From: Daniel Wagner <[email protected]>
Unit tests are suppessed to be run during 'make distcheck' but
iptables-unit needs to be run with root rights.
---
Makefile.am | 10 +-
tools/iptables-unit.c | 327 ++++++++++++++++++++++++++++++++++++++++++++++++++
unit/test-iptables.c | 327 --------------------------------------------------
3 files changed, 332 insertions(+), 332 deletions(-)
create mode 100644 tools/iptables-unit.c
delete mode 100644 unit/test-iptables.c
diff --git a/Makefile.am b/Makefile.am
index 9fc159c..8b30275 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -267,7 +267,7 @@ noinst_PROGRAMS += tools/supplicant-test \
tools/iptables-test tools/tap-test tools/wpad-test \
tools/stats-tool tools/private-network-test \
unit/test-session unit/test-ippool \
- unit/test-iptables
+ tools/iptables-unit
tools_supplicant_test_SOURCES = $(gdbus_sources) tools/supplicant-test.c \
tools/supplicant-dbus.h tools/supplicant-dbus.c \
@@ -311,10 +311,10 @@ unit_test_ippool_SOURCES = $(gdbus_sources) src/log.c
src/dbus.c \
unit_test_ippool_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ -ldl
unit_objects += $(unit_test_ippool_OBJECTS)
-unit_test_iptables_SOURCES = $(gdbus_sources) src/log.c \
- src/iptables.c src/nat.c unit/test-iptables.c
-unit_test_iptables_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ @XTABLES_LIBS@ -ldl
-unit_objects += $(unit_test_iptables_OBJECTS)
+tools_iptables_unit_SOURCES = $(gdbus_sources) src/log.c \
+ src/iptables.c src/nat.c tools/iptables-unit.c
+tools_iptables_unit_LDADD = @GLIB_LIBS@ @DBUS_LIBS@ @XTABLES_LIBS@ -ldl
+
endif
test_scripts = test/get-state test/list-services \
diff --git a/tools/iptables-unit.c b/tools/iptables-unit.c
new file mode 100644
index 0000000..52aa919
--- /dev/null
+++ b/tools/iptables-unit.c
@@ -0,0 +1,327 @@
+/*
+ *
+ * Connection Manager
+ *
+ * Copyright (C) 2013 BWM CarIT GmbH. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <glib.h>
+
+#include "../src/connman.h"
+
+static void test_iptables_chain0(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain1(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_flush_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain2(void)
+{
+ int err;
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "DROP");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "ACCEPT");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain3(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "user-chain-0");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_new_chain("filter", "user-chain-1");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "user-chain-1");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "user-chain-0");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule0(void)
+{
+ int err;
+
+ /* Test simple appending and removing a rule */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+
+static void test_iptables_rule1(void)
+{
+ int err;
+
+ /* Test if we can do NAT stuff */
+
+ err = __connman_iptables_append("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule2(void)
+{
+ int err;
+
+ /* Test if the right rule is removed */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_target0(void)
+{
+ int err;
+
+ /* Test if 'fallthrough' targets work */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1");
+ g_assert(err == 0);
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 2");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 2");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+struct connman_notifier *nat_notifier;
+
+struct connman_service {
+ char *dummy;
+};
+
+char *connman_service_get_interface(struct connman_service *service)
+{
+ return "eth0";
+}
+
+int connman_notifier_register(struct connman_notifier *notifier)
+{
+ nat_notifier = notifier;
+
+ return 0;
+}
+
+void connman_notifier_unregister(struct connman_notifier *notifier)
+{
+ nat_notifier = NULL;
+}
+
+static void test_nat_basic0(void)
+{
+ int err;
+
+ err = __connman_nat_enable("bridge", "192.168.2.1", 24);
+ g_assert(err == 0);
+
+ /* test that table is empty */
+ err = __connman_iptables_append("nat", "POSTROUTING",
+ "-s 192.168.2.1/24 -o eth0 -j
MASQUERADE");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+
+ __connman_nat_disable("bridge");
+}
+
+static void test_nat_basic1(void)
+{
+ struct connman_service *service;
+ int err;
+
+ service = g_try_new0(struct connman_service, 1);
+ g_assert(service);
+
+ nat_notifier->default_changed(service);
+
+ err = __connman_nat_enable("bridge", "192.168.2.1", 24);
+ g_assert(err == 0);
+
+ /* test that table is not empty */
+ err = __connman_iptables_append("nat", "POSTROUTING",
+ "-s 192.168.2.1/24 -o eth0 -j
MASQUERADE");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+
+ __connman_nat_disable("bridge");
+
+ /* test that table is empty again */
+ err = __connman_iptables_delete("nat", "POSTROUTING",
+ "-s 192.168.2.1/24 -o eth0 -j
MASQUERADE");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+
+ g_free(service);
+}
+
+int main(int argc, char *argv[])
+{
+ int err;
+
+ g_test_init(&argc, &argv, NULL);
+
+ __connman_log_init(argv[0], "*", FALSE, FALSE,
+ "Unit Tests Connection Manager", VERSION);
+ __connman_iptables_init();
+ __connman_nat_init();
+
+ g_test_add_func("/iptables/chain0", test_iptables_chain0);
+ g_test_add_func("/iptables/chain1", test_iptables_chain1);
+ g_test_add_func("/iptables/chain2", test_iptables_chain2);
+ g_test_add_func("/iptables/chain3", test_iptables_chain3);
+ g_test_add_func("/iptables/rule0", test_iptables_rule0);
+ g_test_add_func("/iptables/rule1", test_iptables_rule1);
+ g_test_add_func("/iptables/rule2", test_iptables_rule2);
+ g_test_add_func("/iptables/target0", test_iptables_target0);
+ g_test_add_func("/nat/basic0", test_nat_basic0);
+ g_test_add_func("/nat/basic1", test_nat_basic1);
+
+ err = g_test_run();
+
+ __connman_nat_cleanup();
+ __connman_iptables_cleanup();
+
+ return err;
+}
diff --git a/unit/test-iptables.c b/unit/test-iptables.c
deleted file mode 100644
index 52aa919..0000000
--- a/unit/test-iptables.c
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
- *
- * Connection Manager
- *
- * Copyright (C) 2013 BWM CarIT GmbH. All rights reserved.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as
- * published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- *
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <glib.h>
-
-#include "../src/connman.h"
-
-static void test_iptables_chain0(void)
-{
- int err;
-
- err = __connman_iptables_new_chain("filter", "foo");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete_chain("filter", "foo");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-}
-
-static void test_iptables_chain1(void)
-{
- int err;
-
- err = __connman_iptables_new_chain("filter", "foo");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_flush_chain("filter", "foo");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete_chain("filter", "foo");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-}
-
-static void test_iptables_chain2(void)
-{
- int err;
-
- err = __connman_iptables_change_policy("filter", "INPUT", "DROP");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_change_policy("filter", "INPUT", "ACCEPT");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-}
-
-static void test_iptables_chain3(void)
-{
- int err;
-
- err = __connman_iptables_new_chain("filter", "user-chain-0");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_new_chain("filter", "user-chain-1");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete_chain("filter", "user-chain-1");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete_chain("filter", "user-chain-0");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-}
-
-static void test_iptables_rule0(void)
-{
- int err;
-
- /* Test simple appending and removing a rule */
-
- err = __connman_iptables_append("filter", "INPUT",
- "-m mark --mark 1 -j LOG");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete("filter", "INPUT",
- "-m mark --mark 1 -j LOG");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-}
-
-
-static void test_iptables_rule1(void)
-{
- int err;
-
- /* Test if we can do NAT stuff */
-
- err = __connman_iptables_append("nat", "POSTROUTING",
