Extend translation test to deal with multiline translation, e.g. iptables-translate -A INPUT -m connlimit --connlimit-above 2 nft add set ip filter connlimit0 { type ipv4_addr; flags dynamic; } nft add rule ip filter INPUT add @connlimit0 { ip saddr ct count over 2 } counter Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- xlate-test.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/xlate-test.py b/xlate-test.py index 4c014f9bd269..cba98b6e8e49 100755 --- a/xlate-test.py +++ b/xlate-test.py @@ -39,14 +39,21 @@ def run_test(name, payload): tests = passed = failed = errors = 0 result = [] - for line in payload: + line = payload.readline() + while line: if line.startswith(keywords): tests += 1 process = Popen([ xtables_nft_multi ] + shlex.split(line), stdout=PIPE, stderr=PIPE) (output, error) = process.communicate() if process.returncode == 0: translation = output.decode("utf-8").rstrip(" \n") - expected = next(payload).rstrip(" \n") + expected = payload.readline().rstrip(" \n") + next_expected = payload.readline().rstrip(" \n") + if next_expected.startswith("nft"): + expected += "\n" + next_expected + line = payload.readline() + else: + line = next_expected if translation != expected: test_passed = False failed += 1 @@ -62,6 +69,9 @@ def run_test(name, payload): errors += 1 result.append(name + ": " + red("Error: ") + "iptables-translate failure") result.append(error.decode("utf-8")) + line = payload.readline() + else: + line = payload.readline() if (passed == tests) and not args.test: print(name + ": " + green("OK")) if not test_passed: -- 2.20.1