diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..648918d --- /dev/null +++ b/gating.yaml @@ -0,0 +1,6 @@ +--- !Policy +product_versions: + - rhel-9 +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} diff --git a/tests/run-test.sh b/tests/run-test.sh new file mode 100644 index 0000000..f5f220b --- /dev/null +++ b/tests/run-test.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +_UID=`id -u` +if [ $_UID -ne 0 ] +then + echo "Run this test as root" + exit 1 +fi + +gcc test.c -o test +# +# XXX: module auto-load not support by nfnetlink_cttimeout yet :-( +# +# any or all of these might be built-ins rather than modules, so don't error +# out on failure from modprobe +modprobe nf_conntrack_ipv4 || true +modprobe nf_conntrack_ipv6 || true +modprobe nf_conntrack_proto_udplite || true +modprobe nf_conntrack_proto_sctp || true +modprobe nf_conntrack_proto_dccp || true +modprobe nf_conntrack_proto_gre || true +./test timeout diff --git a/tests/test.c b/tests/test.c new file mode 100644 index 0000000..a833dcc --- /dev/null +++ b/tests/test.c @@ -0,0 +1,100 @@ +/* + * (c) 2012 by Pablo Neira Ayuso + * + * Extremely simple test utility for the command line tools. + * + * Based on test-conntrack.c + */ + +#include +#include +#include +#include +#include +#include +#include + +#define PATH "/usr/sbin" + +int main(int argc, char *argv[]) +{ + int ret, ok = 0, bad = 0, line; + FILE *fp; + DIR *d; + char buf[1024]; + struct dirent *dent; + char file[1024]; + + if (argc < 2) { + fprintf(stderr, "Usage: %s directory\n", argv[0]); + exit(EXIT_FAILURE); + } + + d = opendir(argv[1]); + if (d == NULL) { + perror("opendir"); + exit(EXIT_FAILURE); + } + + setenv("PATH", PATH, 1); + + while ((dent = readdir(d)) != NULL) { + + sprintf(file, "%s/%s", argv[1], dent->d_name); + + line = 0; + + fp = fopen(file, "r"); + if (fp == NULL) { + perror("cannot find testsuite file"); + exit(EXIT_FAILURE); + } + + while (fgets(buf, sizeof(buf), fp)) { + char *res; + + line++; + + if (buf[0] == '#' || buf[0] == ' ') + continue; + + res = strchr(buf, ';'); + if (!res) { + printf("malformed file %s at line %d\n", + dent->d_name, line); + exit(EXIT_FAILURE); + } + *res = '\0'; + res+=2; + + printf("(%d) Executing: %s\n", line, buf); + + ret = system(buf); + + if (WIFEXITED(ret) && + WEXITSTATUS(ret) == EXIT_SUCCESS) { + if (res[0] == 'O' && + res[1] == 'K') + ok++; + else { + bad++; + printf("^----- BAD\n"); + } + } else { + if (res[0] == 'B' && + res[1] == 'A' && + res[2] == 'D') + ok++; + else { + bad++; + printf("^----- BAD\n"); + } + } + printf("=====\n"); + } + fclose(fp); + } + closedir(d); + + fprintf(stdout, "OK: %d BAD: %d\n", ok, bad); +} diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..e3ccdfc --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,15 @@ +# Tests for libnetfilter_cttimeout +- hosts: localhost + tags: + - classic + roles: + - role: standard-test-basic + required_packages: + - gcc + - conntrack-tools + tests: + - sanity-test: + dir: . + run: chmod +x run-test.sh && ./run-test.sh timeout | tee cttimeout_test.log | grep -q '^OK':' [0-9]* BAD':' 0$' + save_files: + - cttimeout_test.log diff --git a/tests/timeout/00tcp b/tests/timeout/00tcp new file mode 100644 index 0000000..ab2e6fc --- /dev/null +++ b/tests/timeout/00tcp @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet tcp established 100 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet tcp syn_sent 1 syn_recv 2 established 3 fin_wait 4 close_wait 5 last_ack 6 time_wait 7 close 8 syn_sent2 9 retrans 10 unacknowledged 11 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/01udp b/tests/timeout/01udp new file mode 100644 index 0000000..f8097d6 --- /dev/null +++ b/tests/timeout/01udp @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet udp unreplied 10 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet udp unreplied 1 replied 2 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/02generic b/tests/timeout/02generic new file mode 100644 index 0000000..ffba138 --- /dev/null +++ b/tests/timeout/02generic @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet generic timeout 10 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet generic timeout 1 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/03udplite b/tests/timeout/03udplite new file mode 100644 index 0000000..8ed3459 --- /dev/null +++ b/tests/timeout/03udplite @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet udplite unreplied 10 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet udplite unreplied 1 replied 2 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/04icmp b/tests/timeout/04icmp new file mode 100644 index 0000000..edb1c99 --- /dev/null +++ b/tests/timeout/04icmp @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet icmp timeout 10 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet icmp timeout 1 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/05icmpv6 b/tests/timeout/05icmpv6 new file mode 100644 index 0000000..40ccc49 --- /dev/null +++ b/tests/timeout/05icmpv6 @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet6 icmpv6 timeout 10 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet6 icmpv6 timeout 1 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/06sctp b/tests/timeout/06sctp new file mode 100644 index 0000000..62b44c6 --- /dev/null +++ b/tests/timeout/06sctp @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet sctp established 100 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet sctp closed 1 cookie_wait 2 cookie_echoed 3 established 4 shutdown_sent 5 shutdown_recd 6 shutdown_ack_sent 7 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/07dccp b/tests/timeout/07dccp new file mode 100644 index 0000000..1d88585 --- /dev/null +++ b/tests/timeout/07dccp @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet dccp request 100 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet dccp request 1 respond 2 partopen 3 open 4 closereq 5 closing 6 timewait 7 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK diff --git a/tests/timeout/08gre b/tests/timeout/08gre new file mode 100644 index 0000000..709b943 --- /dev/null +++ b/tests/timeout/08gre @@ -0,0 +1,16 @@ +# add policy object `test' +nfct add timeout test inet gre unreplied 10 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK +# get unexistent policy object `dummy' +nfct get timeout test ; BAD +# delete policy object `test', however, it does not exists anymore +nfct delete timeout test ; BAD +# add policy object `test' +nfct add timeout test inet gre unreplied 1 replied 2 ; OK +# get policy object `test' +nfct get timeout test ; OK +# delete policy object `test' +nfct delete timeout test ; OK