|
Packit |
c5a612 |
#!/bin/bash
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
cd $(dirname $0)
|
|
Packit |
c5a612 |
nft=../../src/nft
|
|
Packit |
c5a612 |
debug=false
|
|
Packit |
c5a612 |
test_json=false
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
mydiff() {
|
|
Packit |
c5a612 |
diff -w -I '^# ' "$@"
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
if [ "$(id -u)" != "0" ] ; then
|
|
Packit |
c5a612 |
echo "this requires root!"
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
testdir=$(mktemp -d)
|
|
Packit |
c5a612 |
if [ ! -d $testdir ]; then
|
|
Packit |
c5a612 |
echo "Failed to create test directory" >&2
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
trap "rm -rf $testdir; $nft flush ruleset" EXIT
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
command_file=$(mktemp -p $testdir)
|
|
Packit |
c5a612 |
output_file=$(mktemp -p $testdir)
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
cmd_append() {
|
|
Packit |
c5a612 |
echo "$*" >>$command_file
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
monitor_output_append() {
|
|
Packit |
c5a612 |
[[ "$*" == '-' ]] && {
|
|
Packit |
c5a612 |
cat $command_file >>$output_file
|
|
Packit |
c5a612 |
return
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
echo "$*" >>$output_file
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
echo_output_append() {
|
|
Packit |
c5a612 |
# this is a bit tricky: for replace commands, nft prints a delete
|
|
Packit |
c5a612 |
# command - so in case there is a replace command in $command_file,
|
|
Packit |
c5a612 |
# just assume any other commands in the same file are sane
|
|
Packit |
c5a612 |
grep -q '^replace' $command_file >/dev/null 2>&1 && {
|
|
Packit |
c5a612 |
monitor_output_append "$*"
|
|
Packit |
c5a612 |
return
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
[[ "$*" == '-' ]] && {
|
|
Packit |
c5a612 |
grep '^\(add\|replace\|insert\)' $command_file >>$output_file
|
|
Packit |
c5a612 |
return
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
[[ "$*" =~ ^add|replace|insert ]] && echo "$*" >>$output_file
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
json_output_filter() { # (filename)
|
|
Packit |
c5a612 |
# unify handle values
|
|
Packit |
c5a612 |
sed -i -e 's/\("handle":\) [0-9][0-9]*/\1 0/g' "$1"
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
monitor_run_test() {
|
|
Packit |
c5a612 |
monitor_output=$(mktemp -p $testdir)
|
|
Packit |
c5a612 |
monitor_args=""
|
|
Packit |
c5a612 |
$test_json && monitor_args="vm json"
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
$nft -nn monitor $monitor_args >$monitor_output &
|
|
Packit |
c5a612 |
monitor_pid=$!
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
sleep 0.5
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
$debug && {
|
|
Packit |
c5a612 |
echo "command file:"
|
|
Packit |
c5a612 |
cat $command_file
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
$nft -f $command_file || {
|
|
Packit |
c5a612 |
echo "nft command failed!"
|
|
Packit |
c5a612 |
kill $monitor_pid
|
|
Packit |
c5a612 |
wait >/dev/null 2>&1
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
sleep 0.5
|
|
Packit |
c5a612 |
kill $monitor_pid
|
|
Packit |
c5a612 |
wait >/dev/null 2>&1
|
|
Packit |
c5a612 |
$test_json && json_output_filter $monitor_output
|
|
Packit |
c5a612 |
if ! mydiff -q $monitor_output $output_file >/dev/null 2>&1; then
|
|
Packit |
c5a612 |
echo "monitor output differs!"
|
|
Packit |
c5a612 |
mydiff -u $output_file $monitor_output
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
rm $command_file
|
|
Packit |
c5a612 |
rm $output_file
|
|
Packit |
c5a612 |
touch $command_file
|
|
Packit |
c5a612 |
touch $output_file
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
echo_run_test() {
|
|
Packit |
c5a612 |
echo_output=$(mktemp -p $testdir)
|
|
Packit |
c5a612 |
$debug && {
|
|
Packit |
c5a612 |
echo "command file:"
|
|
Packit |
c5a612 |
cat $command_file
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
$nft -nn -e -f $command_file >$echo_output || {
|
|
Packit |
c5a612 |
echo "nft command failed!"
