|
Packit |
1422b7 |
# added 2015-04-30 by Rainer Gerhards
|
|
Packit |
1422b7 |
# This file is part of the liblognorm project, released under ASL 2.0
|
|
Packit |
1422b7 |
. $srcdir/exec.sh
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
test_def $0 "v2-iptables field"
|
|
Packit |
1422b7 |
add_rule 'version=2'
|
|
Packit |
1422b7 |
add_rule 'rule=:iptables output denied: %field:v2-iptables%'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
# first, a real-world case
|
|
Packit |
1422b7 |
execute 'iptables output denied: IN= OUT=eth0 SRC=176.9.56.141 DST=168.192.14.3 LEN=32 TOS=0x00 PREC=0x00 TTL=64 ID=39110 DF PROTO=UDP SPT=49564 DPT=2010 LEN=12'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "field": { "IN": "", "OUT": "eth0", "SRC": "176.9.56.141", "DST": "168.192.14.3", "LEN": "12", "TOS": "0x00", "PREC": "0x00", "TTL": "64", "ID": "39110", "DF": null, "PROTO": "UDP", "SPT": "49564", "DPT": "2010" } }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
# now some more "fabricated" cases for better readable test
|
|
Packit |
1422b7 |
reset_rules
|
|
Packit |
1422b7 |
add_rule 'rule=:iptables: %field:v2-iptables%'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN=value SECOND=test'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "field": { "IN": "value", "SECOND": "test" }} }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN= SECOND=test'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "field": { "IN": ""} }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN SECOND=test'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "field": { "IN": null} }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN=invalue OUT=outvalue'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "field": { "IN": "invalue", "OUT": "outvalue" } }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN= OUT=outvalue'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "field": { "IN": "", "OUT": "outvalue" } }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN OUT=outvalue'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "field": { "IN": null, "OUT": "outvalue" } }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
#
|
|
Packit |
1422b7 |
#check cases where parsing failure must occur
|
|
Packit |
1422b7 |
#
|
|
Packit |
1422b7 |
echo verify failure cases
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
# lower case is not permitted
|
|
Packit |
1422b7 |
execute 'iptables: in=value'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "originalmsg": "iptables: in=value", "unparsed-data": "in=value" }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: in='
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "originalmsg": "iptables: in=", "unparsed-data": "in=" }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: in'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "originalmsg": "iptables: in", "unparsed-data": "in" }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN' # single field is NOT permitted!
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "originalmsg": "iptables: IN", "unparsed-data": "IN" }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
# multiple spaces between n=v pairs are not permitted
|
|
Packit |
1422b7 |
execute 'iptables: IN=invalue OUT=outvalue'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "originalmsg": "iptables: IN=invalue OUT=outvalue", "unparsed-data": "IN=invalue OUT=outvalue" }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN= OUT=outvalue'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "originalmsg": "iptables: IN= OUT=outvalue", "unparsed-data": "IN= OUT=outvalue" }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
execute 'iptables: IN OUT=outvalue'
|
|
Packit |
1422b7 |
assert_output_json_eq '{ "originalmsg": "iptables: IN OUT=outvalue", "unparsed-data": "IN OUT=outvalue" }'
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
|
|
Packit |
1422b7 |
cleanup_tmp_files
|
|
Packit |
1422b7 |
|