[LTP] [PATCH 3/5] iptables/iptables_tests.sh: Add new testcases for iptables -o

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Cui Bixuan <cuibixuan@huawei.com>
To: Cui Bixuan <cuibixuan@huawei.com>
Cc: ltp-list@lists.sourceforge.net, zhanyongming@huawei.com,
	zhuyanpeng@huawei.com
Subject: [LTP] [PATCH 3/5] iptables/iptables_tests.sh: Add new testcases for iptables -o
Date: Wed, 27 May 2015 09:02:36 +0800	[thread overview]
Message-ID: <556517AC.7060406@huawei.com> (raw)
In-Reply-To: <1432688360-179350-1-git-send-email-cuibixuan@huawei.com>

Add new testcase for testing 'iptables -o'

Signed-off-by: Cui Bixuan <cuibixuan@huawei.com>
---
 testcases/network/iptables/iptables_tests.sh |   54 +++++++++++++++++++++++++-
 1 files changed, 53 insertions(+), 1 deletions(-)

diff --git a/testcases/network/iptables/iptables_tests.sh b/testcases/network/iptables/iptables_tests.sh
index 387cdfa..a464240 100755
--- a/testcases/network/iptables/iptables_tests.sh
+++ b/testcases/network/iptables/iptables_tests.sh
@@ -22,7 +22,7 @@
 #				       <hubertNOSPAAAM@symbio.com.tw>

 export TCID="iptables"
-export TST_TOTAL=7
+export TST_TOTAL=8

 . test.sh

@@ -450,6 +450,57 @@ test07()
 	tst_resm TPASS "iptables -c test succeed."
 }

+test08()
+{
+	tst_resm TINFO "Use iptables to DROP packets from particular" \
+		"network card"
+	tst_resm TINFO "Rule to block icmp from 127.0.0.1"
+
+	iptables -A OUTPUT -o lo -p icmp -j DROP > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                tst_resm TFAIL "iptables command failed to append new rule."
+                cat tst_iptables.out
+                return
+        fi
+
+        tst_resm TINFO "Pinging 127.0.0.1"
+        ping -c 2 127.0.0.1 > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                grep "100% packet loss" tst_iptables.out > tst_iptables.err 2>&1
+                if [ $? -ne 0 ]; then
+                        tst_resm TFAIL \
+                                 "iptables did not block packets from loopback"
+                        cat tst_iptables.err
+                        return
+                else
+                        tst_resm TINFO "Ping 127.0.0.1 not successful."
+                fi
+        else
+                tst_resm TFAIL "iptables did not block icmp from 127.0.0.1"
+                cat tst_iptables.out
+                return
+        fi
+
+        tst_resm TINFO "Deleting icmp DROP from lo rule."
+        iptables -D OUTPUT 1 > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                tst_resm TFAIL "iptables did not remove the rule."
+                cat tst_iptables.out
+                return
+        fi
+        tst_resm TINFO "Pinging 127.0.0.1 again"
+        ping -c 2 127.0.0.1 > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                tst_resm TFAIL "iptables blocking loopback. This is expected" \
+                               "behaviour on certain distributions where" \
+                               "enabling firewall drops all packets by default."
+                cat tst_iptables.out
+                return
+        fi
+        tst_resm TINFO "Ping succsess"
+        tst_resm TPASS "iptables can DROP packets from particular network card."
+}
+
 init
 TST_CLEANUP=cleanup

@@ -460,5 +511,6 @@ test04
 test05
 test06
 test07
+test08

 tst_exit
-- 
1.6.0.2 .


------------------------------------------------------------------------------
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

next prev parent reply	other threads:[~2015-05-27  1:02 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-27  0:59 [LTP] [PATCH 1/5] iptables/iptables_tests.sh: Add test cases for iptables -L Cui Bixuan
2015-05-27  1:01 ` [LTP] [PATCH 2/5] iptables/iptables_tests.sh: Add new testcases for iptables -c Cui Bixuan
2015-06-09 14:01   ` Cyril Hrubis
2015-05-27  1:02 ` Cui Bixuan [this message]
2015-06-09 14:13   ` [LTP] [PATCH 3/5] iptables/iptables_tests.sh: Add new testcases for iptables -o Cyril Hrubis
2015-06-09 14:17   ` Cyril Hrubis
2015-05-27  1:03 ` [LTP] [PATCH 4/5] iptables/iptables_tests.sh: Add new testcases for iptables -N/E Cui Bixuan
2015-05-27  1:04 ` [LTP] [PATCH 5/5] iptables/iptables_tests.sh: Add new testcases for iptables -R Cui Bixuan
2015-06-09 13:33 ` [LTP] [PATCH 1/5] iptables/iptables_tests.sh: Add test cases for iptables -L Cyril Hrubis
2015-06-09 13:38 ` Cyril Hrubis

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:387cdfa dfblob:a464240 )
 OR (
bs:"[LTP] [PATCH 3/5] iptables/iptables_tests.sh: Add new testcases for iptables -o" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=556517AC.7060406@huawei.com \
    --to=cuibixuan@huawei.com \
    --cc=ltp-list@lists.sourceforge.net \
    --cc=zhanyongming@huawei.com \
    --cc=zhuyanpeng@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.