CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
-PROJECT(stc-iptables C)
+PROJECT(stc-iptables C CXX)
SET(PACKAGE ${PROJECT_NAME})
SET(INTERFACES "${CMAKE_SOURCE_DIR}/interfaces")
ADD_SUBDIRECTORY(src)
ADD_SUBDIRECTORY(test)
+
+IF(BUILD_GTESTS)
+ ADD_SUBDIRECTORY(unittest)
+ENDIF(BUILD_GTESTS)
#include "generated-code.h"
#define STC_IPTABLES_DBUS_SERVICE "net.stc.iptables"
+#define STC_IPTABLES_DBUS_MANAGER_INTERFACE STC_IPTABLES_DBUS_SERVICE ".manager"
#define STC_IPTABLES_DBUS_RULE_INTERFACE STC_IPTABLES_DBUS_SERVICE ".rule"
#define STC_IPTABLES_DBUS_CHAIN_INTERFACE STC_IPTABLES_DBUS_SERVICE ".chain"
+#define STC_IPTABLES_DBUS_SERVICE_MANAGER_PATH "/net/stc/iptables/manager"
#define STC_IPTABLES_DBUS_SERVICE_RULE_PATH "/net/stc/iptables/rule"
#define STC_IPTABLES_DBUS_SERVICE_CHAIN_PATH "/net/stc/iptables/chain"
STC_ERROR_NONE = 0 /**< Successful */
} stc_error_e;
+gboolean handle_iptables_stop(StcManager *object,
+ GDBusMethodInvocation *invocation);
+
/* iptables */
gboolean handle_iptables_add_rule(StcRule *object,
GDBusMethodInvocation *invocation,
typedef struct {
GMainLoop *main_loop;
+ gpointer manager_obj;
gpointer rule_obj;
gpointer chain_obj;
} stc_iptables_s;
stc_iptables_s *stc_get_iptables(void);
+void stc_stop_iptables(void);
#endif /* __STC_IPTABLES_H__ */
<method name='Init'>
</method>
</interface>
+ <interface name="net.stc.iptables.manager">
+ <method name='Stop'>
+ <arg type='i' name='error_code' direction='out'/>
+ </method>
+ </interface>
<interface name="net.stc.iptables.rule">
<method name='IptAddRule'>
<arg type='a{sv}' name='rules' direction='in'/>
Name: stc-iptables
Summary: STC(Smart Traffic Control) iptables
-Version: 0.0.10
+Version: 0.0.11
Release: 0
Group: Network & Connectivity/Other
License: GPL-2.0+
BuildRequires: pkgconfig(libiptc)
BuildRequires: pkgconfig(libip6tc)
+%if 0%{?gtests:1}
+BuildRequires: pkgconfig(dlog)
+BuildRequires: pkgconfig(gmock)
+%endif
+
%description
A smart traffic control iptables to manage iptables rules using libiptc
%cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DBIN_DIR=%{_bindir} \
-DLIB_PATH=%{_lib} \
+ -DBUILD_GTESTS=%{?gtests:1}%{!?gtests:0} \
+ -DBUILD_GCOV=%{?gcov:1}%{!?gcov:0}
make %{?_smp_mflags}
#Test
%{_bindir}/stc_ipt_test
%attr(755,root,root) %{_bindir}/stc_ipt_test
+
+%if 0%{?gtests:1}
+%{_bindir}/gtest*
+%endif
SET(SRCS ${SRCS} ${SOURCE_SRCS} ${HELPER_SRCS})
SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fpic -Wall -Werror-implicit-function-declaration -fvisibility=hidden")
+IF(BUILD_GTESTS)
+SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fpic -Wall -Werror-implicit-function-declaration")
+SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -fprofile-arcs -ftest-coverage")
+ELSE(BUILD_GTESTS)
+SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -fpic -Wall -Werror-implicit-function-declaration -fvisibility=hidden")
SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
+ENDIF(BUILD_GTESTS)
SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -pie")
+IF(BUILD_GTESTS)
+ ADD_DEFINITIONS(-DTIZEN_GTESTS)
+ENDIF(BUILD_GTESTS)
+
ADD_CUSTOM_COMMAND(
WORKING_DIRECTORY
OUTPUT ${SOURCE_DIR}/generated-code.c
unsigned int size_match = 0;
if (!rule->chain) {
- STC_LOGE("Invalid parameters");
- return STC_ERROR_INVALID_PARAMETER;
+ STC_LOGE("Invalid parameters"); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
}
e = (ip6t_entry_t *)(entry);
memset(&(e->ipv6.outiface_mask), 0xFF, IFNAMSIZ);
break;
default:
- STC_LOGE("Invalid parameter");
- return STC_ERROR_INVALID_PARAMETER;
+ STC_LOGE("Invalid parameter"); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
}
}
const char *chain = rule->chain;
if (__create_entry_data(entry, mask, rule) != 0) {
- STC_LOGE("Failed to create entry");
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to create entry"); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
