[PATCH net-next 00/15] selftests: move netfilter tests to net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

First patch in this series moves selftests/netfilter/
to selftests/net/netfilter/.

Passing this via net-next rather than nf-next for this reason.

Main motivation is that a lot of these scripts only work on my old
development VM, I hope that placing this in net/ will get these
tests to get run in more regular intervals (and tests get more robust).

Changes are:

- make use of existing 'setup_ns' and 'busywait' helpers
- fix shellcheck warnings
- add more SKIP checks to avoid failures
- get rid of netcat in favor of socat, too many test
  failures due to 'wrong' netcat flavor
- do not assume rp_filter sysctl is off

I have more patches that fix up the remaining test scripts,
but the series was too large to send them at once (34 patches).

After all scripts are fixed up, tests pass on both my Debian
and Fedora test machines.

If you want me to route this via a different tree, e.g. nf-next,
please let me know.

MAINTAINERS is updated to reflect that future updates should be handled
via netfilter-devel@.

Florian Westphal (15):
  selftests: netfilter: move to net subdir
  selftests: netfilter: bridge_brouter.sh: move to lib.sh infra
  selftests: netfilter: br_netfilter.sh: move to lib.sh infra
  selftests: netfilter: conntrack_icmp_related.sh: move to lib.sh infra
  selftests: netfilter: conntrack_tcp_unreplied.sh: move to lib.sh infra
  selftests: netfilter: conntrack_sctp_collision.sh: move to lib.sh infra
  selftests: netfilter: conntrack_vrf.sh: move to lib.sh infra
  selftests: netfilter: conntrack_ipip_mtu.sh" move to lib.sh infra
  selftests: netfilter: place checktool helper in lib.sh
  selftests: netfilter: ipvs.sh: move to lib.sh infra
  selftests: netfilter: nf_nat_edemux.sh: move to lib.sh infra
  selftests: netfilter: nft_conntrack_helper.sh: test to lib.sh infra
  selftests: netfilter: nft_fib.sh: move to lib.sh infra
  selftests: netfilter: nft_flowtable.sh: move test to lib.sh infra
  selftests: netfilter: nft_nat.sh: move to lib.sh infra

