diff options
Diffstat (limited to 'tools')
-rwxr-xr-x | tools/dhcp-server-test.c | 6 | ||||
-rwxr-xr-x | tools/dhcp-test.c | 7 | ||||
-rwxr-xr-x | tools/dnsproxy-test.c | 1 | ||||
-rw-r--r-- | tools/ip6tables-test.c | 163 | ||||
-rwxr-xr-x | tools/iptables-test.c | 19 | ||||
-rwxr-xr-x | tools/iptables-unit.c | 492 | ||||
-rwxr-xr-x | tools/private-network-test.c | 2 | ||||
-rwxr-xr-x | tools/resolv-test.c | 2 | ||||
-rwxr-xr-x | tools/session-api.c | 42 | ||||
-rwxr-xr-x | tools/session-test.h | 3 | ||||
-rwxr-xr-x | tools/session-utils.c | 17 | ||||
-rwxr-xr-x | tools/stats-tool.c | 1 | ||||
-rwxr-xr-x | tools/tap-test.c | 3 | ||||
-rwxr-xr-x | tools/wispr.c | 1 |
14 files changed, 636 insertions, 123 deletions
diff --git a/tools/dhcp-server-test.c b/tools/dhcp-server-test.c index b7d2e540..59f5f34d 100755 --- a/tools/dhcp-server-test.c +++ b/tools/dhcp-server-test.c @@ -29,6 +29,8 @@ #include <gdhcp/gdhcp.h> +#include "../src/connman.h" + static GMainLoop *main_loop; static void sig_term(int sig) @@ -113,8 +115,12 @@ int main(int argc, char *argv[]) sigaction(SIGINT, &sa, NULL); sigaction(SIGTERM, &sa, NULL); + __connman_util_init(); + g_main_loop_run(main_loop); + __connman_util_cleanup(); + g_dhcp_server_unref(dhcp_server); g_main_loop_unref(main_loop); diff --git a/tools/dhcp-test.c b/tools/dhcp-test.c index c34e10a8..a6c3e993 100755 --- a/tools/dhcp-test.c +++ b/tools/dhcp-test.c @@ -33,10 +33,11 @@ #include <arpa/inet.h> #include <net/route.h> #include <net/ethernet.h> -#include <linux/if_arp.h> #include <gdhcp/gdhcp.h> +#include "../src/connman.h" + static GTimer *timer; static GMainLoop *main_loop; @@ -177,8 +178,12 @@ int main(int argc, char *argv[]) sigaction(SIGINT, &sa, NULL); sigaction(SIGTERM, &sa, NULL); + __connman_util_init(); + g_main_loop_run(main_loop); + __connman_util_cleanup(); + g_timer_destroy(timer); g_dhcp_client_unref(dhcp_client); diff --git a/tools/dnsproxy-test.c b/tools/dnsproxy-test.c index 551cae91..371e2e23 100755 --- a/tools/dnsproxy-test.c +++ b/tools/dnsproxy-test.c @@ -24,6 +24,7 @@ #endif #include <errno.h> +#include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> diff --git a/tools/ip6tables-test.c b/tools/ip6tables-test.c new file mode 100644 index 00000000..41e842dd --- /dev/null +++ b/tools/ip6tables-test.c @@ -0,0 +1,163 @@ +/* + * Connection Manager + * + * Copyright (C) 2007-2012 Intel Corporation. All rights reserved. + * Copyright (C) 2013 BMW Car IT GmbH. + * Copyright (C) 2018 Jolla Ltd. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + +#include <getopt.h> +#include <stdio.h> +#include <stdlib.h> +#include <errno.h> + +#include <glib.h> + +#include "../src/connman.h" + +enum iptables_command { + IPTABLES_COMMAND_APPEND, + IPTABLES_COMMAND_INSERT, + IPTABLES_COMMAND_DELETE, + IPTABLES_COMMAND_POLICY, + IPTABLES_COMMAND_CHAIN_INSERT, + IPTABLES_COMMAND_CHAIN_DELETE, + IPTABLES_COMMAND_CHAIN_FLUSH, + IPTABLES_COMMAND_DUMP, + IPTABLES_COMMAND_UNKNOWN, +}; + +int main(int argc, char *argv[]) +{ + enum iptables_command cmd = IPTABLES_COMMAND_UNKNOWN; + char *table = NULL, *chain = NULL, *rule = NULL, *tmp; + int err, c, i; + + opterr = 0; + + while ((c = getopt_long(argc, argv, + "-A:I:D:P:N:X:F:Lt:", NULL, NULL)) != -1) { + switch (c) { + case 'A': + chain = optarg; + cmd = IPTABLES_COMMAND_APPEND; + break; + case 'I': + chain = optarg; + cmd = IPTABLES_COMMAND_INSERT; + break; + case 'D': + chain = optarg; + cmd = IPTABLES_COMMAND_DELETE; + break; + case 'P': + chain = optarg; + /* The policy will be stored in rule. */ + cmd = IPTABLES_COMMAND_POLICY; + break; + case 'N': + chain = optarg; + cmd = IPTABLES_COMMAND_CHAIN_INSERT; + break; + case 'X': + chain = optarg; + cmd = IPTABLES_COMMAND_CHAIN_DELETE; + break; + case 'F': + chain = optarg; + cmd = IPTABLES_COMMAND_CHAIN_FLUSH; + break; + case 'L': + cmd = IPTABLES_COMMAND_DUMP; + break; + case 't': + table = optarg; + break; + default: + goto out; + } + } + +out: + if (!table) + table = "filter"; + + for (i = optind - 1; i < argc; i++) { + if (rule) { + tmp = rule; + rule = g_strdup_printf("%s %s", rule, argv[i]); + g_free(tmp); + } else + rule = g_strdup(argv[i]); + } + + __connman_iptables_init(); + + switch (cmd) { + case IPTABLES_COMMAND_APPEND: + err = __connman_iptables_append(AF_INET6, table, chain, rule); + break; + case IPTABLES_COMMAND_INSERT: + err = __connman_iptables_insert(AF_INET6, table, chain, rule); + break; + case IPTABLES_COMMAND_DELETE: + err = __connman_iptables_delete(AF_INET6, table, chain, rule); + break; + case IPTABLES_COMMAND_POLICY: + err = __connman_iptables_change_policy(AF_INET6, table, chain, + rule); + break; + case IPTABLES_COMMAND_CHAIN_INSERT: + err = __connman_iptables_new_chain(AF_INET6, table, chain); + break; + case IPTABLES_COMMAND_CHAIN_DELETE: + err = __connman_iptables_delete_chain(AF_INET6, table, chain); + break; + case IPTABLES_COMMAND_CHAIN_FLUSH: + err = __connman_iptables_flush_chain(AF_INET6, table, chain); + break; + case IPTABLES_COMMAND_DUMP: + __connman_log_init(argv[0], "*", false, false, + "ip6tables-test", "1"); + err = __connman_iptables_dump(AF_INET6, table); + break; + case IPTABLES_COMMAND_UNKNOWN: + printf("Missing command\n"); + printf("usage: ip6tables-test [-t table] {-A|-I|-D} chain rule\n"); + printf(" ip6tables-test [-t table] {-N|-X|-F} chain\n"); + printf(" ip6tables-test [-t table] -L\n"); + printf(" ip6tables-test [-t table] -P chain target\n"); + exit(-EINVAL); + } + + if (err < 0) { + printf("Error: %s\n", strerror(-err)); + exit(err); + } + + err = __connman_iptables_commit(AF_INET6, table); + if (err < 0) { + printf("Failed to commit changes: %s\n", strerror(-err)); + exit(err); + } + + g_free(rule); + + __connman_iptables_cleanup(); + + return 0; +} diff --git a/tools/iptables-test.c b/tools/iptables-test.c index 2df53ccd..e9b7cb22 100755 --- a/tools/iptables-test.c +++ b/tools/iptables-test.c @@ -108,30 +108,31 @@ out: switch (cmd) { case IPTABLES_COMMAND_APPEND: - err = __connman_iptables_append(table, chain, rule); + err = __connman_iptables_append(AF_INET, table, chain, rule); break; case IPTABLES_COMMAND_INSERT: - err = __connman_iptables_insert(table, chain, rule); + err = __connman_iptables_insert(AF_INET, table, chain, rule); break; case IPTABLES_COMMAND_DELETE: - err = __connman_iptables_delete(table, chain, rule); + err = __connman_iptables_delete(AF_INET, table, chain, rule); break; case IPTABLES_COMMAND_POLICY: - err = __connman_iptables_change_policy(table, chain, rule); + err = __connman_iptables_change_policy(AF_INET, table, chain, + rule); break; case IPTABLES_COMMAND_CHAIN_INSERT: - err = __connman_iptables_new_chain(table, chain); + err = __connman_iptables_new_chain(AF_INET, table, chain); break; case IPTABLES_COMMAND_CHAIN_DELETE: - err = __connman_iptables_delete_chain(table, chain); + err = __connman_iptables_delete_chain(AF_INET, table, chain); break; case IPTABLES_COMMAND_CHAIN_FLUSH: - err = __connman_iptables_flush_chain(table, chain); + err = __connman_iptables_flush_chain(AF_INET, table, chain); break; case IPTABLES_COMMAND_DUMP: __connman_log_init(argv[0], "*", false, false, "iptables-test", "1"); - err = __connman_iptables_dump(table); + err = __connman_iptables_dump(AF_INET, table); break; case IPTABLES_COMMAND_UNKNOWN: printf("Missing command\n"); @@ -147,7 +148,7 @@ out: exit(err); } - err = __connman_iptables_commit(table); + err = __connman_iptables_commit(AF_INET, table); if (err < 0) { printf("Failed to commit changes: %s\n", strerror(-err)); exit(err); diff --git a/tools/iptables-unit.c b/tools/iptables-unit.c index 426631a0..b91591f2 100755 --- a/tools/iptables-unit.c +++ b/tools/iptables-unit.c @@ -28,14 +28,24 @@ #include "../src/connman.h" -static bool assert_rule(const char *table_name, const char *rule) +static bool assert_rule(int type, const char *table_name, const char *rule) { char *cmd, *output, **lines; GError **error = NULL; int i; bool ret = true; - cmd = g_strdup_printf(IPTABLES_SAVE " -t %s", table_name); + switch (type) { + case AF_INET: + cmd = g_strdup_printf(IPTABLES_SAVE " -t %s", table_name); + break; + case AF_INET6: + cmd = g_strdup_printf(IP6TABLES_SAVE " -t %s", table_name); + break; + default: + return false; + } + g_spawn_command_line_sync(cmd, &output, NULL, NULL, error); g_free(cmd); @@ -57,67 +67,87 @@ static bool assert_rule(const char *table_name, const char *rule) return ret; } -static void assert_rule_exists(const char *table_name, const char *rule) +static void assert_rule_exists(int type, const char *table_name, + const char *rule) { - if (g_strcmp0(IPTABLES_SAVE, "") == 0) { - DBG("iptables-save is missing, no assertion possible"); - return; + if (type == AF_INET) { + if (g_strcmp0(IPTABLES_SAVE, "") == 0) { + DBG("iptables-save is missing, no assertion possible"); + return; + } } - g_assert(assert_rule(table_name, rule)); + if (type == AF_INET6) { + if (g_strcmp0(IP6TABLES_SAVE, "") == 0) { + DBG("ip6tables-save is missing, no assertion possible"); + return; + } + } + + g_assert(assert_rule(type, table_name, rule)); } -static void assert_rule_not_exists(const char *table_name, const char *rule) +static void assert_rule_not_exists(int type, const char *table_name, + const char *rule) { - if (g_strcmp0(IPTABLES_SAVE, "") == 0) { - DBG("iptables-save is missing, no assertion possible"); - return; + if (type == AF_INET) { + if (g_strcmp0(IPTABLES_SAVE, "") == 0) { + DBG("iptables-save is missing, no assertion possible"); + return; + } + } + + if (type == AF_INET6) { + if (g_strcmp0(IP6TABLES_SAVE, "") == 0) { + DBG("ip6tables-save is missing, no assertion possible"); + return; + } } - g_assert(!assert_rule(table_name, rule)); + g_assert(!assert_rule(type, table_name, rule)); } static void test_iptables_chain0(void) { int err; - err = __connman_iptables_new_chain("filter", "foo"); + err = __connman_iptables_new_chain(AF_INET, "filter", "foo"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", ":foo - [0:0]"); + assert_rule_exists(AF_INET, "filter", ":foo - [0:0]"); - err = __connman_iptables_delete_chain("filter", "foo"); + err = __connman_iptables_delete_chain(AF_INET, "filter", "foo"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_not_exists("filter", ":foo - [0:0]"); + assert_rule_not_exists(AF_INET, "filter", ":foo - [0:0]"); } static void test_iptables_chain1(void) { int err; - err = __connman_iptables_new_chain("filter", "foo"); + err = __connman_iptables_new_chain(AF_INET, "filter", "foo"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - err = __connman_iptables_flush_chain("filter", "foo"); + err = __connman_iptables_flush_chain(AF_INET, "filter", "foo"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - err = __connman_iptables_delete_chain("filter", "foo"); + err = __connman_iptables_delete_chain(AF_INET, "filter", "foo"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); } @@ -125,16 +155,16 @@ static void test_iptables_chain2(void) { int err; - err = __connman_iptables_change_policy("filter", "INPUT", "DROP"); + err = __connman_iptables_change_policy(AF_INET, "filter", "INPUT", "DROP"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - err = __connman_iptables_change_policy("filter", "INPUT", "ACCEPT"); + err = __connman_iptables_change_policy(AF_INET, "filter", "INPUT", "ACCEPT"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); } @@ -142,39 +172,39 @@ static void test_iptables_chain3(void) { int err; - err = __connman_iptables_new_chain("filter", "user-chain-0"); + err = __connman_iptables_new_chain(AF_INET, "filter", "user-chain-0"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", ":user-chain-0 - [0:0]"); + assert_rule_exists(AF_INET, "filter", ":user-chain-0 - [0:0]"); - err = __connman_iptables_new_chain("filter", "user-chain-1"); + err = __connman_iptables_new_chain(AF_INET, "filter", "user-chain-1"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", ":user-chain-0 - [0:0]"); - assert_rule_exists("filter", ":user-chain-1 - [0:0]"); + assert_rule_exists(AF_INET, "filter", ":user-chain-0 - [0:0]"); + assert_rule_exists(AF_INET, "filter", ":user-chain-1 - [0:0]"); - err = __connman_iptables_delete_chain("filter", "user-chain-1"); + err = __connman_iptables_delete_chain(AF_INET, "filter", "user-chain-1"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", ":user-chain-0 - [0:0]"); - assert_rule_not_exists("filter", ":user-chain-1 - [0:0]"); + assert_rule_exists(AF_INET, "filter", ":user-chain-0 - [0:0]"); + assert_rule_not_exists(AF_INET, "filter", ":user-chain-1 - [0:0]"); - err = __connman_iptables_delete_chain("filter", "user-chain-0"); + err = __connman_iptables_delete_chain(AF_INET, "filter", "user-chain-0"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_not_exists("filter", ":user-chain-0 - [0:0]"); + assert_rule_not_exists(AF_INET, "filter", ":user-chain-0 - [0:0]"); } static void test_iptables_rule0(void) @@ -183,24 +213,24 @@ static void test_iptables_rule0(void) /* Test simple appending and removing a rule */ - err = __connman_iptables_append("filter", "INPUT", + err = __connman_iptables_append(AF_INET, "filter", "INPUT", "-m mark --mark 1 -j LOG"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", + assert_rule_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x1 -j LOG"); - err = __connman_iptables_delete("filter", "INPUT", + err = __connman_iptables_delete(AF_INET, "filter", "INPUT", "-m mark --mark 1 -j LOG"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_not_exists("filter", + assert_rule_not_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x1 -j LOG"); } @@ -210,22 +240,22 @@ static void test_iptables_rule1(void) /* Test if we can do NAT stuff */ - err = __connman_iptables_append("nat", "POSTROUTING", + err = __connman_iptables_append(AF_INET, "nat", "POSTROUTING", "-s 10.10.1.0/24 -o eth0 -j MASQUERADE"); - err = __connman_iptables_commit("nat"); + err = __connman_iptables_commit(AF_INET, "nat"); g_assert(err == 0); - assert_rule_exists("nat", + assert_rule_exists(AF_INET, "nat", "-A POSTROUTING -s 10.10.1.0/24 -o eth0 -j MASQUERADE"); - err = __connman_iptables_delete("nat", "POSTROUTING", + err = __connman_iptables_delete(AF_INET, "nat", "POSTROUTING", "-s 10.10.1.0/24 -o eth0 -j MASQUERADE"); - err = __connman_iptables_commit("nat"); + err = __connman_iptables_commit(AF_INET, "nat"); g_assert(err == 0); - assert_rule_not_exists("nat", + assert_rule_not_exists(AF_INET, "nat", "-A POSTROUTING -s 10.10.1.0/24 -o eth0 -j MASQUERADE"); } @@ -235,48 +265,48 @@ static void test_iptables_rule2(void) /* Test if the right rule is removed */ - err = __connman_iptables_append("filter", "INPUT", + err = __connman_iptables_append(AF_INET, "filter", "INPUT", "-m mark --mark 1 -j LOG"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", + assert_rule_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x1 -j LOG"); - err = __connman_iptables_append("filter", "INPUT", + err = __connman_iptables_append(AF_INET, "filter", "INPUT", "-m mark --mark 2 -j LOG"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", + assert_rule_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x1 -j LOG"); - assert_rule_exists("filter", + assert_rule_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x2 -j LOG"); - err = __connman_iptables_delete("filter", "INPUT", + err = __connman_iptables_delete(AF_INET, "filter", "INPUT", "-m mark --mark 2 -j LOG"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_exists("filter", + assert_rule_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x1 -j LOG"); - assert_rule_not_exists("filter", + assert_rule_not_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x2 -j LOG"); - err = __connman_iptables_delete("filter", "INPUT", + err = __connman_iptables_delete(AF_INET, "filter", "INPUT", "-m mark --mark 1 -j LOG"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET, "filter"); g_assert(err == 0); - assert_rule_not_exists("filter", + assert_rule_not_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x1 -j LOG"); } @@ -286,39 +316,309 @@ static void test_iptables_target0(void) /* Test if 'fallthrough' targets work */ - err = __connman_iptables_append("filter", "INPUT", + err = __connman_iptables_append(AF_INET, "filter", "INPUT", + "-m mark --mark 1"); + g_assert(err == 0); + + err = __connman_iptables_append(AF_INET, "filter", "INPUT", + "-m mark --mark 2"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x1"); + assert_rule_exists(AF_INET, "filter", "-A INPUT -m mark --mark 0x2"); + + err = __connman_iptables_delete(AF_INET, "filter", "INPUT", + "-m mark --mark 1"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET, "filter"); + g_assert(err == 0); + + err = __connman_iptables_delete(AF_INET, "filter", "INPUT", + "-m mark --mark 2"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET, "filter"); + g_assert(err == 0); + + assert_rule_not_exists(AF_INET, "filter", + "-A INPUT -m mark --mark 0x1"); + assert_rule_not_exists(AF_INET, "filter", + "-A INPUT -m mark --mark 0x2"); +} + +static void test_ip6tables_chain0(void) +{ + int err; + + err = __connman_iptables_new_chain(AF_INET6, "filter", "foo"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", ":foo - [0:0]"); + + err = __connman_iptables_delete_chain(AF_INET6, "filter", "foo"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_not_exists(AF_INET6, "filter", ":foo - [0:0]"); +} + +static void test_ip6tables_chain1(void) +{ + int err; + + err = __connman_iptables_new_chain(AF_INET6, "filter", "foo"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + err = __connman_iptables_flush_chain(AF_INET6, "filter", "foo"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + err = __connman_iptables_delete_chain(AF_INET6, "filter", "foo"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); +} + +static void test_ip6tables_chain2(void) +{ + int err; + + err = __connman_iptables_change_policy(AF_INET6, "filter", "INPUT", + "DROP"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + err = __connman_iptables_change_policy(AF_INET6, "filter", "INPUT", + "ACCEPT"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); +} + +static void test_ip6tables_chain3(void) +{ + int err; + + err = __connman_iptables_new_chain(AF_INET6, "filter", "user-chain-0"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", ":user-chain-0 - [0:0]"); + + err = __connman_iptables_new_chain(AF_INET6, "filter", "user-chain-1"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", ":user-chain-0 - [0:0]"); + assert_rule_exists(AF_INET6, "filter", ":user-chain-1 - [0:0]"); + + err = __connman_iptables_delete_chain(AF_INET6, "filter", + "user-chain-1"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", ":user-chain-0 - [0:0]"); + assert_rule_not_exists(AF_INET6, "filter", ":user-chain-1 - [0:0]"); + + err = __connman_iptables_delete_chain(AF_INET6, "filter", + "user-chain-0"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_not_exists(AF_INET6, "filter", ":user-chain-0 - [0:0]"); +} + +static void test_ip6tables_rule0(void) +{ + int err; + + /* Test simple appending and removing a rule */ + + err = __connman_iptables_append(AF_INET6, "filter", "INPUT", + "-m mark --mark 1 -j LOG"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x1 -j LOG"); + + err = __connman_iptables_delete(AF_INET6, "filter", "INPUT", + "-m mark --mark 1 -j LOG"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_not_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x1 -j LOG"); +} + +static void test_ip6tables_rule1(void) +{ + int err; + + /* Test if the right rule is removed */ + + err = __connman_iptables_append(AF_INET6, "filter", "INPUT", + "-m mark --mark 1 -j LOG"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x1 -j LOG"); + + err = __connman_iptables_append(AF_INET6, "filter", "INPUT", + "-m mark --mark 2 -j LOG"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x1 -j LOG"); + assert_rule_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x2 -j LOG"); + + err = __connman_iptables_delete(AF_INET6, "filter", "INPUT", + "-m mark --mark 2 -j LOG"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x1 -j LOG"); + assert_rule_not_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x2 -j LOG"); + + err = __connman_iptables_delete(AF_INET6, "filter", "INPUT", + "-m mark --mark 1 -j LOG"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + g_assert(err == 0); + + assert_rule_not_exists(AF_INET6, "filter", + "-A INPUT -m mark --mark 0x1 -j LOG"); +} + +static void test_ip6tables_rule2(void) +{ + int err; + + err = __connman_iptables_append(AF_INET6, "filter", "INPUT", + "-p icmpv6 -m icmpv6 " + "--icmpv6-type 128/0 -j DROP"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", "-A INPUT -p ipv6-icmp " + "-m icmp6 --icmpv6-type 128/0 -j DROP"); + + err = __connman_iptables_append(AF_INET6, "filter", "OUTPUT", + "-p icmpv6 -m icmpv6 " + "--icmpv6-type 129/0 -j DROP"); + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + + g_assert(err == 0); + + assert_rule_exists(AF_INET6, "filter", "-A OUTPUT -p ipv6-icmp " + "-m icmp6 --icmpv6-type 129/0 -j DROP"); + + err = __connman_iptables_delete(AF_INET6, "filter", "INPUT", + "-p icmpv6 -m icmpv6 " + "--icmpv6-type 128/0 -j DROP"); + + g_assert(err == 0); + + err = __connman_iptables_delete(AF_INET6, "filter", "OUTPUT", + "-p icmpv6 -m icmpv6 " + "--icmpv6-type 129/0 -j DROP"); + + g_assert(err == 0); + + err = __connman_iptables_commit(AF_INET6, "filter"); + + g_assert(err == 0); + +} + +static void test_ip6tables_target0(void) +{ + int err; + + /* Test if 'fallthrough' targets work */ + + err = __connman_iptables_append(AF_INET6, "filter", "INPUT", "-m mark --mark 1"); g_assert(err == 0); - err = __connman_iptables_append("filter", "INPUT", + err = __connman_iptables_append(AF_INET6, "filter", "INPUT", "-m mark --mark 2"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET6, "filter"); g_assert(err == 0); - assert_rule_exists("filter", "-A INPUT -m mark --mark 0x1"); - assert_rule_exists("filter", "-A INPUT -m mark --mark 0x2"); + assert_rule_exists(AF_INET6, "filter", "-A INPUT -m mark --mark 0x1"); + assert_rule_exists(AF_INET6, "filter", "-A INPUT -m mark --mark 0x2"); - err = __connman_iptables_delete("filter", "INPUT", + err = __connman_iptables_delete(AF_INET6, "filter", "INPUT", "-m mark --mark 1"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET6, "filter"); g_assert(err == 0); - err = __connman_iptables_delete("filter", "INPUT", + err = __connman_iptables_delete(AF_INET6, "filter", "INPUT", "-m mark --mark 2"); g_assert(err == 0); - err = __connman_iptables_commit("filter"); + err = __connman_iptables_commit(AF_INET6, "filter"); g_assert(err == 0); - assert_rule_not_exists("filter", "-A INPUT -m mark --mark 0x1"); - assert_rule_not_exists("filter", "-A INPUT -m mark --mark 0x2"); + assert_rule_not_exists(AF_INET6, "filter", "-A INPUT " + "-m mark --mark 0x1"); + assert_rule_not_exists(AF_INET6, "filter", "-A INPUT " + "-m mark --mark 0x2"); } -struct connman_notifier *nat_notifier; +const struct connman_notifier *nat_notifier; struct connman_service { char *dummy; @@ -329,14 +629,14 @@ char *connman_service_get_interface(struct connman_service *service) return "eth0"; } -int connman_notifier_register(struct connman_notifier *notifier) +int connman_notifier_register(const struct connman_notifier *notifier) { nat_notifier = notifier; return 0; } -void connman_notifier_unregister(struct connman_notifier *notifier) +void connman_notifier_unregister(const struct connman_notifier *notifier) { nat_notifier = NULL; } @@ -349,24 +649,24 @@ static void test_nat_basic0(void) g_assert(err == 0); /* test that table is empty */ - err = __connman_iptables_append("nat", "POSTROUTING", + err = __connman_iptables_append(AF_INET, "nat", "POSTROUTING", "-s 192.168.2.1/24 -o eth0 -j MASQUERADE"); g_assert(err == 0); - err = __connman_iptables_commit("nat"); + err = __connman_iptables_commit(AF_INET, "nat"); g_assert(err == 0); - assert_rule_exists("nat", + assert_rule_exists(AF_INET, "nat", "-A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE"); - err = __connman_iptables_delete("nat", "POSTROUTING", + err = __connman_iptables_delete(AF_INET, "nat", "POSTROUTING", "-s 192.168.2.1/24 -o eth0 -j MASQUERADE"); g_assert(err == 0); - err = __connman_iptables_commit("nat"); + err = __connman_iptables_commit(AF_INET, "nat"); g_assert(err == 0); - assert_rule_not_exists("nat", + assert_rule_not_exists(AF_INET, "nat", "-A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE"); __connman_nat_disable("bridge"); @@ -386,21 +686,21 @@ static void test_nat_basic1(void) g_assert(err == 0); /* test that table is not empty */ - err = __connman_iptables_append("nat", "POSTROUTING", + err = __connman_iptables_append(AF_INET, "nat", "POSTROUTING", "-s 192.168.2.1/24 -o eth0 -j MASQUERADE"); g_assert(err == 0); - err = __connman_iptables_commit("nat"); + err = __connman_iptables_commit(AF_INET, "nat"); g_assert(err == 0); __connman_nat_disable("bridge"); /* test that table is empty again */ - err = __connman_iptables_delete("nat", "POSTROUTING", + err = __connman_iptables_delete(AF_INET, "nat", "POSTROUTING", "-s 192.168.2.1/24 -o eth0 -j MASQUERADE"); g_assert(err == 0); - err = __connman_iptables_commit("nat"); + err = __connman_iptables_commit(AF_INET, "nat"); g_assert(err == 0); g_free(service); @@ -462,6 +762,14 @@ int main(int argc, char *argv[]) g_test_add_func("/iptables/rule1", test_iptables_rule1); g_test_add_func("/iptables/rule2", test_iptables_rule2); g_test_add_func("/iptables/target0", test_iptables_target0); + g_test_add_func("/ip6tables/chain0", test_ip6tables_chain0); + g_test_add_func("/ip6tables/chain1", test_ip6tables_chain1); + g_test_add_func("/ip6tables/chain2", test_ip6tables_chain2); + g_test_add_func("/ip6tables/chain3", test_ip6tables_chain3); + g_test_add_func("/ip6tables/rule0", test_ip6tables_rule0); + g_test_add_func("/ip6tables/rule1", test_ip6tables_rule1); + g_test_add_func("/ip6tables/rule2", test_ip6tables_rule2); + g_test_add_func("/ip6tables/target0", test_ip6tables_target0); g_test_add_func("/nat/basic0", test_nat_basic0); g_test_add_func("/nat/basic1", test_nat_basic1); diff --git a/tools/private-network-test.c b/tools/private-network-test.c index 3dd115ba..2828bb30 100755 --- a/tools/private-network-test.c +++ b/tools/private-network-test.c @@ -32,7 +32,7 @@ #include <stdlib.h> #include <string.h> #include <signal.h> -#include <sys/poll.h> +#include <poll.h> #include <sys/signalfd.h> #include <unistd.h> diff --git a/tools/resolv-test.c b/tools/resolv-test.c index 8953acd3..1aad2841 100755 --- a/tools/resolv-test.c +++ b/tools/resolv-test.c @@ -63,6 +63,8 @@ static const char *status2str(GResolvResultStatus status) return "not implemented"; case G_RESOLV_RESULT_STATUS_REFUSED: return "refused"; + case G_RESOLV_RESULT_STATUS_NO_ANSWER: + return "no answer"; } return NULL; diff --git a/tools/session-api.c b/tools/session-api.c index b97cfc01..e869d190 100755 --- a/tools/session-api.c +++ b/tools/session-api.c @@ -158,35 +158,55 @@ static DBusMessage *notify_update(DBusConnection *conn, const char *val; dbus_message_iter_get_basic(&value, &val); - if (info->bearer) - g_free(info->bearer); - + g_free(info->bearer); info->bearer = g_strdup(val); } else if (g_str_equal(key, "Name")) { const char *val; dbus_message_iter_get_basic(&value, &val); - if (info->name) - g_free(info->name); - + g_free(info->name); info->name = g_strdup(val); } else if (g_str_equal(key, "Interface")) { const char *val; dbus_message_iter_get_basic(&value, &val); - if (info->interface) - g_free(info->interface); - + g_free(info->interface); info->interface = g_strdup(val); - } else if (g_str_equal(key, "ConnectionType") - ) { + } else if (g_str_equal(key, "ConnectionType")) { const char *val; dbus_message_iter_get_basic(&value, &val); info->type = string2type(val); + + } else if (g_str_equal(key, "Allowedinterface")) { + const char *val; + dbus_message_iter_get_basic(&value, &val); + + g_free(info->allowed_interface); + info->allowed_interface = g_strdup(val); + + } else if (g_str_equal(key, "ContextIdentifier")) { + const char *val; + dbus_message_iter_get_basic(&value, &val); + + g_free(info->context_identifier); + info->context_identifier = g_strdup(val); + + } else { + g_assert(FALSE); + return __connman_error_invalid_arguments(msg); + } + break; + case DBUS_TYPE_BOOLEAN: + if (g_str_equal(key, "SourceIPRule")) { + dbus_bool_t val; + dbus_message_iter_get_basic(&value, &val); + + info->source_ip_rule = val; + } else { g_assert(FALSE); return __connman_error_invalid_arguments(msg); diff --git a/tools/session-test.h b/tools/session-test.h index 85129337..2c068bd7 100755 --- a/tools/session-test.h +++ b/tools/session-test.h @@ -76,6 +76,9 @@ struct test_session_info { enum connman_session_type type; /* ipv4, ipv6 dicts */ GSList *allowed_bearers; + char *allowed_interface; + bool source_ip_rule; + char *context_identifier; }; struct test_session { diff --git a/tools/session-utils.c b/tools/session-utils.c index 51cec5c3..47f0de1f 100755 --- a/tools/session-utils.c +++ b/tools/session-utils.c @@ -192,7 +192,7 @@ struct test_data_cb { util_test_func_t teardown; }; -static void run_test_cb(gconstpointer data) +static void run_test_cb(gpointer fixture, gconstpointer data) { const struct test_data_cb *cbd = data; struct test_fix *fix; @@ -211,7 +211,7 @@ static void run_test_cb(gconstpointer data) g_test_trap_assert_passed(); #else - util_call(fix, func, NULL); + util_call(fix, cbd->func, NULL); g_main_loop_run(fix->main_loop); #endif @@ -221,6 +221,13 @@ static void run_test_cb(gconstpointer data) cleanup_fix(fix); } +static void cleanup_test_cb(gpointer fixture, gconstpointer data) +{ + struct test_data_cb *cbd = (void *)data; + + g_free(cbd); +} + void util_test_add(const char *test_name, util_test_func_t test_func, util_test_func_t setup, util_test_func_t teardown) { @@ -230,9 +237,7 @@ void util_test_add(const char *test_name, util_test_func_t test_func, cbd->setup = setup; cbd->teardown = teardown; - g_test_add_vtable(test_name, 0, cbd, NULL, - (GTestFixtureFunc) run_test_cb, - (GTestFixtureFunc) g_free); + g_test_add_vtable(test_name, 0, cbd, NULL, run_test_cb, cleanup_test_cb); } void util_session_create(struct test_fix *fix, unsigned int max_sessions) @@ -304,6 +309,8 @@ void util_session_cleanup(struct test_session *session) g_slist_foreach(session->info->allowed_bearers, bearer_info_cleanup, NULL); g_slist_free(session->info->allowed_bearers); + g_free(session->info->allowed_interface); + g_free(session->info->context_identifier); session->notify = NULL; g_free(session->notify_path); diff --git a/tools/stats-tool.c b/tools/stats-tool.c index efa39de2..5695048f 100755 --- a/tools/stats-tool.c +++ b/tools/stats-tool.c @@ -22,7 +22,6 @@ #include <config.h> #endif -#define _GNU_SOURCE #include <sys/mman.h> #include <sys/types.h> #include <sys/stat.h> diff --git a/tools/tap-test.c b/tools/tap-test.c index fdc098aa..cb3ee622 100755 --- a/tools/tap-test.c +++ b/tools/tap-test.c @@ -23,13 +23,12 @@ #include <config.h> #endif -#define _GNU_SOURCE #include <stdio.h> #include <errno.h> #include <fcntl.h> #include <unistd.h> #include <string.h> -#include <sys/poll.h> +#include <poll.h> #include <sys/ioctl.h> #include <netinet/in.h> diff --git a/tools/wispr.c b/tools/wispr.c index d5f9341f..e56dfc16 100755 --- a/tools/wispr.c +++ b/tools/wispr.c @@ -23,7 +23,6 @@ #include <config.h> #endif -#define _GNU_SOURCE #include <stdio.h> #include <fcntl.h> #include <unistd.h> |