On Wed, Jun 26, 2019 at 09:09:29PM +0200, Pablo Neira Ayuso wrote: > On Wed, Jun 26, 2019 at 09:05:03PM +0200, Pablo Neira Ayuso wrote: > > On Wed, Jun 26, 2019 at 08:56:53PM +0200, Florian Westphal wrote: > > > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > > > On Wed, Jun 26, 2019 at 08:42:34PM +0200, Florian Westphal wrote: > > > > > diff --git a/tools/testing/selftests/netfilter/nf-queue.c b/tools/testing/selftests/netfilter/nf-queue.c > > > > > new file mode 100644 > > > > > index 000000000000..897274bd6f4a > > > > > --- /dev/null > > > > > +++ b/tools/testing/selftests/netfilter/nf-queue.c > > > > > > > > Oh well. Lots of copied and pasted code from the libraries. > > > > > > > > We'll have to remind to take patches for the example in the library > > > > and the kernel. > > > > > > Do you have an alternative proposal? > > > > Probably install this nf-queue tool from libraries? Then, selftest use > > this binary? So we have a single copy of this code :-) > > Or move this C code to a new git tree under netfilter, eg. > netfilter-tests.git, you may need something similar for > libnetfilter_log I suspect, and so on for other stuff. > > Such new git tree would compile all testing tools for netfilter and > install them. > > kselftest depends on external tooling anyway, this should be fine. You could also integrate the tcpdr tool that Mate was using to test tproxy, there will be a test for tproxy too at some point, right? And you don't want to push that into the kernel? Having all this testing tools in the git repository somewhere where it can be collected could be useful. Users could invoke it from command line to collect packets and print them. I mean, add the nfqueue tool, then the nflog tool too, and so on. It would be also a good way to keep the C code for these tooling in the netfilter tree, while keeping the shell scripts in the kernel tree.