 MAINTAINERS                                   |   1 +
 .../selftests/{ => net}/netfilter/.gitignore  |   4 +-
 .../testing/selftests/net/netfilter/Makefile  |  44 ++
 .../{ => net}/netfilter/audit_logread.c       |   0
 .../selftests/net/netfilter/br_netfilter.sh   | 163 ++++++
 .../selftests/net/netfilter/bridge_brouter.sh | 122 +++++
 tools/testing/selftests/net/netfilter/config  |  37 ++
 .../{ => net}/netfilter/connect_close.c       |   0
 .../netfilter/conntrack_dump_flush.c          |   2 +-
 .../netfilter/conntrack_icmp_related.sh       | 179 +++----
 .../netfilter/conntrack_ipip_mtu.sh}          |  44 +-
 .../net/netfilter/conntrack_sctp_collision.sh |  87 ++++
 .../net/netfilter/conntrack_tcp_unreplied.sh  | 153 ++++++
 .../{ => net}/netfilter/conntrack_vrf.sh      | 101 ++--
 tools/testing/selftests/net/netfilter/ipvs.sh | 211 ++++++++
 tools/testing/selftests/net/netfilter/lib.sh  |  10 +
 .../selftests/net/netfilter/nf_nat_edemux.sh  |  97 ++++
 .../nf-queue.c => net/netfilter/nf_queue.c}   |   0
 .../{ => net}/netfilter/nft_audit.sh          |   0
 .../{ => net}/netfilter/nft_concat_range.sh   |   0
 .../net/netfilter/nft_conntrack_helper.sh     | 171 +++++++
 .../selftests/{ => net}/netfilter/nft_fib.sh  |  71 +--
 .../{ => net}/netfilter/nft_flowtable.sh      | 108 ++--
 .../selftests/{ => net}/netfilter/nft_meta.sh |   0
 .../selftests/{ => net}/netfilter/nft_nat.sh  | 480 ++++++++----------
 .../{ => net}/netfilter/nft_nat_zones.sh      |   0
 .../{ => net}/netfilter/nft_queue.sh          |  18 +-
 .../{ => net}/netfilter/nft_synproxy.sh       |   0
 .../{ => net}/netfilter/nft_zones_many.sh     |   0
 .../selftests/{ => net}/netfilter/rpath.sh    |   0
 .../{ => net}/netfilter/sctp_collision.c      |   0
 .../{ => net}/netfilter/xt_string.sh          |   0
 tools/testing/selftests/netfilter/Makefile    |  21 -
 .../selftests/netfilter/bridge_brouter.sh     | 146 ------
 .../selftests/netfilter/bridge_netfilter.sh   | 188 -------
 tools/testing/selftests/netfilter/config      |   9 -
 .../netfilter/conntrack_sctp_collision.sh     |  89 ----
 .../netfilter/conntrack_tcp_unreplied.sh      | 167 ------
 tools/testing/selftests/netfilter/ipvs.sh     | 228 ---------
 .../selftests/netfilter/nf_nat_edemux.sh      | 127 -----
 .../netfilter/nft_conntrack_helper.sh         | 197 -------
 .../selftests/netfilter/nft_trans_stress.sh   | 151 ------
 tools/testing/selftests/netfilter/settings    |   1 -
 43 files changed, 1493 insertions(+), 1934 deletions(-)
 rename tools/testing/selftests/{ => net}/netfilter/.gitignore (92%)
 create mode 100644 tools/testing/selftests/net/netfilter/Makefile
 rename tools/testing/selftests/{ => net}/netfilter/audit_logread.c (100%)
 create mode 100755 tools/testing/selftests/net/netfilter/br_netfilter.sh
 create mode 100755 tools/testing/selftests/net/netfilter/bridge_brouter.sh
 create mode 100644 tools/testing/selftests/net/netfilter/config
 rename tools/testing/selftests/{ => net}/netfilter/connect_close.c (100%)
 rename tools/testing/selftests/{ => net}/netfilter/conntrack_dump_flush.c (99%)
 rename tools/testing/selftests/{ => net}/netfilter/conntrack_icmp_related.sh (52%)
 rename tools/testing/selftests/{netfilter/ipip-conntrack-mtu.sh => net/netfilter/conntrack_ipip_mtu.sh} (89%)
 create mode 100755 tools/testing/selftests/net/netfilter/conntrack_sctp_collision.sh
 create mode 100755 tools/testing/selftests/net/netfilter/conntrack_tcp_unreplied.sh
 rename tools/testing/selftests/{ => net}/netfilter/conntrack_vrf.sh (66%)
 create mode 100755 tools/testing/selftests/net/netfilter/ipvs.sh
 create mode 100644 tools/testing/selftests/net/netfilter/lib.sh
 create mode 100755 tools/testing/selftests/net/netfilter/nf_nat_edemux.sh
 rename tools/testing/selftests/{netfilter/nf-queue.c => net/netfilter/nf_queue.c} (100%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_audit.sh (100%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_concat_range.sh (100%)
 create mode 100755 tools/testing/selftests/net/netfilter/nft_conntrack_helper.sh
 rename tools/testing/selftests/{ => net}/netfilter/nft_fib.sh (78%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_flowtable.sh (88%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_meta.sh (100%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_nat.sh (62%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_nat_zones.sh (100%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_queue.sh (95%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_synproxy.sh (100%)
 rename tools/testing/selftests/{ => net}/netfilter/nft_zones_many.sh (100%)
 rename tools/testing/selftests/{ => net}/netfilter/rpath.sh (100%)
 rename tools/testing/selftests/{ => net}/netfilter/sctp_collision.c (100%)
 rename tools/testing/selftests/{ => net}/netfilter/xt_string.sh (100%)
 delete mode 100644 tools/testing/selftests/netfilter/Makefile
 delete mode 100755 tools/testing/selftests/netfilter/bridge_brouter.sh
 delete mode 100644 tools/testing/selftests/netfilter/bridge_netfilter.sh
 delete mode 100644 tools/testing/selftests/netfilter/config
 delete mode 100755 tools/testing/selftests/netfilter/conntrack_sctp_collision.sh
 delete mode 100755 tools/testing/selftests/netfilter/conntrack_tcp_unreplied.sh
 delete mode 100755 tools/testing/selftests/netfilter/ipvs.sh
 delete mode 100755 tools/testing/selftests/netfilter/nf_nat_edemux.sh
 delete mode 100755 tools/testing/selftests/netfilter/nft_conntrack_helper.sh
 delete mode 100755 tools/testing/selftests/netfilter/nft_trans_stress.sh
 delete mode 100644 tools/testing/selftests/netfilter/settings

-- 
2.43.2
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux