $input_complete && run_test
+done
--- /dev/null
+# first the setup
+I add table ip t
+O add table ip t
+I add map ip t portip { type inet_service: ipv4_addr; flags interval; }
+O add map ip t portip { type inet_service : ipv4_addr;flags interval }
+
+I add element ip t portip { 80-100: 10.0.0.1 }
+O add element ip t portip { 80-100 : 10.0.0.1 }
+
+I add element ip t portip { 1024-65535: 10.0.0.1 }
+O add element ip t portip { 1024-65535 : 10.0.0.1 }
--- /dev/null
+# first the setup
+I add table ip t
+O add table ip t
+I add set ip t portrange { type inet_service; flags interval; }
+O add set ip t portrange { type inet_service;flags interval }
+I add set ip t ports { type inet_service; }
+O add set ip t ports { type inet_service;}
+
+# make sure concurrent adds work
+I add element ip t portrange { 1024-65535 }
+I add element ip t ports { 10 }
+O add element ip t portrange { 1024-65535 }
+O add element ip t ports { 10 }
+
+# delete items again
+I delete element ip t portrange { 1024-65535 }
+I delete element ip t ports { 10 }
+O delete element ip t portrange { 1024-65535 }
+O delete element ip t ports { 10 }
--- /dev/null
+# first the setup
+I add table ip t
+O add table ip t
+I add set ip t portrange { type inet_service; flags interval; }
+O add set ip t portrange { type inet_service;flags interval }
+I add set ip t portrange2 { type inet_service; flags interval; }
+O add set ip t portrange2 { type inet_service;flags interval }
+
+# make sure concurrent adds work
+I add element ip t portrange { 1024-65535 }
+I add element ip t portrange2 { 10-20 }
+O add element ip t portrange { 1024-65535 }
+O add element ip t portrange2 { 10-20 }
--- /dev/null
+# first the setup
+I add table ip t
+O add table ip t
+I add set ip t portrange { type inet_service; flags interval; }
+O add set ip t portrange { type inet_service;flags interval }
+
+# adding some ranges
+I add element ip t portrange { 1-10 }
+O add element ip t portrange { 1-10 }
+I add element ip t portrange { 1024-65535 }
+O add element ip t portrange { 1024-65535 }
+I add element ip t portrange { 20-30, 40-50 }
+O add element ip t portrange { 20-30 }
+O add element ip t portrange { 40-50 }
+
+# test flushing -> elements are removed in reverse
+I flush set ip t portrange
+O delete element ip t portrange { 1024-65535 }
+O delete element ip t portrange { 40-50 }
+O delete element ip t portrange { 20-30 }
+O delete element ip t portrange { 1-10 }
+
+# make sure lower scope boundary works
+I add element ip t portrange { 0-10 }
+O add element ip t portrange { 0-10 }
+
+# make sure half open before other element works
+I add element ip t portrange { 1024-65535 }
+I add element ip t portrange { 100-200 }
+O add element ip t portrange { 1024-65535 }
+O add element ip t portrange { 100-200 }
+
+# make sure deletion of elements works
+I delete element ip t portrange { 0-10 }
+O delete element ip t portrange { 0-10 }
+I delete element ip t portrange { 100-200 }
+I delete element ip t portrange { 1024-65535 }
+O delete element ip t portrange { 100-200 }
+O delete element ip t portrange { 1024-65535 }
+
+# make sure mixed add/delete works
+I add element ip t portrange { 10-20 }
+I add element ip t portrange { 1024-65535 }
+I delete element ip t portrange { 10-20 }
+O add element ip t portrange { 10-20 }
+O add element ip t portrange { 1024-65535 }
+O delete element ip t portrange { 10-20 }
projects / thirdparty / nftables.git / commitdiff
