Tree - source-git/iptables - CentOS Git server

source-git / iptables

Blame iptables/tests/shell/testcases/ipt-restore/0004-restore-race_0

Blob History Raw

Packit Service	d1fe03	`#!/bin/bash`
Packit Service	d1fe03
Packit Service	d1fe03	`have_nft=false`
Packit Service	d1fe03	`nft -v > /dev/null && have_nft=true`
Packit Service	d1fe03
Packit Service	d1fe03	`dumpfile=""`
Packit Service	d1fe03	`tmpfile=""`
Packit Service	d1fe03
Packit Service	d1fe03	`set -e`
Packit Service	d1fe03
Packit Service	d1fe03	`clean()`
Packit Service	d1fe03	`{`
Packit Service	d1fe03	`$XT_MULTI iptables -t filter -F`
Packit Service	d1fe03	`$XT_MULTI iptables -t filter -X`
Packit Service	d1fe03	`$have_nft && nft flush ruleset`
Packit Service	d1fe03	`}`
Packit Service	d1fe03
Packit Service	d1fe03	`clean_tempfile()`
Packit Service	d1fe03	`{`
Packit Service	d1fe03	`[ -n "${tmpfile}" ] && rm -f "${tmpfile}"`
Packit Service	d1fe03	`[ -n "${dumpfile}" ] && rm -f "${dumpfile}"`
Packit Service	d1fe03	`clean`
Packit Service	d1fe03	`}`
Packit Service	d1fe03
Packit Service	d1fe03	`trap clean_tempfile EXIT`
Packit Service	d1fe03
Packit Service	d1fe03	`ENTRY_NUM=$((RANDOM%10))`
Packit Service	d1fe03	`UCHAIN_NUM=$((RANDOM%10))`
Packit Service	d1fe03
Packit Service	d1fe03	`get_target()`
Packit Service	d1fe03	`{`
Packit Service	d1fe03	`if [ $UCHAIN_NUM -eq 0 ]; then`
Packit Service	d1fe03	`echo -n "ACCEPT"`
Packit Service	d1fe03	`return`
Packit Service	d1fe03	`fi`
Packit Service	d1fe03
Packit Service	d1fe03
Packit Service	d1fe03	`x=$((RANDOM%2))`
Packit Service	d1fe03	`if [ $x -eq 0 ];then`
Packit Service	d1fe03	`echo -n "ACCEPT"`
Packit Service	d1fe03	`else`
Packit Service	d1fe03	`printf -- "UC-%x" $((RANDOM%UCHAIN_NUM))`
Packit Service	d1fe03	`fi`
Packit Service	d1fe03	`}`
Packit Service	d1fe03
Packit Service	d1fe03	`make_dummy_rules()`
Packit Service	d1fe03	`{`
Packit Service	d1fe03
Packit Service	d1fe03	`echo "*filter"`
Packit Service	d1fe03	`echo ":INPUT ACCEPT [0:0]"`
Packit Service	d1fe03	`echo ":FORWARD ACCEPT [0:0]"`
Packit Service	d1fe03	`echo ":OUTPUT ACCEPT [0:0]"`
Packit Service	d1fe03
Packit Service	d1fe03	`if [ $UCHAIN_NUM -gt 0 ]; then`
Packit Service	d1fe03	`for i in $(seq 0 $UCHAIN_NUM); do`
Packit Service	d1fe03	`printf -- ":UC-%x - [0:0]\n" $i`
Packit Service	d1fe03	`done`
Packit Service	d1fe03	`fi`
Packit Service	d1fe03
Packit Service	d1fe03	`for proto in tcp udp sctp; do`
Packit Service	d1fe03	`for i in $(seq 0 $ENTRY_NUM); do`
Packit Service	d1fe03	`t=$(get_target)`
Packit Service	d1fe03	`printf -- "-A INPUT -i lo -p $proto --dport %d -j %s\n" $((61000-i)) $t`
Packit Service	d1fe03	`t=$(get_target)`
Packit Service	d1fe03	`printf -- "-A FORWARD -i lo -o lo -p $proto --dport %d -j %s\n" $((61000-i)) $t`
Packit Service	d1fe03	`t=$(get_target)`
Packit Service	d1fe03	`printf -- "-A OUTPUT -o lo -p $proto --dport %d -j %s\n" $((61000-i)) $t`
Packit Service	d1fe03	`[ $UCHAIN_NUM -gt 0 ] && printf -- "-A UC-%x -j ACCEPT\n" $((RANDOM%UCHAIN_NUM))`
Packit Service	d1fe03	`done`
Packit Service	d1fe03	`done`
Packit Service	d1fe03	`echo COMMIT`
Packit Service	d1fe03	`}`
Packit Service	d1fe03
Packit Service	d1fe03	`tmpfile=$(mktemp) \|\| exit 1`
Packit Service	d1fe03	`dumpfile=$(mktemp) \|\| exit 1`
Packit Service	d1fe03
Packit Service	d1fe03	`make_dummy_rules > $dumpfile`
Packit Service	d1fe03	`$XT_MULTI iptables-restore -w < $dumpfile`
Packit Service	d1fe03	`LINES1=$(wc -l < $dumpfile)`
Packit Service	d1fe03	`$XT_MULTI iptables-save \| grep -v '^#' > $dumpfile`
Packit Service	d1fe03	`LINES2=$(wc -l < $dumpfile)`
Packit Service	d1fe03
Packit Service	d1fe03	`if [ $LINES1 -ne $LINES2 ]; then`
Packit Service	d1fe03	`echo "Original dump has $LINES1, not $LINES2" 1>&2`
Packit Service	d1fe03	`exit 111`
Packit Service	d1fe03	`fi`
Packit Service	d1fe03
Packit Service	d1fe03	`case "$XT_MULTI" in`
Packit Service	d21b7d	`*xtables-nft-multi)`
Packit Service	d1fe03	`attempts=$((RANDOM%10))`
Packit Service	d1fe03	`attempts=$((attempts+1))`
Packit Service	d1fe03	`;;`
Packit Service	d1fe03	`*)`
Packit Service	d1fe03	`attempts=1`
Packit Service	d1fe03	`;;`
Packit Service	d1fe03	`esac`
Packit Service	d1fe03
Packit Service	d1fe03	`while [ $attempts -gt 0 ]; do`
Packit Service	d1fe03	`attempts=$((attempts-1))`
Packit Service	d1fe03
Packit Service	d1fe03	`clean`
Packit Service	d1fe03
Packit Service	d1fe03	`for i in $(seq 1 10); do`
Packit Service	d1fe03	`$XT_MULTI iptables-restore -w 15 < $dumpfile &`
Packit Service	d1fe03	`done`
Packit Service	d1fe03
Packit Service	d1fe03	`for i in $(seq 1 10); do`
Packit Service	d1fe03	`# causes exit in case ipt-restore failed (runs with set -e)`
Packit Service	d1fe03	`wait %$i`
Packit Service	d1fe03	`done`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI iptables-save \| grep -v '^#' > $tmpfile`
Packit Service	d1fe03
Packit Service	d1fe03	`clean`
Packit Service	d1fe03	`cmp $tmpfile $dumpfile`
Packit Service	d1fe03	`done`
Packit Service	d1fe03
Packit Service	d1fe03	`exit 0`

source-git / iptables

Source Code

Blame iptables/tests/shell/testcases/ipt-restore/0004-restore-race_0