[iptables PATCH 0/3] Extend xlate-test to replay results

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Phil Sutter <phil@nwl.cc>
To: netfilter-devel@vger.kernel.org
Subject: [iptables PATCH 0/3] Extend xlate-test to replay results
Date: Mon,  7 Nov 2022 14:08:40 +0100	[thread overview]
Message-ID: <20221107130843.8024-1-phil@nwl.cc> (raw)

If nftables has libxtables support, it will utilize the .xlate callbacks
to print compat expressions in native nftables syntax. Users may miss
the fact that what they're seeing is not the reality and assume they may
manipulate (including store and reload) the ruleset using nftables. This
wasn't a big deal if iptables-nft understood all the translations
libxtables offers.

To start catching up on this, add an optional replay mode to
xlate-test.py checking if what was translated is correctly parsed back
into the original input (or at least a semantical equivalent).

Patches 1 and 2 are prep work, patch 3 has the gory details.

Phil Sutter (3):
  tests: xlate-test: Cleanup file reading loop
  tests: xlate-test.py: Introduce run_proc()
  tests: xlate-test: Replay results for reverse direction testing

 xlate-test.py | 212 +++++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 184 insertions(+), 28 deletions(-)

-- 
2.38.0

next             reply	other threads:[~2022-11-07 13:09 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-07 13:08 Phil Sutter [this message]
2022-11-07 13:08 ` [iptables PATCH 1/3] tests: xlate-test: Cleanup file reading loop Phil Sutter
2022-11-07 13:08 ` [iptables PATCH 2/3] tests: xlate-test.py: Introduce run_proc() Phil Sutter
2022-11-07 13:08 ` [iptables PATCH 3/3] tests: xlate-test: Replay results for reverse direction testing Phil Sutter
2022-11-11 18:16 ` [iptables PATCH 0/3] Extend xlate-test to replay results Phil Sutter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221107130843.8024-1-phil@nwl.cc \
    --to=phil@nwl.cc \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).