* [PATCH nft 00/16] tests: files: Remove test files.
@ 2017-10-29 20:39 Varsha Rao
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
2017-11-06 15:04 ` [PATCH nft 00/16] tests: files: Remove test files Pablo Neira Ayuso
0 siblings, 2 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:39 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch removes tests from tests/files and add tests to
tests/shell which are not present in it.
Varsha Rao (16):
tests: files: Remove tests for ipv4
tests: files: Remove tests for ipv6
tests: shell: Add test for log statement.
tests: files: Remove log statement tests.
tests: shell: Add test for log flags.
tests: shell: Add tests for payload expression.
tests: files: Remove payload expression tests.
tests: files: Remove test for syntactical errors.
tests: shell: Add test for ct expression.
tests: files: Remove test for ct expression.
tests: files: Remove prefix file.
tests: files: Test for meta expressions.
tests: files: Remove test for meta expression.
tests: shell: Add tests for concat expression.
tests: files: Remove tests for concat expression.
tests: shell: Add test case for map expression.
tests/files/error.1 | 9 -----
tests/files/error.2 | 18 ----------
tests/files/expr-concat | 19 ----------
tests/files/expr-ct | 26 --------------
tests/files/expr-meta | 40 ---------------------
tests/files/family-ipv4 | 14 --------
tests/files/family-ipv6 | 13 -------
tests/files/feat-adjancent-load-merging | 13 -------
tests/files/prefix | 5 ---
tests/files/stmt-log | 6 ----
tests/shell/testcases/maps/different_map_types_1 | 10 ++++++
tests/shell/testcases/optionals/log_0 | 22 ++++++++++++
tests/shell/testcases/optionals/log_flags_0 | 29 ++++++++++++++++
tests/shell/testcases/transactions/0024rule_0 | 44 ++++++++++++++++++++++++
tests/shell/testcases/transactions/0025rule_0 | 36 +++++++++++++++++++
tests/shell/testcases/transactions/0026rule_0 | 44 ++++++++++++++++++++++++
tests/shell/testcases/transactions/0050concat_1 | 26 ++++++++++++++
17 files changed, 211 insertions(+), 163 deletions(-)
delete mode 100644 tests/files/error.1
delete mode 100644 tests/files/error.2
delete mode 100644 tests/files/expr-concat
delete mode 100644 tests/files/expr-ct
delete mode 100644 tests/files/expr-meta
delete mode 100644 tests/files/family-ipv4
delete mode 100644 tests/files/family-ipv6
delete mode 100644 tests/files/feat-adjancent-load-merging
delete mode 100644 tests/files/prefix
delete mode 100644 tests/files/stmt-log
create mode 100755 tests/shell/testcases/maps/different_map_types_1
create mode 100755 tests/shell/testcases/optionals/log_0
create mode 100755 tests/shell/testcases/optionals/log_flags_0
create mode 100755 tests/shell/testcases/transactions/0024rule_0
create mode 100755 tests/shell/testcases/transactions/0025rule_0
create mode 100755 tests/shell/testcases/transactions/0026rule_0
create mode 100755 tests/shell/testcases/transactions/0050concat_1
--
2.13.6
^ permalink raw reply [flat|nested] 18+ messages in thread
* [PATCH nft 01/16] tests: files: Remove tests for ipv4
2017-10-29 20:39 [PATCH nft 00/16] tests: files: Remove test files Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 02/16] tests: files: Remove tests for ipv6 Varsha Rao
` (14 more replies)
2017-11-06 15:04 ` [PATCH nft 00/16] tests: files: Remove test files Pablo Neira Ayuso
1 sibling, 15 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch removes test cases for ipv4 family. As they are already
present in tests/shell file.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/family-ipv4 | 14 --------------
1 file changed, 14 deletions(-)
delete mode 100644 tests/files/family-ipv4
diff --git a/tests/files/family-ipv4 b/tests/files/family-ipv4
deleted file mode 100644
index 0700e16..0000000
--- a/tests/files/family-ipv4
+++ /dev/null
@@ -1,14 +0,0 @@
-#! nft -f
-
-flush chain ip filter output
-delete chain ip filter output
-delete table filter
-
-add table ip filter
-add chain ip filter output { type filter hook input priority 0; }
-
-# IP address
-add rule ip filter output ip daddr 192.168.0.1 counter
-
-# TCP ports
-add rule ip filter output tcp dport 22 counter
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 02/16] tests: files: Remove tests for ipv6
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 03/16] tests: shell: Add test for log statement Varsha Rao
` (13 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch removes test cases for ipv6 family. As they are already
present in tests/shell file.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/family-ipv6 | 13 -------------
1 file changed, 13 deletions(-)
delete mode 100644 tests/files/family-ipv6
diff --git a/tests/files/family-ipv6 b/tests/files/family-ipv6
deleted file mode 100644
index cfc740c..0000000
--- a/tests/files/family-ipv6
+++ /dev/null
@@ -1,13 +0,0 @@
-#! nft -f
-
-add table ip6 filter
-add chain ip6 filter output { type filter hook output priority 0 ; }
-
-# IP address
-add rule ip6 filter output ip6 daddr 2001:6f8:974::1 counter
-
-# Next protocol
-add rule ip6 filter output ip6 nexthdr tcp
-
-# TCP ports
-add rule ip6 filter output tcp dport 22 counter
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 03/16] tests: shell: Add test for log statement.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
2017-10-29 20:49 ` [PATCH nft 02/16] tests: files: Remove tests for ipv6 Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 04/16] tests: files: Remove log statement tests Varsha Rao
` (12 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
Add test case for log statement.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/shell/testcases/optionals/log_0 | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
create mode 100755 tests/shell/testcases/optionals/log_0
diff --git a/tests/shell/testcases/optionals/log_0 b/tests/shell/testcases/optionals/log_0
new file mode 100755
index 0000000..672cff7
--- /dev/null
+++ b/tests/shell/testcases/optionals/log_0
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+set -e
+
+EXPECTED="table ip x {
+ chain y {
+ type filter hook output priority 0; policy accept;
+ tcp dport ssh log group 0 counter packets 0 bytes 0
+ }
+}"
+
+$NFT add table ip x
+$NFT add chain ip x y { type filter hook output priority 0\; }
+$NFT add rule ip x y tcp dport 22 log group 0 counter
+
+GET="$($NFT list ruleset)"
+
+if [ "$EXPECTED" != "$GET" ] ; then
+ DIFF="$(which diff)"
+ [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
+ exit 1
+fi
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 04/16] tests: files: Remove log statement tests.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
2017-10-29 20:49 ` [PATCH nft 02/16] tests: files: Remove tests for ipv6 Varsha Rao
2017-10-29 20:49 ` [PATCH nft 03/16] tests: shell: Add test for log statement Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 05/16] tests: shell: Add test for log flags Varsha Rao
` (11 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
New test case for log statement has been added to tests/shell file, so
remove it.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/stmt-log | 6 ------
1 file changed, 6 deletions(-)
delete mode 100644 tests/files/stmt-log
diff --git a/tests/files/stmt-log b/tests/files/stmt-log
deleted file mode 100644
index 2ae7aae..0000000
--- a/tests/files/stmt-log
+++ /dev/null
@@ -1,6 +0,0 @@
-#! nft -f
-
-add table ip filter
-add chain ip filter output { type filter hook output priority 0; }
-
-add rule ip filter output log saddr "prefix" group 0 counter
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 05/16] tests: shell: Add test for log flags.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (2 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 04/16] tests: files: Remove log statement tests Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 06/16] tests: shell: Add tests for payload expression Varsha Rao
` (10 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch adds test cases for log flags.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/shell/testcases/optionals/log_flags_0 | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
create mode 100755 tests/shell/testcases/optionals/log_flags_0
diff --git a/tests/shell/testcases/optionals/log_flags_0 b/tests/shell/testcases/optionals/log_flags_0
new file mode 100755
index 0000000..7b8550f
--- /dev/null
+++ b/tests/shell/testcases/optionals/log_flags_0
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+set -e
+
+EXPECTED="table ip x {
+ chain y {
+ log flags tcp sequence,options
+ log flags ip options
+ log flags skuid
+ log flags ether
+ log flags all
+ }
+}"
+
+$NFT add table ip x
+$NFT add chain ip x y
+$NFT add rule x y log flags tcp sequence,options
+$NFT add rule x y log flags ip options
+$NFT add rule x y log flags skuid
+$NFT add rule x y log flags ether
+$NFT add rule x y log flags all
+
+GET="$($NFT list ruleset)"
+
+if [ "$EXPECTED" != "$GET" ] ; then
+ DIFF="$(which diff)"
+ [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
+ exit 1
+fi
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 06/16] tests: shell: Add tests for payload expression.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (3 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 05/16] tests: shell: Add test for log flags Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 07/16] tests: files: Remove payload expression tests Varsha Rao
` (9 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch adds test case for adjacent payload expression.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/shell/testcases/transactions/0024rule_0 | 44 +++++++++++++++++++++++++++
1 file changed, 44 insertions(+)
create mode 100755 tests/shell/testcases/transactions/0024rule_0
diff --git a/tests/shell/testcases/transactions/0024rule_0 b/tests/shell/testcases/transactions/0024rule_0
new file mode 100755
index 0000000..7644ce8
--- /dev/null
+++ b/tests/shell/testcases/transactions/0024rule_0
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Tests for adjacent payload expressions.
+
+set -e
+
+tmpfile=$(mktemp)
+if [ ! -w $tmpfile ] ; then
+ echo "Failed to create tmp file" >&2
+ exit 0
+fi
+
+trap "rm -rf $tmpfile" EXIT # cleanup if aborted
+
+RULESET="add table x
+add chain x y
+add rule x y tcp sport 1024 tcp dport 22 counter
+add rule x y ip saddr 192.168.0.1 ip daddr 192.168.0.100 counter
+add rule x y tcp sequence 0 tcp sport 1024 tcp dport 22
+add rule x y tcp sport 1024 tcp dport 22 tcp sequence 0"
+
+echo "$RULESET" > $tmpfile
+$NFT -f $tmpfile
+if [ $? -ne 0 ] ; then
+ echo "E: unable to load good ruleset" >&2
+ exit 1
+fi
+
+EXPECTED="table ip x {
+ chain y {
+ tcp sport 1024 tcp dport ssh counter packets 0 bytes 0
+ ip saddr 192.168.0.1 ip daddr 192.168.0.100 counter packets 0 bytes 0
+ tcp sport 1024 tcp dport ssh tcp sequence 0
+ tcp sport 1024 tcp dport ssh tcp sequence 0
+ }
+}"
+
+GET="$($NFT list ruleset)"
+
+if [ "$EXPECTED" != "$GET" ] ; then
+ DIFF="$(which diff)"
+ [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
+ exit 1
+fi
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 07/16] tests: files: Remove payload expression tests.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (4 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 06/16] tests: shell: Add tests for payload expression Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 08/16] tests: files: Remove test for syntactical errors Varsha Rao
` (8 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
Remove test for payload expression as new test has been added to
tests/shell.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/feat-adjancent-load-merging | 13 -------------
1 file changed, 13 deletions(-)
delete mode 100644 tests/files/feat-adjancent-load-merging
diff --git a/tests/files/feat-adjancent-load-merging b/tests/files/feat-adjancent-load-merging
deleted file mode 100644
index 1177174..0000000
--- a/tests/files/feat-adjancent-load-merging
+++ /dev/null
@@ -1,13 +0,0 @@
-#! nft -f
-
-# adjacent payload expressions: 4 bytes in order
-add rule filter output tcp sport 1024 tcp dport 22 counter
-
-# adjacent payload expressions: 8 bytes in order
-add rule filter output ip saddr 192.168.0.1 ip daddr 192.168.0.100 counter
-
-# adjacent payload expressions: 8 bytes in order
-add rule filter output tcp sequence 0 tcp sport 1024 tcp dport 22
-
-# adjacent payload expressions: 8 bytes in reverse order
-add rule filter output tcp sport 1024 tcp dport 22 tcp sequence 0
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 08/16] tests: files: Remove test for syntactical errors.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (5 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 07/16] tests: files: Remove payload expression tests Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 09/16] tests: shell: Add test for ct expression Varsha Rao
` (7 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch removes test for syntax error as they are not required.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/error.1 | 9 ---------
tests/files/error.2 | 18 ------------------
2 files changed, 27 deletions(-)
delete mode 100644 tests/files/error.1
delete mode 100644 tests/files/error.2
diff --git a/tests/files/error.1 b/tests/files/error.1
deleted file mode 100644
index bc3bf16..0000000
--- a/tests/files/error.1
+++ /dev/null
@@ -1,9 +0,0 @@
-#! nft -f
-
-# mixed syntactical and non-syntactical errors
-filter {
-filter input
-filter input tcp
-filter input tcp dport
-filter input tcp dport tcp
-filter input tcp dport tcp dport
diff --git a/tests/files/error.2 b/tests/files/error.2
deleted file mode 100644
index 744a63d..0000000
--- a/tests/files/error.2
+++ /dev/null
@@ -1,18 +0,0 @@
-#! nft -f
-
-# mixed syntactical and non-syntactical errors in blocks
-table filter {
- # missing identifier
- chain
-
- # missing chain block
- chain output
-
- chain output {
- tcp
- tcp dport
- tcp dport tcp
- tcp dport tcp dport
- tcp dport ssh
- }
-}