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
if ! mydiff -q $echo_output $output_file >/dev/null 2>&1; then
|
|
Packit |
c5a612 |
echo "echo output differs!"
|
|
Packit |
c5a612 |
mydiff -u $output_file $echo_output
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
rm $command_file
|
|
Packit |
c5a612 |
rm $output_file
|
|
Packit |
c5a612 |
touch $command_file
|
|
Packit |
c5a612 |
touch $output_file
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
|
|
Packit Service |
de3570 |
testcases=""
|
|
Packit |
c5a612 |
while [ -n "$1" ]; do
|
|
Packit |
c5a612 |
case "$1" in
|
|
Packit |
c5a612 |
-d|--debug)
|
|
Packit |
c5a612 |
debug=true
|
|
Packit |
c5a612 |
shift
|
|
Packit |
c5a612 |
;;
|
|
Packit |
c5a612 |
-j|--json)
|
|
Packit |
c5a612 |
test_json=true
|
|
Packit |
c5a612 |
shift
|
|
Packit |
c5a612 |
;;
|
|
Packit Service |
c5db31 |
-H|--host)
|
|
Packit Service |
c5db31 |
nft=nft
|
|
Packit Service |
c5db31 |
shift
|
|
Packit Service |
c5db31 |
;;
|
|
Packit Service |
de3570 |
testcases/*.t)
|
|
Packit Service |
de3570 |
testcases+=" $1"
|
|
Packit Service |
de3570 |
shift
|
|
Packit Service |
de3570 |
;;
|
|
Packit |
c5a612 |
*)
|
|
Packit |
c5a612 |
echo "unknown option '$1'"
|
|
Packit |
c5a612 |
;&
|
|
Packit |
c5a612 |
-h|--help)
|
|
Packit Service |
de3570 |
echo "Usage: $(basename $0) [-j|--json] [-d|--debug] [testcase ...]"
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
;;
|
|
Packit |
c5a612 |
esac
|
|
Packit |
c5a612 |
done
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
if $test_json; then
|
|
Packit |
c5a612 |
variants="monitor"
|
|
Packit |
c5a612 |
else
|
|
Packit |
c5a612 |
variants="monitor echo"
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
for variant in $variants; do
|
|
Packit |
c5a612 |
run_test=${variant}_run_test
|
|
Packit |
c5a612 |
output_append=${variant}_output_append
|
|
Packit |
c5a612 |
|
|
Packit Service |
de3570 |
for testcase in ${testcases:-testcases/*.t}; do
|
|
Packit |
c5a612 |
echo "$variant: running tests from file $(basename $testcase)"
|
|
Packit |
c5a612 |
# files are like this:
|
|
Packit |
c5a612 |
#
|
|
Packit |
c5a612 |
# I add table ip t
|
|
Packit |
c5a612 |
# O add table ip t
|
|
Packit |
c5a612 |
# I add chain ip t c
|
|
Packit |
c5a612 |
# O add chain ip t c
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
$nft flush ruleset
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
input_complete=false
|
|
Packit |
c5a612 |
while read dir line; do
|
|
Packit |
c5a612 |
case $dir in
|
|
Packit |
c5a612 |
I)
|
|
Packit |
c5a612 |
$input_complete && $run_test
|
|
Packit |
c5a612 |
input_complete=false
|
|
Packit |
c5a612 |
cmd_append "$line"
|
|
Packit |
c5a612 |
;;
|
|
Packit |
c5a612 |
O)
|
|
Packit |
c5a612 |
input_complete=true
|
|
Packit |
c5a612 |
$test_json || $output_append "$line"
|
|
Packit |
c5a612 |
;;
|
|
Packit |
c5a612 |
J)
|
|
Packit |
c5a612 |
input_complete=true
|
|
Packit |
c5a612 |
$test_json && $output_append "$line"
|
|
Packit |
c5a612 |
;;
|
|
Packit |
c5a612 |
'#'|'')
|
|
Packit |
c5a612 |
# ignore comments and empty lines
|
|
Packit |
c5a612 |
;;
|
|
Packit |
c5a612 |
esac
|
|
Packit |
c5a612 |
done <$testcase
|
|
Packit |
c5a612 |
$input_complete && $run_test
|
|
Packit |
c5a612 |
done
|
|
Packit |
c5a612 |
done
|