[PATCH iptables 4/6] ebtables: add test cases

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
 extensions/libebt_802_3.t   |  3 +++
 extensions/libebt_arp.t     | 11 +++++++++++
 extensions/libebt_ip.t      | 10 ++++++++++
 extensions/libebt_ip6.t     | 12 ++++++++++++
 extensions/libebt_log.t     |  6 ++++++
 extensions/libebt_mark.t    |  5 +++++
 extensions/libebt_mark_m.t  |  6 ++++++
 extensions/libebt_nflog.t   |  5 +++++
 extensions/libebt_pkttype.t | 13 +++++++++++++
 extensions/libebt_stp.t     | 13 +++++++++++++
 extensions/libebt_vlan.t    |  5 +++++
 11 files changed, 89 insertions(+)
 create mode 100644 extensions/libebt_802_3.t
 create mode 100644 extensions/libebt_arp.t
 create mode 100644 extensions/libebt_ip.t
 create mode 100644 extensions/libebt_ip6.t
 create mode 100644 extensions/libebt_log.t
 create mode 100644 extensions/libebt_mark.t
 create mode 100644 extensions/libebt_mark_m.t
 create mode 100644 extensions/libebt_nflog.t
 create mode 100644 extensions/libebt_pkttype.t
 create mode 100644 extensions/libebt_stp.t
 create mode 100644 extensions/libebt_vlan.t