handle = ip6tc_init(IP6TC_TABLE);
if (handle == NULL) {
- STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_is_chain(chain, handle)) {
- STC_LOGW("chain not present [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("chain not present [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (ip6tc_check_entry(chain, (const ip6t_entry_t *)entry, mask, handle)) {
- STC_LOGW("Entry already present");
- ip6tc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("Entry already present"); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
if (!ip6tc_append_entry(chain, (const ip6t_entry_t *)entry, handle)) {
- STC_LOGW("ip6tc_append_entry failed [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("ip6tc_append_entry failed [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_commit(handle)) {
- STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
ip6tc_free(handle);
const char *chain = rule->chain;
if (__create_entry_data(entry, mask, rule) != 0) {
- STC_LOGE("Failed to create entry");
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to create entry"); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
handle = ip6tc_init(IP6TC_TABLE);
if (handle == NULL) {
- STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_is_chain(chain, handle)) {
- STC_LOGW("chain not present [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("chain not present [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_delete_entry(chain, (const ip6t_entry_t *)entry, mask, handle)) {
- STC_LOGW("ip6tc_delete_entry failed [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("ip6tc_delete_entry failed [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
if (!ip6tc_commit(handle)) {
- STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
ip6tc_free(handle);
handle = ip6tc_init(IP6TC_TABLE);
if (handle == NULL) {
- STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (ip6tc_is_chain(chain, handle)) {
- STC_LOGW("chain already exists");
- ip6tc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("chain already exists"); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
if (!ip6tc_create_chain(chain, handle)) {
- STC_LOGE("Failed to create chaing [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to create chaing [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_commit(handle)) {
- STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
ip6tc_free(handle);
handle = ip6tc_init(IP6TC_TABLE);
if (handle == NULL) {
- STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_is_chain(chain, handle)) {
- STC_LOGW("chain not present");
- ip6tc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("chain not present"); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
ip6tc_flush_entries(chain, handle);
if (!ip6tc_delete_chain(chain, handle)) {
- STC_LOGE("Failed to delete chain [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to delete chain [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_commit(handle)) {
- STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
ip6tc_free(handle);
handle = ip6tc_init(IP6TC_TABLE);
if (handle == NULL) {
- STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("ip6tc_init failed [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_is_chain(chain, handle)) {
- STC_LOGW("chain not present");
- ip6tc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("chain not present"); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
if(!ip6tc_flush_entries(chain, handle)) {
- STC_LOGE("Failed to flush chain [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to flush chain [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!ip6tc_commit(handle)) {
- STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno));
- ip6tc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to ip6tc_commit [%s]", ip6tc_strerror(errno)); //LCOV_EXCL_LINE
