summaryrefslogtreecommitdiff
path: root/unit
diff options
context:
space:
mode:
authorDaniel Wagner <daniel.wagner@bmw-carit.de>2013-02-12 10:19:47 +0100
committerPatrik Flykt <patrik.flykt@linux.intel.com>2013-02-12 12:34:33 +0200
commit8a9d7d098752ed51762859124438d29e281ca76b (patch)
treeab0f2b6a068111368456c6be2e02735db80a8ff5 /unit
parentba052f1fa25d330b188027f41b4c88a23cc02431 (diff)
downloadconnman-8a9d7d098752ed51762859124438d29e281ca76b.tar.gz
connman-8a9d7d098752ed51762859124438d29e281ca76b.tar.bz2
connman-8a9d7d098752ed51762859124438d29e281ca76b.zip
test-iptables: Add unit test for the new API
Diffstat (limited to 'unit')
-rw-r--r--unit/test-iptables.c139
1 files changed, 139 insertions, 0 deletions
diff --git a/unit/test-iptables.c b/unit/test-iptables.c
index f11ed551..d9170125 100644
--- a/unit/test-iptables.c
+++ b/unit/test-iptables.c
@@ -100,6 +100,139 @@ static void test_iptables_basic2(void)
g_assert(err == 0);
}
+static void test_iptables_chain0(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain1(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_flush_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain2(void)
+{
+ int err;
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "DROP");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "ACCEPT");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule0(void)
+{
+ int err;
+
+ /* Test simple appending and removing a rule */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+
+static void test_iptables_rule1(void)
+{
+ int err;
+
+ /* Test if we can do NAT stuff */
+
+ err = __connman_iptables_append("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule2(void)
+{
+ int err;
+
+ /* Test if the right rule is removed */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
int main(int argc, char *argv[])
{
int err;
@@ -113,6 +246,12 @@ int main(int argc, char *argv[])
g_test_add_func("/iptables/basic0", test_iptables_basic0);
g_test_add_func("/iptables/basic1", test_iptables_basic1);
g_test_add_func("/iptables/basic2", test_iptables_basic2);
+ g_test_add_func("/iptables/chain0", test_iptables_chain0);
+ g_test_add_func("/iptables/chain1", test_iptables_chain1);
+ g_test_add_func("/iptables/chain2", test_iptables_chain2);
+ g_test_add_func("/iptables/rule0", test_iptables_rule0);
+ g_test_add_func("/iptables/rule1", test_iptables_rule1);
+ g_test_add_func("/iptables/rule2", test_iptables_rule2);
err = g_test_run();