On Wed, Nov 30, 2016 at 10:39:06AM +0100, Arturo Borrero Gonzalez wrote: > From: Arturo Borrero Gonzalez <arturo@xxxxxxxxxx> > > This test uses scapy to send a packet and test our packet/data path. > We grep the 'nft list ruleset' output for a counter increment. > > If we like this approach, then we could easily add more testcases > following the pattern in this patch. I think it's been several netfilter workshops already talking on this, but it never happens because nobody pushed this forward. If you can make this happen, it would great. Testing the datapath is something that we always wanted to have. Several ideas: * Check if you can use the dummy interface, so we make sure no other packets interfer with the tests. * You can probably augment this at some pointer to rely on the new nf_tables tracing infrastructure. Anyway, I agree that starting with something simple is good enough. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