diff --git a/extensions/libebt_802_3.t b/extensions/libebt_802_3.t
new file mode 100644
index 000000000000..ddfb2f0a72ba
--- /dev/null
+++ b/extensions/libebt_802_3.t
@@ -0,0 +1,3 @@
+:INPUT,FORWARD,OUTPUT
+--802_3-sap ! 0x0a -j CONTINUE;=;OK
+--802_3-type 0x000a -j RETURN;=;OK
diff --git a/extensions/libebt_arp.t b/extensions/libebt_arp.t
new file mode 100644
index 000000000000..64b4362f9cdb
--- /dev/null
+++ b/extensions/libebt_arp.t
@@ -0,0 +1,11 @@
+:INPUT,FORWARD,OUTPUT
+-p ARP --arp-op Request;=;OK
+-p ARP --arp-htype ! 1;=;OK
+-p ARP --arp-ptype 0x2;=;OK
+-p ARP --arp-ip-src 1.2.3.4;=;OK
+-p ARP ! --arp-ip-dst 1.2.3.4;-p ARP --arp-ip-dst ! 1.2.3.4 -j CONTINUE;OK
+-p ARP --arp-ip-src ! 0.0.0.0;=;OK
+-p ARP --arp-ip-dst ! 0.0.0.0/8;=;OK
+-p ARP --arp-mac-src 0:de:ad:be:ef:0;=;OK
+-p ARP --arp-mac-dst de:ad:be:ef:0:0/ff:ff:ff:ff:0:0;=;OK
+-p ARP --arp-gratuitous;=;OK
diff --git a/extensions/libebt_ip.t b/extensions/libebt_ip.t
new file mode 100644
index 000000000000..6f99aa56d238
--- /dev/null
+++ b/extensions/libebt_ip.t
@@ -0,0 +1,10 @@
+:INPUT,FORWARD,OUTPUT
+-p ip --ip-src ! 192.168.0.0/24 -j ACCEPT;-p IPv4 --ip-src ! 192.168.0.0/24 -j ACCEPT;OK
+-p IPv4 --ip-dst 10.0.0.1;=;OK
+-p IPv4 --ip-tos 0xFF;=;OK
+-p IPv4 --ip-proto tcp --ip-dport 22;=;OK
+-p IPv4 --ip-proto udp --ip-sport 1024:65535;=;OK
+-p IPv4 --ip-proto 253;=;OK
+-p IPv4 --ip-proto icmp --ip-icmp-type echo-request;=;OK
+-p IPv4 --ip-proto icmp --ip-icmp-type 1/1;=;OK
+-p ip --ip-protocol icmp --ip-icmp-type ! 1:10;-p IPv4 --ip-proto icmp --ip-icmp-type ! 1:10/0:255 -j CONTINUE;OK
diff --git a/extensions/libebt_ip6.t b/extensions/libebt_ip6.t
new file mode 100644
index 000000000000..986348008f12
--- /dev/null
+++ b/extensions/libebt_ip6.t
@@ -0,0 +1,12 @@
+:INPUT,FORWARD,OUTPUT
+-p ip6 --ip6-src ! dead::beef/64 -j ACCEPT;-p IPv6 --ip6-src ! dead::/64 -j ACCEPT;OK
+-p IPv6 --ip6-dst dead:beef::/64 -j ACCEPT;=;OK
+-p IPv6 --ip6-dst f00:ba::;=;OK
+-p IPv6 --ip6-tclass 0xFF;=;OK
+-p IPv6 --ip6-proto tcp --ip6-dport 22;=;OK
+-p IPv6 --ip6-proto udp --ip6-sport 1024:65535;=;OK
+-p IPv6 --ip6-proto 253;=;OK
+-p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type echo-request -j CONTINUE;=;OK
+-p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type echo-request;=;OK
+-p ip6 --ip6-protocol icmpv6 --ip6-icmp-type 1/1;-p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type communication-prohibited -j CONTINUE;OK
+-p IPv6 --ip6-proto ipv6-icmp --ip6-icmp-type ! 1:10/0:255;=;OK
diff --git a/extensions/libebt_log.t b/extensions/libebt_log.t
new file mode 100644
index 000000000000..a0df6169112a
--- /dev/null
+++ b/extensions/libebt_log.t
@@ -0,0 +1,6 @@
+:INPUT,FORWARD,OUTPUT
+--log;=;OK
+--log-level crit;=;OK
+--log-level 1;--log-level alert --log-prefix "";OK
+--log-level emerg --log-ip --log-arp --log-ip6;--log-level emerg --log-prefix "" --log-ip --log-arp --log-ip6 -j CONTINUE;OK
+--log-level crit --log-ip --log-arp --log-ip6 --log-prefix foo;--log-level crit --log-prefix "foo" --log-ip --log-arp --log-ip6 -j CONTINUE;OK
diff --git a/extensions/libebt_mark.t b/extensions/libebt_mark.t
new file mode 100644
index 000000000000..2d8f9d7a972a
--- /dev/null
+++ b/extensions/libebt_mark.t
@@ -0,0 +1,5 @@
+:INPUT,FORWARD,OUTPUT
+-j mark --mark-set 1;-j mark --mark-set 0x1 --mark-target ACCEPT;OK
+-j mark --mark-or 0xa --mark-target CONTINUE;=;OK
+-j mark --mark-and 0x1 --mark-target RETURN;=;OK
+-j mark --mark-xor 0x1 --mark-target CONTINUE;=;OK
diff --git a/extensions/libebt_mark_m.t b/extensions/libebt_mark_m.t
new file mode 100644
index 000000000000..00035427f8b6
--- /dev/null
+++ b/extensions/libebt_mark_m.t
@@ -0,0 +1,6 @@
+:INPUT,FORWARD,OUTPUT
+--mark 42;--mark 0x2a;OK
+--mark ! 42;--mark ! 0x2a;OK
+--mark 42/0xff;--mark 0x2a/0xff;OK
+--mark ! 0x1/0xff;=;OK
+--mark /0x2;=;OK
diff --git a/extensions/libebt_nflog.t b/extensions/libebt_nflog.t
new file mode 100644
index 000000000000..f867df303fa9
--- /dev/null
+++ b/extensions/libebt_nflog.t
@@ -0,0 +1,5 @@
+:INPUT,FORWARD,OUTPUT
+--nflog;=;OK
+--nflog-group 42;=;OK
+--nflog-range 42;--nflog-group 1 --nflog-range 42 -j CONTINUE;OK
+--nflog-threshold 100 --nflog-prefix foo;--nflog-prefix "foo" --nflog-group 1 --nflog-threshold 100 -j CONTINUE;OK
diff --git a/extensions/libebt_pkttype.t b/extensions/libebt_pkttype.t
new file mode 100644
index 000000000000..921cf3acbbda
--- /dev/null
+++ b/extensions/libebt_pkttype.t
@@ -0,0 +1,13 @@
+:INPUT,FORWARD,OUTPUT
+-s 0:0:0:0:0:0;=;OK
+-d 00:00:0:00:00:00;-d 0:0:0:0:0:0;OK
+-s de:ad:be:ef:0:00 -j RETURN;-s de:ad:be:ef:0:0 -j RETURN;OK
+-d de:ad:be:ef:0:0;=;OK
+! --pkttype-type host;--pkttype-type ! host -j CONTINUE;OK
+--pkttype-type host;=;OK
+--pkttype-type broadcast;=;OK
+--pkttype-type ! multicast;=;OK
+--pkttype-type multicast;=;OK
+--pkttype-type otherhost;=;OK
+--pkttype-type outgoing;=;OK
+--pkttype-type loopback;=;OK
diff --git a/extensions/libebt_stp.t b/extensions/libebt_stp.t
new file mode 100644
index 000000000000..0c6b77b91454
--- /dev/null
+++ b/extensions/libebt_stp.t
@@ -0,0 +1,13 @@
+:INPUT,FORWARD,OUTPUT
+--stp-type 1;=;OK
+--stp-flags 0x1;--stp-flags topology-change -j CONTINUE;OK
+--stp-root-prio 1  -j ACCEPT;=;OK
+--stp-root-addr 0d:ea:d0:0b:ee:f0;=;OK
+--stp-root-cost 1;=;OK
+--stp-sender-prio 1;=;OK
+--stp-sender-addr de:ad:be:ef:00:00;=;OK
+--stp-port 1;=;OK
+--stp-msg-age 1;=;OK
+--stp-max-age 1;=;OK
+--stp-hello-time 1;=;OK
+--stp-forward-delay 1;=;OK
diff --git a/extensions/libebt_vlan.t b/extensions/libebt_vlan.t
new file mode 100644
index 000000000000..58471caa2343
--- /dev/null
+++ b/extensions/libebt_vlan.t
@@ -0,0 +1,5 @@
+:INPUT,FORWARD,OUTPUT
+-p 802_1Q --vlan-id 42;=;OK
+-p 802_1Q --vlan-prio ! 1;=;OK
+-p 802_1Q --vlan-encap ip;-p 802_1Q --vlan-encap 0800 -j CONTINUE;OK
+-p 802_1Q --vlan-encap IPv6 ! --vlan-id 1;-p 802_1Q --vlan-id ! 1 --vlan-encap 86DD -j CONTINUE;OK
-- 
2.18.1




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux