|
Packit Service |
53264d |
#!/bin/bash
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
RC=0
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
$XT_MULTI iptables -6 -A FORWARD -j ACCEPT
|
|
Packit Service |
53264d |
rc=$?
|
|
Packit Service |
53264d |
if [[ $rc -ne 2 ]]; then
|
|
Packit Service |
53264d |
echo "'iptables -6' returned $rc instead of 2"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
fi
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
$XT_MULTI ip6tables -4 -A FORWARD -j ACCEPT
|
|
Packit Service |
53264d |
rc=$?
|
|
Packit Service |
53264d |
if [[ $rc -ne 2 ]]; then
|
|
Packit Service |
53264d |
echo "'ip6tables -4' returned $rc instead of 2"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
fi
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
RULESET='*filter
|
|
Packit Service |
53264d |
-4 -A FORWARD -d 10.0.0.1 -j ACCEPT
|
|
Packit Service |
53264d |
-6 -A FORWARD -d fec0:10::1 -j ACCEPT
|
|
Packit Service |
53264d |
COMMIT
|
|
Packit Service |
53264d |
'
|
|
Packit Service |
53264d |
EXPECT4='-P FORWARD ACCEPT
|
|
Packit Service |
53264d |
-A FORWARD -d 10.0.0.1/32 -j ACCEPT'
|
|
Packit Service |
53264d |
EXPECT6='-P FORWARD ACCEPT
|
|
Packit Service |
53264d |
-A FORWARD -d fec0:10::1/128 -j ACCEPT'
|
|
Packit Service |
53264d |
EXPECT_EMPTY='-P FORWARD ACCEPT'
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
echo "$RULESET" | $XT_MULTI iptables-restore || {
|
|
Packit Service |
53264d |
echo "iptables-restore failed!"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT4") <($XT_MULTI iptables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected iptables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT_EMPTY") <($XT_MULTI ip6tables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected non-empty ip6tables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
$XT_MULTI iptables -F FORWARD
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
echo "$RULESET" | $XT_MULTI ip6tables-restore || {
|
|
Packit Service |
53264d |
echo "ip6tables-restore failed!"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT6") <($XT_MULTI ip6tables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected ip6tables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT_EMPTY") <($XT_MULTI iptables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected non-empty iptables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
$XT_MULTI ip6tables -F FORWARD
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
$XT_MULTI iptables -4 -A FORWARD -d 10.0.0.1 -j ACCEPT || {
|
|
Packit Service |
53264d |
echo "iptables failed!"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT4") <($XT_MULTI iptables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected iptables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT_EMPTY") <($XT_MULTI ip6tables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected non-empty ip6tables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
$XT_MULTI iptables -F FORWARD
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
$XT_MULTI ip6tables -6 -A FORWARD -d fec0:10::1 -j ACCEPT || {
|
|
Packit Service |
53264d |
echo "ip6tables failed!"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT6") <($XT_MULTI ip6tables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected ip6tables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
diff -u -Z <(echo -e "$EXPECT_EMPTY") <($XT_MULTI iptables -S FORWARD) || {
|
|
Packit Service |
53264d |
echo "unexpected non-empty iptables ruleset"
|
|
Packit Service |
53264d |
RC=1
|
|
Packit Service |
53264d |
}
|
|
Packit Service |
53264d |
|
|
Packit Service |
53264d |
exit $RC
|