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 09/16] tests: shell: Add test for ct expression.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (6 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 08/16] tests: files: Remove test for syntactical errors Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 10/16] tests: files: Remove " Varsha Rao
` (6 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch adds test cases for ct expression.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/shell/testcases/transactions/0025rule_0 | 36 +++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
create mode 100755 tests/shell/testcases/transactions/0025rule_0
diff --git a/tests/shell/testcases/transactions/0025rule_0 b/tests/shell/testcases/transactions/0025rule_0
new file mode 100755
index 0000000..b8df747
--- /dev/null
+++ b/tests/shell/testcases/transactions/0025rule_0
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+# Test for ct statements.
+
+set -e
+
+$NFT add table x
+$NFT add chain x y { type filter hook output priority 0\; }
+$NFT add rule x y ct state new,established
+$NFT add rule x y ct direction original
+$NFT add rule x y ct direction reply
+$NFT add rule x y ct status expected
+$NFT add rule x y ct mark 0
+$NFT add rule x y ct expiration 30
+$NFT add rule x y ct helper "ftp"
+
+EXPECTED="table ip x {
+ chain y {
+ type filter hook output priority 0; policy accept;
+ ct state established,new
+ ct direction original
+ ct direction reply
+ ct status expected
+ ct mark 0x00000000
+ ct expiration 30s
+ ct helper \"ftp\"
+ }
+}"
+
+GET="$($NFT list ruleset)"
+
+if [ "$EXPECTED" != "$GET" ] ; then
+ DIFF="$(which diff)"
+ [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
+ exit 1
+fi
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 10/16] tests: files: Remove test for ct expression.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (7 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 09/16] tests: shell: Add test for ct expression Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 11/16] tests: files: Remove prefix file Varsha Rao
` (5 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch removes test cases for ct expression.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/expr-ct | 26 --------------------------
1 file changed, 26 deletions(-)
delete mode 100644 tests/files/expr-ct
diff --git a/tests/files/expr-ct b/tests/files/expr-ct
deleted file mode 100644
index 1dfc7ac..0000000
--- a/tests/files/expr-ct
+++ /dev/null
@@ -1,26 +0,0 @@
-#! nft -f
-
-add table ip filter
-add chain ip filter output { type filter hook output priority 0 ; }
-
-# ct: state
-add rule ip filter output ct state new,established counter
-
-# ct: direction original/reply
-add rule ip filter output ct direction original counter
-add rule ip filter output ct direction reply counter
-
-# ct: status
-add rule ip filter output ct status expected counter
-
-# ct: mark
-add rule ip filter output ct mark 0 counter
-
-# ct: secmark
-add rule ip filter output ct secmark 0 counter
-
-# ct: expiration
-add rule ip filter output ct expiration 30 counter
-
-# ct: helper ftp
-add rule ip filter output ct helper "ftp" counter
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 11/16] tests: files: Remove prefix file.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (8 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 10/16] tests: files: Remove " Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 12/16] tests: files: Test for meta expressions Varsha Rao
` (4 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
Test rules in prefix file are not required, so remove it.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/prefix | 5 -----
1 file changed, 5 deletions(-)
delete mode 100644 tests/files/prefix
diff --git a/tests/files/prefix b/tests/files/prefix
deleted file mode 100644
index bada850..0000000
--- a/tests/files/prefix
+++ /dev/null
@@ -1,5 +0,0 @@
-add rule filter OUTPUT meta mark 123/0x000000ff
-add rule filter OUTPUT ip daddr 192.168.0.0/24
-add rule filter OUTPUT ip daddr 192.168.0.0/255.255.255.0
-add rule filter OUTPUT ip saddr . ip daddr 192.168.0.0/24 . 192.168.0.0/24
-add rule filter OUTPUT ip daddr { 192.168.0.0/24, 192.168.1.0/24}