- "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
-
- err = __connman_iptables_commit("nat");
- g_assert(err == 0);
-
- err = __connman_iptables_delete("nat", "POSTROUTING",
- "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
-
- err = __connman_iptables_commit("nat");
- g_assert(err == 0);
-}
-
-static void test_iptables_rule2(void)
-{
- int err;
-
- /* Test if the right rule is removed */
-
- err = __connman_iptables_append("filter", "INPUT",
- "-m mark --mark 1 -j LOG");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_append("filter", "INPUT",
- "-m mark --mark 2 -j LOG");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete("filter", "INPUT",
- "-m mark --mark 2 -j LOG");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete("filter", "INPUT",
- "-m mark --mark 1 -j LOG");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-}
-
-static void test_iptables_target0(void)
-{
- int err;
-
- /* Test if 'fallthrough' targets work */
-
- err = __connman_iptables_append("filter", "INPUT",
- "-m mark --mark 1");
- g_assert(err == 0);
-
- err = __connman_iptables_append("filter", "INPUT",
- "-m mark --mark 2");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete("filter", "INPUT",
- "-m mark --mark 1");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-
- err = __connman_iptables_delete("filter", "INPUT",
- "-m mark --mark 2");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("filter");
- g_assert(err == 0);
-}
-
-struct connman_notifier *nat_notifier;
-
-struct connman_service {
- char *dummy;
-};
-
-char *connman_service_get_interface(struct connman_service *service)
-{
- return "eth0";
-}
-
-int connman_notifier_register(struct connman_notifier *notifier)
-{
- nat_notifier = notifier;
-
- return 0;
-}
-
-void connman_notifier_unregister(struct connman_notifier *notifier)
-{
- nat_notifier = NULL;
-}
-
-static void test_nat_basic0(void)
-{
- int err;
-
- err = __connman_nat_enable("bridge", "192.168.2.1", 24);
- g_assert(err == 0);
-
- /* test that table is empty */
- err = __connman_iptables_append("nat", "POSTROUTING",
- "-s 192.168.2.1/24 -o eth0 -j
MASQUERADE");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("nat");
- g_assert(err == 0);
-
- __connman_nat_disable("bridge");
-}
-
-static void test_nat_basic1(void)
-{
- struct connman_service *service;
- int err;
-
- service = g_try_new0(struct connman_service, 1);
- g_assert(service);
-
- nat_notifier->default_changed(service);
-
- err = __connman_nat_enable("bridge", "192.168.2.1", 24);
- g_assert(err == 0);
-
- /* test that table is not empty */
- err = __connman_iptables_append("nat", "POSTROUTING",
- "-s 192.168.2.1/24 -o eth0 -j
MASQUERADE");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("nat");
- g_assert(err == 0);
-
- __connman_nat_disable("bridge");
-
- /* test that table is empty again */
- err = __connman_iptables_delete("nat", "POSTROUTING",
- "-s 192.168.2.1/24 -o eth0 -j
MASQUERADE");
- g_assert(err == 0);
-
- err = __connman_iptables_commit("nat");
- g_assert(err == 0);
-
- g_free(service);
-}
-
-int main(int argc, char *argv[])
-{
- int err;
-
- g_test_init(&argc, &argv, NULL);
-
- __connman_log_init(argv[0], "*", FALSE, FALSE,
- "Unit Tests Connection Manager", VERSION);
- __connman_iptables_init();
- __connman_nat_init();
-
- g_test_add_func("/iptables/chain0", test_iptables_chain0);
- g_test_add_func("/iptables/chain1", test_iptables_chain1);
- g_test_add_func("/iptables/chain2", test_iptables_chain2);
- g_test_add_func("/iptables/chain3", test_iptables_chain3);
- g_test_add_func("/iptables/rule0", test_iptables_rule0);
- g_test_add_func("/iptables/rule1", test_iptables_rule1);
- g_test_add_func("/iptables/rule2", test_iptables_rule2);
- g_test_add_func("/iptables/target0", test_iptables_target0);
- g_test_add_func("/nat/basic0", test_nat_basic0);
- g_test_add_func("/nat/basic1", test_nat_basic1);
-
- err = g_test_run();
-
- __connman_nat_cleanup();
- __connman_iptables_cleanup();
-
- return err;
-}
--
1.8.1.3.566.gaa39828
_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman
