public inbox for ltp@lists.linux.it
 help / color / mirror / Atom feed
From: Cyril Hrubis <chrubis@suse.cz>
To: Cui Bixuan <cuibixuan@huawei.com>
Cc: zhuyanpeng@huawei.com, ltp-list@lists.sourceforge.net,
	zhanyongming@huawei.com
Subject: Re: [LTP] [PATCH 3/5] iptables/iptables_tests.sh: Add new testcases for iptables -o
Date: Tue, 9 Jun 2015 16:13:19 +0200	[thread overview]
Message-ID: <20150609141319.GE27378@rei.suse.de> (raw)
In-Reply-To: <556517AC.7060406@huawei.com>

Hi!
> +        tst_resm TINFO "Pinging 127.0.0.1"
> +        ping -c 2 127.0.0.1 > tst_iptables.out 2>&1

Why -c 2 ?

> +        if [ $? -ne 0 ]; then
> +                grep "100% packet loss" tst_iptables.out > tst_iptables.err 2>&1

Eh, if ping failed, non-zero is returned, no need to grep the ping
output as well.

> +                if [ $? -ne 0 ]; then
> +                        tst_resm TFAIL \
> +                                 "iptables did not block packets from loopback"
> +                        cat tst_iptables.err
> +                        return
> +                else
> +                        tst_resm TINFO "Ping 127.0.0.1 not successful."
> +                fi
> +        else
> +                tst_resm TFAIL "iptables did not block icmp from 127.0.0.1"
> +                cat tst_iptables.out
> +                return
> +        fi
> +
> +        tst_resm TINFO "Deleting icmp DROP from lo rule."
> +        iptables -D OUTPUT 1 > tst_iptables.out 2>&1
> +        if [ $? -ne 0 ]; then
> +                tst_resm TFAIL "iptables did not remove the rule."

Again TBROK rather than TFAIL

> +                cat tst_iptables.out
> +                return
> +        fi
> +        tst_resm TINFO "Pinging 127.0.0.1 again"
> +        ping -c 2 127.0.0.1 > tst_iptables.out 2>&1
> +        if [ $? -ne 0 ]; then
> +                tst_resm TFAIL "iptables blocking loopback. This is expected" \
> +                               "behaviour on certain distributions where" \
> +                               "enabling firewall drops all packets by default."
> +                cat tst_iptables.out
> +                return
> +        fi

We should save and reset the iptables before the testcase and restore it
after it. Otherwise we will not get consistent results. Also the test
for working ping should be at the start of the testcase and we should
skip it with TCONF if we cannot reach localhost.


before testcase:

iptables-save > saved_iptables
iptables -F

after testcase:

iptables-restore < saved_iptables


> +        tst_resm TINFO "Ping succsess"
> +        tst_resm TPASS "iptables can DROP packets from particular network card."
> +}
> +
>  init
>  TST_CLEANUP=cleanup
> 
> @@ -460,5 +511,6 @@ test04
>  test05
>  test06
>  test07
> +test08
> 
>  tst_exit
> -- 
> 1.6.0.2 .
> 
> 
> ------------------------------------------------------------------------------
> _______________________________________________
> Ltp-list mailing list
> Ltp-list@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ltp-list

-- 
Cyril Hrubis
chrubis@suse.cz

------------------------------------------------------------------------------
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

  reply	other threads:[~2015-06-09 14:14 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-27  0:59 [LTP] [PATCH 1/5] iptables/iptables_tests.sh: Add test cases for iptables -L Cui Bixuan
2015-05-27  1:01 ` [LTP] [PATCH 2/5] iptables/iptables_tests.sh: Add new testcases for iptables -c Cui Bixuan
2015-06-09 14:01   ` Cyril Hrubis
2015-05-27  1:02 ` [LTP] [PATCH 3/5] iptables/iptables_tests.sh: Add new testcases for iptables -o Cui Bixuan
2015-06-09 14:13   ` Cyril Hrubis [this message]
2015-06-09 14:17   ` Cyril Hrubis
2015-05-27  1:03 ` [LTP] [PATCH 4/5] iptables/iptables_tests.sh: Add new testcases for iptables -N/E Cui Bixuan
2015-05-27  1:04 ` [LTP] [PATCH 5/5] iptables/iptables_tests.sh: Add new testcases for iptables -R Cui Bixuan
2015-06-09 13:33 ` [LTP] [PATCH 1/5] iptables/iptables_tests.sh: Add test cases for iptables -L Cyril Hrubis
2015-06-09 13:38 ` Cyril Hrubis

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150609141319.GE27378@rei.suse.de \
    --to=chrubis@suse.cz \
    --cc=cuibixuan@huawei.com \
    --cc=ltp-list@lists.sourceforge.net \
    --cc=zhanyongming@huawei.com \
    --cc=zhuyanpeng@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox