+static void test_iptables_chain0(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain1(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_flush_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain2(void)
+{
+ int err;
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "DROP");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "ACCEPT");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule0(void)
+{
+ int err;
+
+ /* Test simple appending and removing a rule */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+
+static void test_iptables_rule1(void)
+{
+ int err;
+
+ /* Test if we can do NAT stuff */
+
+ err = __connman_iptables_append("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule2(void)
+{
+ int err;
+
+ /* Test if the right rule is removed */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+