+ ip6tc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
ip6tc_free(handle);
unsigned int size_match = 0;
if (!rule->chain) {
- STC_LOGE("Invalid parameters");
- return STC_ERROR_INVALID_PARAMETER;
+ STC_LOGE("Invalid parameters"); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
}
e = (ipt_entry_t *)(entry);
memset(&(e->ip.outiface_mask), 0xFF, IFNAMSIZ);
break;
default:
- STC_LOGE("Invalid parameter");
- return STC_ERROR_INVALID_PARAMETER;
+ STC_LOGE("Invalid parameter"); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_PARAMETER; //LCOV_EXCL_LINE
}
}
const char *chain = rule->chain;
if (__create_entry_data(entry, mask, rule) != 0) {
- STC_LOGE("Failed to create entry");
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to create entry"); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
handle = iptc_init(IPTC_TABLE);
if (handle == NULL) {
- STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_is_chain(chain, handle)) {
- STC_LOGW("chain not present [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("chain not present [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (iptc_check_entry(chain, (const ipt_entry_t *)entry, mask, handle)) {
- STC_LOGW("Entry already present");
- iptc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("Entry already present"); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
if (!iptc_append_entry(chain, (const ipt_entry_t *)entry, handle)) {
- STC_LOGW("iptc_append_entry failed [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("iptc_append_entry failed [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_commit(handle)) {
- STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
iptc_free(handle);
const char *chain = rule->chain;
if (__create_entry_data(entry, mask, rule) != 0) {
- STC_LOGE("Failed to create entry");
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to create entry"); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
handle = iptc_init(IPTC_TABLE);
if (handle == NULL) {
- STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_is_chain(chain, handle)) {
- STC_LOGW("chain not present [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("chain not present [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_delete_entry(chain, (const ipt_entry_t *)entry, mask, handle)) {
- STC_LOGW("iptc_delete_entry failed [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGW("iptc_delete_entry failed [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
if (!iptc_commit(handle)) {
- STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
iptc_free(handle);
handle = iptc_init(IPTC_TABLE);
if (handle == NULL) {
- STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (iptc_is_chain(chain, handle)) {
- STC_LOGW("chain already exists");
- iptc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("chain already exists"); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
if (!iptc_create_chain(chain, handle)) {
- STC_LOGE("Failed to create chaing [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to create chaing [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_commit(handle)) {
- STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
iptc_free(handle);
handle = iptc_init(IPTC_TABLE);
if (handle == NULL) {
- STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_is_chain(chain, handle)) {
- STC_LOGW("chain not present");
- iptc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("chain not present"); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
iptc_flush_entries(chain, handle);
if (!iptc_delete_chain(chain, handle)) {
- STC_LOGE("Failed to delete chain [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to delete chain [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_commit(handle)) {
- STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
iptc_free(handle);
handle = iptc_init(IPTC_TABLE);
if (handle == NULL) {
- STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno));
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("iptc_init failed [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_is_chain(chain, handle)) {
- STC_LOGW("chain not present");
- iptc_free(handle);
- return STC_ERROR_NONE;
+ STC_LOGW("chain not present"); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_NONE; //LCOV_EXCL_LINE
}
if (!iptc_flush_entries(chain, handle)) {
- STC_LOGE("Failed to flush chain [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to flush chain [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_OPERATION_FAILED; //LCOV_EXCL_LINE
}
if (!iptc_commit(handle)) {
- STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno));
- iptc_free(handle);
- return STC_ERROR_OPERATION_FAILED;
+ STC_LOGE("Failed to iptc_commit [%s]", iptc_strerror(errno)); //LCOV_EXCL_LINE
+ iptc_free(handle); //LCOV_EXCL_LINE
+ return STC_ERROR_INVALID_OPERATION; //LCOV_EXCL_LINE
}
iptc_free(handle);
#include "stc-iptables.h"
#include "stc-iptables-gdbus.h"
+static gboolean __stc_iptables_gdbus_manager_init(stc_iptables_s *stc_iptables)
+{
+ __STC_LOG_FUNC_ENTER__;
+ gboolean ret = TRUE;
+ gchar *s = NULL;
+
+ StcObjectSkeleton *object = NULL;
+ StcManager *manager = NULL;
+ s = g_strdup_printf(STC_IPTABLES_DBUS_SERVICE_MANAGER_PATH);
+
+ /* Add interface to default object path */
+ object = stc_object_skeleton_new(s);
+ g_free(s);
+
+ manager = stc_manager_skeleton_new();
+ stc_object_skeleton_set_manager(object, manager);
+ g_object_unref(manager);
+
+ g_signal_connect(manager, "handle-stop",
+ G_CALLBACK(handle_iptables_stop),
+ stc_iptables);
+
+ g_dbus_object_manager_server_export(stc_iptables->obj_mgr,
+ G_DBUS_OBJECT_SKELETON(object));
+ g_object_unref(object);
+
+ stc_iptables->manager_obj = (gpointer)manager;
+
+ __STC_LOG_FUNC_EXIT__;
+ return ret;
+}
+
static gboolean __stc_iptables_gdbus_chain_init(stc_iptables_s *stc_iptables)
{
__STC_LOG_FUNC_ENTER__;
stc_iptables->connection = connection;
+ if (__stc_iptables_gdbus_manager_init(stc_iptables) == FALSE) {
+ STC_LOGE("Can not signal connect to manager"); //LCOV_EXCL_LINE
+ /* Deinitialize and quit iptables */
+ }
+
if (__stc_iptables_gdbus_chain_init(stc_iptables) == FALSE) {
- STC_LOGE("Can not signal connect to chain");
+ STC_LOGE("Can not signal connect to chain"); //LCOV_EXCL_LINE
/* Deinitialize and quit iptables */
}
if (__stc_iptables_gdbus_rule_init(stc_iptables) == FALSE) {
- STC_LOGE("Can not signal connect to rule");
+ STC_LOGE("Can not signal connect to rule"); //LCOV_EXCL_LINE
/* Deinitialize and quit iptables */
}
STC_LOGD("name : %s", name);
}
+//LCOV_EXCL_START
static void __stc_iptables_gdbus_on_name_lost(GDBusConnection *connection,
const gchar *name,
gpointer user_data)
{
STC_LOGD("name : %s", name);
}
+//LCOV_EXCL_STOP
void stc_iptables_gdbus_init(gpointer stc_data)
{
g_bus_unown_name(stc_iptables->gdbus_owner_id);
+ stc_iptables->manager_obj = NULL;
stc_iptables->rule_obj = NULL;
stc_iptables->chain_obj = NULL;
GVariant *value = NULL;
if (!cb) {
- __STC_LOG_FUNC_EXIT__;
- return;
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
}
while (g_variant_iter_loop(iter, "{sv}", &key, &value)) {
static FILE *log_file = NULL;
+//LCOV_EXCL_START
static void __stc_iptables_log_update_file_revision(int rev)
{
int next_log_rev = 0;
g_free(backup);
}
+//LCOV_EXCL_STOP
static void __stc_iptables_log_get_local_time(char *strtime, const int size)
{
log_size = buf.st_size;
if (log_size >= MAX_LOG_SIZE) {
+ //LCOV_EXCL_START
fclose(log_file);
log_file = NULL;
va_end(ap);
return;
}
+ //LCOV_EXCL_STOP
}
__stc_iptables_log_get_local_time(strtime, sizeof(strtime));
fsync(log_file->_fileno);
}
+#ifdef TIZEN_GTESTS
+ void __gcov_flush(void);
+ __gcov_flush();
+#endif
+
return TRUE;
}
#include <string.h>
+#include "stc-iptables.h"
#include "stc-iptables-util.h"
#include "helper-iptables.h"
#include "helper-ip6tables.h"
static const gchar *stc_iptables_err_strs[] = {
"ERROR_NONE",
- "FAIL",
- "DB_FAILED",
+ "NOT_PERMITTED",
"OUT_OF_MEMORY",
+ "PERMISSION_DENIED",
+ "INVALID_OPERATION",
"INVALID_PARAMETER",
- "NO_DATA",
- "UNINITIALIZED",
- "NOTIMPL"
+ "OPERATION_FAILED"
};
void __stc_extract_rule(const char *key, GVariant *value,
STC_LOGD("target: [%s]", rule->target);
} else {
- STC_LOGD("Unknown rule");
+ STC_LOGD("Unknown rule"); //LCOV_EXCL_LINE
}
}
STC_LOGD("target: [%s]", rule->target);
} else {
- STC_LOGD("Unknown rule");
+ STC_LOGD("Unknown rule"); //LCOV_EXCL_LINE
}
}
+gboolean handle_iptables_stop(StcManager *object,
+ GDBusMethodInvocation *invocation)
+{
+ __STC_LOG_FUNC_ENTER__;
+ GVariant *return_parameters = NULL;
+
+ STC_LOGI("stc manager stop");
+
+ return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
+
+ STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
+ STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
+
+ stc_stop_iptables();
+
+ __STC_LOG_FUNC_EXIT__;
+ return TRUE;
+}
+
gboolean handle_iptables_add_rule(StcRule *object,
GDBusMethodInvocation *invocation,
GVariant *rules,
ret = iptables_add_rule(rule);
if (ret != STC_ERROR_NONE) {
+ //LCOV_EXCL_START
STC_LOGE("Failed add rule [%s:%d:%s:%d:%s:%s]", rule->chain,
rule->type, rule->ifname, rule->classid,
rule->nfacct_name, rule->target);
STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
__STC_LOG_FUNC_EXIT__;
return TRUE;
+ //LCOV_EXCL_STOP
}
}
g_variant_iter_free(iter);
} else {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation,
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = iptables_remove_rule(rule);
if (ret != STC_ERROR_NONE) {
+ //LCOV_EXCL_START
STC_LOGE("Failed remove rule [%s:%d:%s:%d:%s:%s]", rule->chain,
rule->type, rule->ifname, rule->classid,
rule->nfacct_name, rule->target);
STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
__STC_LOG_FUNC_EXIT__;
return TRUE;
+ //LCOV_EXCL_STOP
}
}
g_variant_iter_free(iter);
} else {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation,
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = iptables_add_chain(chain);
if (ret < STC_ERROR_NONE) {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = iptables_remove_chain(chain);
if (ret < STC_ERROR_NONE) {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = iptables_flush_chain(chain);
if (ret < STC_ERROR_NONE) {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = ip6tables_add_rule(rule);
if (ret != STC_ERROR_NONE) {
+ //LCOV_EXCL_START
STC_LOGE("Failed add rule [%s:%d:%s:%d:%s:%s]", rule->chain,
rule->type, rule->ifname, rule->classid,
rule->nfacct_name, rule->target);
STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
__STC_LOG_FUNC_EXIT__;
return TRUE;
+ //LCOV_EXCL_STOP
}
}
g_variant_iter_free(iter);
} else {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation,
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = ip6tables_remove_rule(rule);
if (ret != STC_ERROR_NONE) {
+ //LCOV_EXCL_START
STC_LOGE("Failed remove rule [%s:%d:%s:%d:%s:%s]", rule->chain,
rule->type, rule->ifname, rule->classid,
rule->nfacct_name, rule->target);
STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
__STC_LOG_FUNC_EXIT__;
return TRUE;
+ //LCOV_EXCL_STOP
}
}
g_variant_iter_free(iter);
} else {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation,
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
STC_ERROR_INVALID_PARAMETER);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = ip6tables_add_chain(chain);
if (ret < STC_ERROR_NONE) {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = ip6tables_remove_chain(chain);
if (ret < STC_ERROR_NONE) {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
ret = ip6tables_flush_chain(chain);
if (ret < STC_ERROR_NONE) {
- STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
- __STC_LOG_FUNC_EXIT__;
- return TRUE;
+ STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
+ __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
+ return TRUE; //LCOV_EXCL_LINE
}
return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
+#include <stdlib.h>
+
#include "stc-iptables.h"
#include "stc-iptables-util.h"
#include "stc-iptables-gdbus.h"
__STC_LOG_FUNC_ENTER__;
if (!g_stc_iptables) {
- STC_LOGE("Memory for iptables structure is not allocated");
- return;
+ STC_LOGE("Memory for iptables structure is not allocated"); //LCOV_EXCL_LINE
+ return; //LCOV_EXCL_LINE
}
stc_iptables_gdbus_deinit((gpointer)g_stc_iptables);
stc_iptables = MALLOC0(stc_iptables_s, 1);
if (!stc_iptables) {
- STC_LOGE("Failed to allocate memory for iptables structure");
- return NULL;
+ STC_LOGE("Failed to allocate memory for iptables structure"); //LCOV_EXCL_LINE
+ return NULL; //LCOV_EXCL_LINE
}
g_stc_iptables = stc_iptables;
STC_LOGI("Smart Traffic Control Iptables");
+#ifdef TIZEN_GTESTS
+ setenv("GCOV_PREFIX", "/tmp/daemon", 1);
+#endif
+
if (daemon(0, 0) != 0)
- STC_LOGE("Can't start daemon");
+ STC_LOGE("Can't start daemon"); //LCOV_EXCL_LINE
/* Initialize required subsystems */
#if !GLIB_CHECK_VERSION(2, 35, 0)
return ret;
}
+//LCOV_EXCL_START
stc_iptables_s *stc_get_iptables(void)
{
return g_stc_iptables;
}
+//LCOV_EXCL_STOP
+
+void stc_stop_iptables(void)
+{
+ if (g_stc_iptables && g_stc_iptables->main_loop)
+ g_main_loop_quit(g_stc_iptables->main_loop);
+}
return err;
}
-int test_stc_ipt_clear_rule(void)
+void test_stc_ipt_clear_rule(void)
{
if (g_rule)
__test_rule_free(g_rule);
#ifndef __TEST_STC_IPT_RULE_H__
#define __TEST_STC_IPT_RULE_H__
-int test_stc_ipt_clear_rule(void);
+void test_stc_ipt_clear_rule(void);
#endif /** __TEST_STC_IPT_RULE_H__ */
--- /dev/null
+CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
+PROJECT(gtest-stc-iptables C CXX)
+
+SET(GTEST_TEST "gtest-stc-iptables")
+ADD_DEFINITIONS("-DUSE_DLOG")
+
+SET(REQUIRES_LIST ${REQUIRES_LIST}
+ glib-2.0
+ gio-2.0
+ gmock
+ dlog
+)
+
+INCLUDE(FindPkgConfig)
+PKG_CHECK_MODULES(GTEST_TEST_PKG REQUIRED ${REQUIRES_LIST})
+
+FOREACH(flag ${GTEST_TEST_PKG_CFLAGS})
+ SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}")
+ENDFOREACH(flag)
+
+SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -Wall -fPIE")
+SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS}")
+SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${EXTRA_CFLAGS}")
+SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--as-needed -pie")
+
+FILE(GLOB GTEST_TEST_SRCS *.cpp)
+SET(GTEST_TEST_SRCS ${GTEST_TEST_SRCS})
+
+ADD_EXECUTABLE(${GTEST_TEST} ${GTEST_TEST_SRCS})
+TARGET_LINK_LIBRARIES(${GTEST_TEST} ${GTEST_TEST_LDFLAGS} ${GTEST_TEST_PKG_LDFLAGS} -ldl -lgcov)
+
+INSTALL(TARGETS ${GTEST_TEST} RUNTIME DESTINATION ${BIN_DIR})
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "chain.h"
+
+Chain::Chain()
+{
+ Create();
+}
+
+Chain::~Chain()
+{
+ Destroy();
+}
+
+error_e Chain::SetChainName(const char *name)
+{
+ if (name == NULL || strlen(name) == 0)
+ this->m_ChainName[0] = '\0';
+ else
+ g_strlcpy(this->m_ChainName, name, CHAIN_NAME_LEN);
+
+ return ERROR_NONE;
+}
+
+error_e Chain::AddChain(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ params = g_variant_new("(s)", this->m_ChainName);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_CHAIN_PATH,
+ STC_IPT_DBUS_CHAIN_INTERFACE,
+ STC_IPT_METHOD_IPT_ADD_CHAIN,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to add chain [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Chain::Add6Chain(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ params = g_variant_new("(s)", this->m_ChainName);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_CHAIN_PATH,
+ STC_IPT_DBUS_CHAIN_INTERFACE,