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 12/16] tests: files: Test for meta expressions.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (9 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 11/16] tests: files: Remove prefix file Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 13/16] tests: files: Remove test for meta expression Varsha Rao
` (3 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch adds test case for meta expressions.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/shell/testcases/transactions/0026rule_0 | 44 +++++++++++++++++++++++++++
1 file changed, 44 insertions(+)
create mode 100755 tests/shell/testcases/transactions/0026rule_0
diff --git a/tests/shell/testcases/transactions/0026rule_0 b/tests/shell/testcases/transactions/0026rule_0
new file mode 100755
index 0000000..4111ce9
--- /dev/null
+++ b/tests/shell/testcases/transactions/0026rule_0
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Test for meta expressions.
+
+set -e
+
+$NFT add table x
+$NFT add chain x y { type filter hook output priority 0\; }
+$NFT add rule x y meta length 1000
+$NFT add rule x y meta protocol 0x0800
+$NFT add rule x y meta mark 0
+$NFT add rule x y meta iif lo
+$NFT add rule x y meta iifname "eth0"
+$NFT add rule x y meta oif lo
+$NFT add rule x y meta oifname "eth0"
+$NFT add rule x y meta skuid 1000
+$NFT add rule x y meta nftrace set 1
+$NFT add rule x y meta rtclassid cosmos
+
+usr=$"$USER"
+
+EXPECTED="table ip x {
+ chain y {
+ type filter hook output priority 0; policy accept;
+ meta length 1000
+ meta protocol ip
+ mark 0x00000000
+ iif \"lo\"
+ iifname \"eth0\"
+ oif \"lo\"
+ oifname \"eth0\"
+ skuid \"$usr\"
+ nftrace set 1
+ rtclassid \"cosmos\"
+ }
+}"
+
+GET="$($NFT list ruleset)"
+
+if [ "$EXPECTED" != "$GET" ] ; then
+ DIFF="$(which diff)"
+ [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
+ exit 1
+fi
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 13/16] tests: files: Remove test for meta expression.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (10 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 12/16] tests: files: Test for meta expressions Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 14/16] tests: shell: Add tests for concat expression Varsha Rao
` (2 subsequent siblings)
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
This patch removes test cases for meta expression. As new test is added
to tests/shell.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/expr-meta | 40 ----------------------------------------
1 file changed, 40 deletions(-)
delete mode 100644 tests/files/expr-meta
diff --git a/tests/files/expr-meta b/tests/files/expr-meta
deleted file mode 100644
index 360caa7..0000000
--- a/tests/files/expr-meta
+++ /dev/null
@@ -1,40 +0,0 @@
-#! nft -f
-
-add table ip filter
-add chain ip filter output { type filter hook output priority 0 ; }
-
-# meta: skb len
-add rule ip filter output meta length 1000 counter
-
-# meta: skb protocol
-add rule ip filter output meta protocol 0x0800 counter
-
-# meta: skb mark
-add rule ip filter output meta mark 0 counter
-
-# meta: skb iif
-add rule ip filter output meta iif lo counter
-
-# meta: skb iifname
-add rule ip filter output meta iifname "eth0" counter
-
-# meta: skb oif
-add rule ip filter output meta oif lo counter
-
-# meta: skb oifname
-add rule ip filter output meta oifname "eth0" counter
-
-# meta: skb sk uid
-add rule ip filter output meta skuid 1000 counter
-
-# meta: skb sk gid
-add rule ip filter output meta skgid 1000 counter
-
-# meta: nftrace
-add rule ip filter output meta nftrace 1 counter
-
-# meta: rtclassid (see /etc/iproute2/rt_realms)
-add rule ip filter output meta rtclassid cosmos counter
-
-# meta: secmark
-add rule ip filter output meta secmark 0 counter
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 14/16] tests: shell: Add tests for concat expression.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (11 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 13/16] tests: files: Remove test for meta expression Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 15/16] tests: files: Remove " Varsha Rao
