From: Florian Westphal <fw@strlen.de>
To: <netdev@vger.kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
<netfilter-devel@vger.kernel.org>,
pablo@netfilter.org
Subject: [PATCH net-next 06/12] selftests: netfilter: xt_string.sh: move to lib.sh infra
Date: Mon, 15 Apr 2024 00:57:18 +0200 [thread overview]
Message-ID: <20240414225729.18451-7-fw@strlen.de> (raw)
In-Reply-To: <20240414225729.18451-1-fw@strlen.de>
Intentional changes:
- Use socat instead of netcat
- Use a temporary file instead of pipe, else packets do not match
"-m string" rules, multiple writes to the pipe cause multiple packets,
but this needs only one to work.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
.../selftests/net/netfilter/xt_string.sh | 55 ++++++++++---------
1 file changed, 30 insertions(+), 25 deletions(-)
diff --git a/tools/testing/selftests/net/netfilter/xt_string.sh b/tools/testing/selftests/net/netfilter/xt_string.sh
index 1802653a4728..ec7042b502e4 100755
--- a/tools/testing/selftests/net/netfilter/xt_string.sh
+++ b/tools/testing/selftests/net/netfilter/xt_string.sh
@@ -5,43 +5,45 @@
ksft_skip=4
rc=0
-if ! iptables --version >/dev/null 2>&1; then
- echo "SKIP: Test needs iptables"
- exit $ksft_skip
-fi
-if ! ip -V >/dev/null 2>&1; then
- echo "SKIP: Test needs iproute2"
- exit $ksft_skip
-fi
-if ! nc -h >/dev/null 2>&1; then
- echo "SKIP: Test needs netcat"
- exit $ksft_skip
-fi
+source lib.sh
+
+checktool "socat -h" "run test without socat"
+checktool "iptables --version" "test needs iptables"
+
+infile=$(mktemp)
+
+cleanup()
+{
+ ip netns del "$netns"
+ rm -f "$infile"
+}
+
+trap cleanup EXIT
+
+setup_ns netns
+
+ip -net "$netns" link add d0 type dummy
+ip -net "$netns" link set d0 up
+ip -net "$netns" addr add 10.1.2.1/24 dev d0
pattern="foo bar baz"
patlen=11
hdrlen=$((20 + 8)) # IPv4 + UDP
-ns="ns-$(mktemp -u XXXXXXXX)"
-trap 'ip netns del $ns' EXIT
-ip netns add "$ns"
-ip -net "$ns" link add d0 type dummy
-ip -net "$ns" link set d0 up
-ip -net "$ns" addr add 10.1.2.1/24 dev d0
-
-#ip netns exec "$ns" tcpdump -npXi d0 &
+
+#ip netns exec "$netns" tcpdump -npXi d0 &
#tcpdump_pid=$!
-#trap 'kill $tcpdump_pid; ip netns del $ns' EXIT
+#trap 'kill $tcpdump_pid; ip netns del $netns' EXIT
add_rule() { # (alg, from, to)
- ip netns exec "$ns" \
+ ip netns exec "$netns" \
iptables -A OUTPUT -o d0 -m string \
--string "$pattern" --algo $1 --from $2 --to $3
}
showrules() { # ()
- ip netns exec "$ns" iptables -v -S OUTPUT | grep '^-A'
+ ip netns exec "$netns" iptables -v -S OUTPUT | grep '^-A'
}
zerorules() {
- ip netns exec "$ns" iptables -Z OUTPUT
+ ip netns exec "$netns" iptables -Z OUTPUT
}
countrule() { # (pattern)
showrules | grep -c -- "$*"
@@ -51,7 +53,9 @@ send() { # (offset)
printf " "
done
printf "$pattern"
- ) | ip netns exec "$ns" nc -w 1 -u 10.1.2.2 27374
+ ) > "$infile"
+
+ ip netns exec "$netns" socat -t 1 -u STDIN UDP-SENDTO:10.1.2.2:27374 < "$infile"
}
add_rule bm 1000 1500
@@ -125,4 +129,5 @@ if [ $(countrule -c 1) -ne 0 ]; then
((rc--))
fi
+[ $rc -eq 0 ] && echo "PASS: string match tests"
exit $rc
--
2.43.2
next prev parent reply other threads:[~2024-04-14 23:04 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-14 22:57 [PATCH net-next 00/12] selftests: netfilter: move to lib.sh infra Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 01/12] selftests: netfilter: conntrack_icmp_related.sh: " Florian Westphal
2024-04-16 8:44 ` Matthieu Baerts
2024-04-16 9:57 ` Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 02/12] selftests: netfilter: conntrack_tcp_unreplied.sh: " Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 03/12] selftests: netfilter: nft_queue.sh: " Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 04/12] selftests: netfilter: nft_synproxy.sh: " Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 05/12] selftests: netfilter: nft_zones_many.sh: " Florian Westphal
2024-04-14 22:57 ` Florian Westphal [this message]
2024-04-14 22:57 ` [PATCH net-next 07/12] selftests: netfilter: nft_nat_zones.sh: shellcheck cleanups Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 08/12] selftests: netfilter: nft_queue.sh: " Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 09/12] selftests: netfilter: conntrack_ipip_mtu.sh: " Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 10/12] selftests: netfilter: nft_fib.sh: " Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 11/12] selftests: netfilter: nft_audit.sh: skip if auditd is running Florian Westphal
2024-04-14 22:57 ` [PATCH net-next 12/12] selftests: netfilter: update makefiles and kernel config Florian Westphal
2024-04-15 14:02 ` Jakub Kicinski
2024-04-15 14:30 ` Florian Westphal
2024-04-15 17:46 ` Jakub Kicinski
2024-04-15 18:04 ` Florian Westphal
2024-04-15 8:48 ` [PATCH net-next 00/12] selftests: netfilter: move to lib.sh infra Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240414225729.18451-7-fw@strlen.de \
--to=fw@strlen.de \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).