+ STC_IPT_METHOD_IP6T_ADD_CHAIN,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to add 6 chain [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Chain::FlushChain(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ params = g_variant_new("(s)", this->m_ChainName);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_CHAIN_PATH,
+ STC_IPT_DBUS_CHAIN_INTERFACE,
+ STC_IPT_METHOD_IPT_FLUSH_CHAIN,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to flush chain [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Chain::Flush6Chain(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ params = g_variant_new("(s)", this->m_ChainName);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_CHAIN_PATH,
+ STC_IPT_DBUS_CHAIN_INTERFACE,
+ STC_IPT_METHOD_IP6T_FLUSH_CHAIN,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to flush 6 chain [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Chain::RemoveChain(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ params = g_variant_new("(s)", this->m_ChainName);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_CHAIN_PATH,
+ STC_IPT_DBUS_CHAIN_INTERFACE,
+ STC_IPT_METHOD_IPT_REMOVE_CHAIN,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to remove chain [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Chain::Remove6Chain(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ params = g_variant_new("(s)", this->m_ChainName);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_CHAIN_PATH,
+ STC_IPT_DBUS_CHAIN_INTERFACE,
+ STC_IPT_METHOD_IP6T_REMOVE_CHAIN,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to remove 6 chain [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_IPT_CHAIN_H__
+#define __STC_IPT_CHAIN_H__
+
+#include <glib.h>
+#include <gio/gio.h>
+
+#include "stcmgr.h"
+#include "gdbus.h"
+
+#define STC_IPT_METHOD_IPT_ADD_CHAIN "IptAddChain"
+#define STC_IPT_METHOD_IPT_FLUSH_CHAIN "IptFlushChain"
+#define STC_IPT_METHOD_IPT_REMOVE_CHAIN "IptRemoveChain"
+
+#define STC_IPT_METHOD_IP6T_ADD_CHAIN "Ip6tAddChain"
+#define STC_IPT_METHOD_IP6T_FLUSH_CHAIN "Ip6tFlushChain"
+#define STC_IPT_METHOD_IP6T_REMOVE_CHAIN "Ip6tRemoveChain"
+
+class Chain : public GDbus {
+private:
+ char m_ChainName[CHAIN_NAME_LEN];
+public:
+ Chain();
+ ~Chain();
+ error_e SetChainName(const char *name);
+ error_e AddChain(void);
+ error_e Add6Chain(void);
+ error_e FlushChain(void);
+ error_e Flush6Chain(void);
+ error_e RemoveChain(void);
+ error_e Remove6Chain(void);
+};
+
+#endif /* __STC_IPT_CHAIN_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "gdbus.h"
+
+GDbus::GDbus()
+{
+ this->m_pConnection = NULL;
+ this->m_pCancellable = NULL;
+}
+
+GDbus::~GDbus()
+{
+ GDBusConnection *conn = this->m_pConnection;
+ GCancellable *cancel = this->m_pCancellable;
+
+ if (cancel) {
+ g_cancellable_cancel(cancel);
+ g_object_unref(cancel);
+ cancel = NULL;
+ }
+
+ if (conn) {
+ g_object_unref(conn);
+ conn = NULL;
+ }
+}
+
+error_e GDbus::Create(void)
+{
+ GError *err = NULL;
+
+#if !GLIB_CHECK_VERSION(2, 36, 0)
+ g_type_init();
+#endif
+
+ this->m_pConnection = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, &err);
+ if (this->m_pConnection == NULL) {
+ if (err != NULL) {
+ GLOGD("Failed to connect to the D-BUS daemon [%s]", err->message);
+ g_error_free(err);
+ }
+
+ return ERROR_OPERATION_FAILED;
+ }
+
+ this->m_pCancellable = g_cancellable_new();
+
+ return ERROR_NONE;
+}
+
+error_e GDbus::Destroy(void)
+{
+ g_cancellable_cancel(this->m_pCancellable);
+ g_object_unref(this->m_pCancellable);
+ this->m_pCancellable = NULL;
+
+ g_object_unref(this->m_pConnection);
+ this->m_pConnection = NULL;
+
+ return ERROR_NONE;
+}
+
+GDBusConnection *GDbus::GetConnection(void)
+{
+ return this->m_pConnection;
+}
+
+GCancellable *GDbus::GetCancellable(void)
+{
+ return this->m_pCancellable;
+}
+
+error_e GDbus::ConvertErrorStringToEnum(const char *error)
+{
+ if (NULL != strstr(error, "NOT_PERMITTED"))
+ return ERROR_NOT_PERMITTED;
+ else if (NULL != strstr(error, "OUT_OF_MEMORY"))
+ return ERROR_OUT_OF_MEMORY;
