Compare commits
No commits in common. "c8" and "c9s" have entirely different histories.
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
||||
SOURCES/libnetfilter_cttimeout-1.0.0.tar.bz2
|
||||
/libnetfilter_cttimeout-1.0.0.tar.bz2
|
||||
|
@ -1 +0,0 @@
|
||||
24cba24b0371e80007be4ea0fa9d872df63b8a7a SOURCES/libnetfilter_cttimeout-1.0.0.tar.bz2
|
6
gating.yaml
Normal file
6
gating.yaml
Normal file
@ -0,0 +1,6 @@
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- rhel-9
|
||||
decision_context: osci_compose_gate
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
|
@ -1,14 +1,14 @@
|
||||
Name: libnetfilter_cttimeout
|
||||
Version: 1.0.0
|
||||
Release: 11%{?dist}
|
||||
Release: 19%{?dist}
|
||||
Summary: Timeout policy tuning for Netfilter/conntrack
|
||||
Group: System Environment/Libraries
|
||||
License: GPLv2+
|
||||
URL: http://netfilter.org
|
||||
Source0: http://netfilter.org/projects/%{name}/files/%{name}-%{version}.tar.bz2
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
||||
BuildRequires: gcc
|
||||
BuildRequires: libmnl-devel >= 1.0.0, pkgconfig, kernel-headers
|
||||
BuildRequires: make
|
||||
|
||||
%description
|
||||
This infrastructure allows you to define fine-grain timeout
|
||||
@ -20,7 +20,6 @@ policy to the kernel.
|
||||
|
||||
%package devel
|
||||
Summary: Timeout policy tuning for Netfilter/conntrack
|
||||
Group: Development/Libraries
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
Requires: libmnl-devel >= 1.0.0
|
||||
Requires: kernel-headers
|
||||
@ -46,11 +45,7 @@ rm -rf $RPM_BUILD_ROOT
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';'
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%post -p /sbin/ldconfig
|
||||
%postun -p /sbin/ldconfig
|
||||
%ldconfig_scriptlets
|
||||
|
||||
%files
|
||||
%doc COPYING README
|
||||
@ -63,6 +58,31 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_includedir}/libnetfilter_cttimeout/*.h
|
||||
|
||||
%changelog
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.0-19
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.0-18
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-17
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-16
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-15
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-14
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-13
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-12
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.0-11
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
1
sources
Normal file
1
sources
Normal file
@ -0,0 +1 @@
|
||||
7697437fc9ebb6f6b83df56a633db7f9 libnetfilter_cttimeout-1.0.0.tar.bz2
|
22
tests/run-test.sh
Normal file
22
tests/run-test.sh
Normal file
@ -0,0 +1,22 @@
|
||||
#!/bin/bash
|
||||
|
||||
_UID=`id -u`
|
||||
if [ $_UID -ne 0 ]
|
||||
then
|
||||
echo "Run this test as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
gcc test.c -o test
|
||||
#
|
||||
# XXX: module auto-load not support by nfnetlink_cttimeout yet :-(
|
||||
#
|
||||
# any or all of these might be built-ins rather than modules, so don't error
|
||||
# out on failure from modprobe
|
||||
modprobe nf_conntrack_ipv4 || true
|
||||
modprobe nf_conntrack_ipv6 || true
|
||||
modprobe nf_conntrack_proto_udplite || true
|
||||
modprobe nf_conntrack_proto_sctp || true
|
||||
modprobe nf_conntrack_proto_dccp || true
|
||||
modprobe nf_conntrack_proto_gre || true
|
||||
./test timeout
|
100
tests/test.c
Normal file
100
tests/test.c
Normal file
@ -0,0 +1,100 @@
|
||||
/*
|
||||
* (c) 2012 by Pablo Neira Ayuso <pablo@netfilter.org>
|
||||
*
|
||||
* Extremely simple test utility for the command line tools.
|
||||
*
|
||||
* Based on test-conntrack.c
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/wait.h>
|
||||
#include <dirent.h>
|
||||
|
||||
#define PATH "/usr/sbin"
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
int ret, ok = 0, bad = 0, line;
|
||||
FILE *fp;
|
||||
DIR *d;
|
||||
char buf[1024];
|
||||
struct dirent *dent;
|
||||
char file[1024];
|
||||
|
||||
if (argc < 2) {
|
||||
fprintf(stderr, "Usage: %s directory\n", argv[0]);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
d = opendir(argv[1]);
|
||||
if (d == NULL) {
|
||||
perror("opendir");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
setenv("PATH", PATH, 1);
|
||||
|
||||
while ((dent = readdir(d)) != NULL) {
|
||||
|
||||
sprintf(file, "%s/%s", argv[1], dent->d_name);
|
||||
|
||||
line = 0;
|
||||
|
||||
fp = fopen(file, "r");
|
||||
if (fp == NULL) {
|
||||
perror("cannot find testsuite file");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
while (fgets(buf, sizeof(buf), fp)) {
|
||||
char *res;
|
||||
|
||||
line++;
|
||||
|
||||
if (buf[0] == '#' || buf[0] == ' ')
|
||||
continue;
|
||||
|
||||
res = strchr(buf, ';');
|
||||
if (!res) {
|
||||
printf("malformed file %s at line %d\n",
|
||||
dent->d_name, line);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
*res = '\0';
|
||||
res+=2;
|
||||
|
||||
printf("(%d) Executing: %s\n", line, buf);
|
||||
|
||||
ret = system(buf);
|
||||
|
||||
if (WIFEXITED(ret) &&
|
||||
WEXITSTATUS(ret) == EXIT_SUCCESS) {
|
||||
if (res[0] == 'O' &&
|
||||
res[1] == 'K')
|
||||
ok++;
|
||||
else {
|
||||
bad++;
|
||||
printf("^----- BAD\n");
|
||||
}
|
||||
} else {
|
||||
if (res[0] == 'B' &&
|
||||
res[1] == 'A' &&
|
||||
res[2] == 'D')
|
||||
ok++;
|
||||
else {
|
||||
bad++;
|
||||
printf("^----- BAD\n");
|
||||
}
|
||||
}
|
||||
printf("=====\n");
|
||||
}
|
||||
fclose(fp);
|
||||
}
|
||||
closedir(d);
|
||||
|
||||
fprintf(stdout, "OK: %d BAD: %d\n", ok, bad);
|
||||
}
|
15
tests/tests.yml
Normal file
15
tests/tests.yml
Normal file
@ -0,0 +1,15 @@
|
||||
# Tests for libnetfilter_cttimeout
|
||||
- hosts: localhost
|
||||
tags:
|
||||
- classic
|
||||
roles:
|
||||
- role: standard-test-basic
|
||||
required_packages:
|
||||
- gcc
|
||||
- conntrack-tools
|
||||
tests:
|
||||
- sanity-test:
|
||||
dir: .
|
||||
run: chmod +x run-test.sh && ./run-test.sh timeout | tee cttimeout_test.log | grep -q '^OK':' [0-9]* BAD':' 0$'
|
||||
save_files:
|
||||
- cttimeout_test.log
|
16
tests/timeout/00tcp
Normal file
16
tests/timeout/00tcp
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet tcp established 100 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet tcp syn_sent 1 syn_recv 2 established 3 fin_wait 4 close_wait 5 last_ack 6 time_wait 7 close 8 syn_sent2 9 retrans 10 unacknowledged 11 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/01udp
Normal file
16
tests/timeout/01udp
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet udp unreplied 10 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet udp unreplied 1 replied 2 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/02generic
Normal file
16
tests/timeout/02generic
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet generic timeout 10 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet generic timeout 1 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/03udplite
Normal file
16
tests/timeout/03udplite
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet udplite unreplied 10 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet udplite unreplied 1 replied 2 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/04icmp
Normal file
16
tests/timeout/04icmp
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet icmp timeout 10 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet icmp timeout 1 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/05icmpv6
Normal file
16
tests/timeout/05icmpv6
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet6 icmpv6 timeout 10 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet6 icmpv6 timeout 1 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/06sctp
Normal file
16
tests/timeout/06sctp
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet sctp established 100 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet sctp closed 1 cookie_wait 2 cookie_echoed 3 established 4 shutdown_sent 5 shutdown_recd 6 shutdown_ack_sent 7 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/07dccp
Normal file
16
tests/timeout/07dccp
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet dccp request 100 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet dccp request 1 respond 2 partopen 3 open 4 closereq 5 closing 6 timewait 7 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
16
tests/timeout/08gre
Normal file
16
tests/timeout/08gre
Normal file
@ -0,0 +1,16 @@
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet gre unreplied 10 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
||||
# get unexistent policy object `dummy'
|
||||
nfct get timeout test ; BAD
|
||||
# delete policy object `test', however, it does not exists anymore
|
||||
nfct delete timeout test ; BAD
|
||||
# add policy object `test'
|
||||
nfct add timeout test inet gre unreplied 1 replied 2 ; OK
|
||||
# get policy object `test'
|
||||
nfct get timeout test ; OK
|
||||
# delete policy object `test'
|
||||
nfct delete timeout test ; OK
|
Loading…
Reference in New Issue
Block a user