From patchwork Fri Apr 27 15:52:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Westphal X-Patchwork-Id: 905836 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=strlen.de Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 40Xdjm04nwz9s0v for ; Sat, 28 Apr 2018 01:52:28 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932613AbeD0Pw1 (ORCPT ); Fri, 27 Apr 2018 11:52:27 -0400 Received: from Chamillionaire.breakpoint.cc ([146.0.238.67]:38760 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932563AbeD0Pw0 (ORCPT ); Fri, 27 Apr 2018 11:52:26 -0400 Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.89) (envelope-from ) id 1fC5fc-0008MN-So; Fri, 27 Apr 2018 17:52:24 +0200 From: Florian Westphal To: Cc: Florian Westphal Subject: [PATCH iptables] iptables-test: add nft switch and test binaries from git Date: Fri, 27 Apr 2018 17:52:20 +0200 Message-Id: <20180427155220.17429-1-fw@strlen.de> X-Mailer: git-send-email 2.14.3 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org instead of testing the system-wide installed iptables, test the version from git instead. Also add a --nftables switch to feed the test cases to xt-compat. Signed-off-by: Florian Westphal --- iptables-test.py | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/iptables-test.py b/iptables-test.py index 9e137f8cdc03..f3ec1b5c5f3d 100755 --- a/iptables-test.py +++ b/iptables-test.py @@ -51,7 +51,7 @@ def delete_rule(iptables, rule, filename, lineno): ''' Removes an iptables rule ''' - cmd = iptables + " -D " + rule + cmd = EXECUTEABLE + " " + iptables + " -D " + rule ret = execute_cmd(cmd, filename, lineno) if ret == 1: reason = "cannot delete: " + iptables + " -I " + rule @@ -75,7 +75,7 @@ def run_test(iptables, rule, rule_save, res, filename, lineno): ''' ret = 0 - cmd = iptables + " -A " + rule + cmd = EXECUTEABLE + " " + iptables + " -A " + rule ret = execute_cmd(cmd, filename, lineno) # @@ -109,7 +109,8 @@ def run_test(iptables, rule, rule_save, res, filename, lineno): elif splitted[0] == IP6TABLES: command = IP6TABLES_SAVE args = splitted[1:] - proc = subprocess.Popen(command, stdin=subprocess.PIPE, + proc = subprocess.Popen((os.path.abspath(os.path.curdir) + "/iptables/" + EXECUTEABLE, command), + stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE) out, err = proc.communicate() @@ -267,6 +268,8 @@ def main(): help='Run only this test') parser.add_argument('-m', '--missing', action='store_true', help='Check for missing tests') + parser.add_argument('-n', '--nftables', action='store_true', + help='Test iptables-over-nftables') args = parser.parse_args() # @@ -276,10 +279,18 @@ def main(): show_missing() return + global EXECUTEABLE + EXECUTEABLE = "xtables-multi" + if args.nftables: + EXECUTEABLE = "xtables-compat-multi" + if os.getuid() != 0: print "You need to be root to run this, sorry" return + os.putenv("XTABLES_LIBDIR", os.path.abspath(EXTENSIONS_PATH)) + os.putenv("PATH", "%s/iptables:%s" % (os.path.abspath(os.path.curdir), os.getenv("PATH"))) + test_files = 0 tests = 0 passed = 0