0003-arptables-verbose-output_0 1.89 KB
Newer Older
1
2
3
4
5
6
#!/bin/bash

set -e
set -x

# there is no legacy backend to test
7
[[ $XT_MULTI == *xtables-nft-multi ]] || { echo "skip $XT_MULTI"; exit 0; }
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

$XT_MULTI arptables -N foo

# check verbose output matches expectations

RULE1='-i eth23 -j ACCEPT'
VOUT1='-j ACCEPT -i eth23 -o *'

RULE2='-i eth23'
VOUT2='-i eth23 -o *'

RULE3='-i eth23 -j MARK --set-mark 42'
VOUT3='-j MARK -i eth23 -o * --set-mark 42'

RULE4='-o eth23 -j CLASSIFY --set-class 23:42'
VOUT4='-j CLASSIFY -i * -o eth23 --set-class 23:42'

RULE5='-o eth23 -j foo'
VOUT5='-j foo -i * -o eth23'

RULE6='-o eth23 -j mangle --mangle-ip-s 10.0.0.1'
VOUT6='-j mangle -i * -o eth23 --mangle-ip-s 10.0.0.1'

diff -u -Z <(echo -e "$VOUT1") <($XT_MULTI arptables -v -A INPUT $RULE1)
diff -u -Z <(echo -e "$VOUT2") <($XT_MULTI arptables -v -A INPUT $RULE2)
diff -u -Z <(echo -e "$VOUT3") <($XT_MULTI arptables -v -A INPUT $RULE3)
diff -u -Z <(echo -e "$VOUT4") <($XT_MULTI arptables -v -A OUTPUT $RULE4)
diff -u -Z <(echo -e "$VOUT5") <($XT_MULTI arptables -v -A OUTPUT $RULE5)
diff -u -Z <(echo -e "$VOUT6") <($XT_MULTI arptables -v -A foo $RULE6)

EXPECT='Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
-j ACCEPT -i eth23 -o * , pcnt=0 -- bcnt=0
-i eth23 -o * , pcnt=0 -- bcnt=0
-j MARK -i eth23 -o * --set-mark 42 , pcnt=0 -- bcnt=0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
-j CLASSIFY -i * -o eth23 --set-class 23:42 , pcnt=0 -- bcnt=0
-j foo -i * -o eth23 , pcnt=0 -- bcnt=0

Chain foo (1 references)
-j mangle -i * -o eth23 --mangle-ip-s 10.0.0.1 , pcnt=0 -- bcnt=0'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI arptables -v -n -L)

EXPECT='*filter
:INPUT ACCEPT
:OUTPUT ACCEPT
:foo -
-A INPUT -j ACCEPT -i eth23
-A INPUT -i eth23
-A INPUT -j MARK -i eth23 --set-mark 42
-A OUTPUT -j CLASSIFY -o eth23 --set-class 23:42
-A OUTPUT -j foo -o eth23
61
-A foo -j mangle -o eth23 --mangle-ip-s 10.0.0.1'
62

63
diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI arptables-save | grep -v '^#')