2017-10-29 20:49 ` [PATCH nft 16/16] tests: shell: Add test case for map expression Varsha Rao
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
Add test cases for concat type and element mismatch.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/shell/testcases/transactions/0050concat_1 | 26 +++++++++++++++++++++++++
1 file changed, 26 insertions(+)
create mode 100755 tests/shell/testcases/transactions/0050concat_1
diff --git a/tests/shell/testcases/transactions/0050concat_1 b/tests/shell/testcases/transactions/0050concat_1
new file mode 100755
index 0000000..0e4f6e1
--- /dev/null
+++ b/tests/shell/testcases/transactions/0050concat_1
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+set -e
+
+tmpfile=$(mktemp)
+if [ ! -w $tmpfile ] ; then
+ echo "Failed to create tmp file" >&2
+ exit 0
+fi
+
+trap "rm -rf $tmpfile" EXIT # cleanup if aborted
+
+RULESET="add table ip x
+add chain ip x y
+add rule ip x y ip daddr . tcp sport . tcp dport { \
+ 192.168.0.1 . 22, \
+ 192.168.0.1 . 80, \
+}
+add rule ip x y ip daddr . tcp dport { \
+ 192.168.0.1 . 192.168.0.2, \
+ 192.168.0.1 . 192.168.0.3, \
+}"
+
+echo "$RULESET" > $tmpfile
+$NFT -f $tmpfile
+echo "E: Allowed concat type and element mismatch"
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 15/16] tests: files: Remove tests for concat expression.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (12 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 14/16] tests: shell: Add tests for concat expression Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
2017-10-29 20:49 ` [PATCH nft 16/16] tests: shell: Add test case for map expression Varsha Rao
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
New test cases for concat expression has been added to tests/shell file,
so remove it.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/files/expr-concat | 19 -------------------
1 file changed, 19 deletions(-)
delete mode 100644 tests/files/expr-concat
diff --git a/tests/files/expr-concat b/tests/files/expr-concat
deleted file mode 100644
index bb284cc..0000000
--- a/tests/files/expr-concat
+++ /dev/null
@@ -1,19 +0,0 @@
-#! nft -f
-
-# Concat element mismatch
-add rule ip filter output ip daddr . tcp sport . tcp dport { \
- 192.168.0.1 . 22, \
- 192.168.0.1 . 80, \
-}
-
-# Concat type mismatch
-add rule ip filter output ip daddr . tcp dport { \
- 192.168.0.1 . 192.168.0.2, \
- 192.168.0.1 . 192.168.0.3, \
-}
-
-# Concat expression
-add rule ip filter output ip daddr . tcp dport { \
- 192.168.0.1 . 22, \
- 192.168.0.1 . 80, \
-}
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH nft 16/16] tests: shell: Add test case for map expression.
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
` (13 preceding siblings ...)
2017-10-29 20:49 ` [PATCH nft 15/16] tests: files: Remove " Varsha Rao
@ 2017-10-29 20:49 ` Varsha Rao
14 siblings, 0 replies; 18+ messages in thread
From: Varsha Rao @ 2017-10-29 20:49 UTC (permalink / raw)
To: Pablo Neira Ayuso, netfilter-devel; +Cc: Varsha Rao
Add tests for different map expression.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
---
tests/shell/testcases/maps/different_map_types_1 | 10 ++++++++++
1 file changed, 10 insertions(+)
create mode 100755 tests/shell/testcases/maps/different_map_types_1
diff --git a/tests/shell/testcases/maps/different_map_types_1 b/tests/shell/testcases/maps/different_map_types_1
new file mode 100755
index 0000000..4d09163
--- /dev/null
+++ b/tests/shell/testcases/maps/different_map_types_1
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# must fail: expr MAP { expr : type1, expr : type2, .. } expr
+
+set -e
+
+$NFT add table ip filter
+$NFT add chain ip filter output { type filter hook output priority 0 \; }
+$NFT add rule ip filter output meta mark set tcp dport map { 22 : 1, 23 : 192.168.0.1 }
+echo "E: Added two different types of expression to map"
--
2.13.6
^ permalink raw reply related [flat|nested] 18+ messages in thread
* Re: [PATCH nft 00/16] tests: files: Remove test files.
2017-10-29 20:39 [PATCH nft 00/16] tests: files: Remove test files Varsha Rao
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
@ 2017-11-06 15:04 ` Pablo Neira Ayuso
1 sibling, 0 replies; 18+ messages in thread
From: Pablo Neira Ayuso @ 2017-11-06 15:04 UTC (permalink / raw)
To: Varsha Rao; +Cc: netfilter-devel
Hi Varsha,
On Mon, Oct 30, 2017 at 02:09:24AM +0530, Varsha Rao wrote:
> This patch removes tests from tests/files and add tests to
> tests/shell which are not present in it.
>
> Varsha Rao (16):
> tests: files: Remove tests for ipv4
> tests: files: Remove tests for ipv6
> tests: shell: Add test for log statement.
I think we have a test for this under tests/py.
> tests: files: Remove log statement tests.
> tests: shell: Add test for log flags.
> tests: shell: Add tests for payload expression.
Same thing for these to..
> tests: files: Remove payload expression tests.
> tests: files: Remove test for syntactical errors.
> tests: shell: Add test for ct expression.
Same thing.
> tests: files: Remove test for ct expression.
> tests: files: Remove prefix file.
> tests: files: Test for meta expressions.
Same thing.
> tests: files: Remove test for meta expression.
> tests: shell: Add tests for concat expression.
Same thing... so it looks like you can send a patch to remove them all
in one go.
Thanks a lot for reviewing what we had under tests/files/
> tests: files: Remove tests for concat expression.
> tests: shell: Add test case for map expression.
BTW, I have applied 16/16.
^ permalink raw reply [flat|nested] 18+ messages in thread
end of thread, other threads:[~2017-11-06 15:04 UTC | newest]
Thread overview: 18+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-10-29 20:39 [PATCH nft 00/16] tests: files: Remove test files Varsha Rao
2017-10-29 20:49 ` [PATCH nft 01/16] tests: files: Remove tests for ipv4 Varsha Rao
2017-10-29 20:49 ` [PATCH nft 02/16] tests: files: Remove tests for ipv6 Varsha Rao
2017-10-29 20:49 ` [PATCH nft 03/16] tests: shell: Add test for log statement Varsha Rao
2017-10-29 20:49 ` [PATCH nft 04/16] tests: files: Remove log statement tests Varsha Rao
2017-10-29 20:49 ` [PATCH nft 05/16] tests: shell: Add test for log flags Varsha Rao
2017-10-29 20:49 ` [PATCH nft 06/16] tests: shell: Add tests for payload expression Varsha Rao
2017-10-29 20:49 ` [PATCH nft 07/16] tests: files: Remove payload expression tests Varsha Rao
2017-10-29 20:49 ` [PATCH nft 08/16] tests: files: Remove test for syntactical errors Varsha Rao
2017-10-29 20:49 ` [PATCH nft 09/16] tests: shell: Add test for ct expression Varsha Rao
2017-10-29 20:49 ` [PATCH nft 10/16] tests: files: Remove " Varsha Rao
2017-10-29 20:49 ` [PATCH nft 11/16] tests: files: Remove prefix file Varsha Rao
2017-10-29 20:49 ` [PATCH nft 12/16] tests: files: Test for meta expressions Varsha Rao
2017-10-29 20:49 ` [PATCH nft 13/16] tests: files: Remove test for meta expression Varsha Rao
2017-10-29 20:49 ` [PATCH nft 14/16] tests: shell: Add tests for concat expression Varsha Rao
2017-10-29 20:49 ` [PATCH nft 15/16] tests: files: Remove " Varsha Rao
2017-10-29 20:49 ` [PATCH nft 16/16] tests: shell: Add test case for map expression Varsha Rao
2017-11-06 15:04 ` [PATCH nft 00/16] tests: files: Remove test files Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.