+ else if (NULL != strstr(error, "PERMISSION_DENIED"))
+ return ERROR_PERMISSION_DENIED;
+ else if (NULL != strstr(error, "INVALID_OPERATION"))
+ return ERROR_INVALID_OPERATION;
+ else if (NULL != strstr(error, "INVALID_PARAMETER"))
+ return ERROR_INVALID_PARAMETER;
+ else if (NULL != strstr(error, "OPERATION_FAILED"))
+ return ERROR_OPERATION_FAILED;
+
+ return ERROR_OPERATION_FAILED;
+}
+
+GVariant *GDbus::InvokeMethod(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, error_e *dbus_error)
+{
+ GError *error = NULL;
+ GVariant *reply = NULL;
+ GDBusConnection *connection = NULL;
+ *dbus_error = ERROR_NONE;
+
+ connection = GetConnection();
+ if (connection == NULL) {
+ GLOGD("GDBusconnection is NULL");
+ *dbus_error = ERROR_NOT_INITIALIZED;
+ return reply;
+ }
+
+ reply = g_dbus_connection_call_sync(connection,
+ dest,
+ path,
+ iface_name,
+ method,
+ params,
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ DBUS_REPLY_TIMEOUT,
+ GetCancellable(),
+ &error);
+
+ if (reply == NULL) {
+ if (error != NULL) {
+ GLOGD("g_dbus_connection_call_sync() failed "
+ "error [%d: %s]", error->code, error->message);
+ *dbus_error = ConvertErrorStringToEnum(error->message);
+ g_error_free(error);
+ } else {
+ GLOGD("g_dbus_connection_call_sync() failed");
+ *dbus_error = ERROR_OPERATION_FAILED;
+ }
+
+ return NULL;
+ }
+
+ return reply;
+}
+
+error_e GDbus::InvokeMethodNonblock(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, int timeout,
+ GAsyncReadyCallback notify_func, void *user_data)
+{
+ GDBusConnection *connection = NULL;
+
+ connection = GetConnection();
+ if (connection == NULL) {
+ GLOGD("GDBusconnection is NULL");
+ return ERROR_NOT_INITIALIZED;
+ }
+
+ g_dbus_connection_call(connection,
+ dest,
+ path,
+ iface_name,
+ method,
+ params,
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ timeout,
+ GetCancellable(),
+ (GAsyncReadyCallback) notify_func,
+ (gpointer)user_data);
+
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_IPT_GDBUS_H__
+#define __STC_IPT_GDBUS_H__
+
+#include <glib.h>
+#include <gio/gio.h>
+
+#include "stcmgr.h"
+
+#define GMAINTIMEOUT 10000
+#define DBUS_REPLY_TIMEOUT (120 * 1000)
+
+#define STC_IPT_DBUS_SERVICE "net.stc.iptables"
+#define STC_IPT_DBUS_MANAGER_INTERFACE STC_IPT_DBUS_SERVICE ".manager"
+#define STC_IPT_DBUS_RULE_INTERFACE STC_IPT_DBUS_SERVICE ".rule"
+#define STC_IPT_DBUS_CHAIN_INTERFACE STC_IPT_DBUS_SERVICE ".chain"
+#define STC_IPT_DBUS_SERVICE_MANAGER_PATH "/net/stc/iptables/manager"
+#define STC_IPT_DBUS_SERVICE_RULE_PATH "/net/stc/iptables/rule"
+#define STC_IPT_DBUS_SERVICE_CHAIN_PATH "/net/stc/iptables/chain"
+
+class GDbus {
+private:
+ GDBusConnection *m_pConnection;
+ GCancellable *m_pCancellable;
+public:
+ GDbus();
+ ~GDbus();
+ error_e Create(void);
+ error_e Destroy(void);
+ GDBusConnection *GetConnection(void);
+ GCancellable *GetCancellable(void);
+ error_e ConvertErrorStringToEnum(const char *error);
+ GVariant *InvokeMethod(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, error_e *dbus_error);
+ error_e InvokeMethodNonblock(const char *dest, const char *path,
+ const char *iface_name, const char *method, GVariant *params, int timeout,
+ GAsyncReadyCallback notify_func, void *user_data);
+};
+
+#endif /* __STC_IPT_GDBUS_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "manager.h"
+
+Manager::Manager()
+{
+ Create();
+}
+
+Manager::~Manager()
+{
+ Destroy();
+}
+
+error_e Manager::StopManager(void)
+{
+ GVariant *message = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_MANAGER_PATH,
+ STC_IPT_DBUS_MANAGER_INTERFACE,
+ STC_IPT_METHOD_MANAGER_STOP,
+ NULL,
+ &error);
+
+ if (message == NULL) {
+ GLOGD("Failed to invoke dbus method");
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Successfully stop manager [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_IPT_MANAGER_H__
+#define __STC_IPT_MANAGER_H__
+
+#include "stcmgr.h"
+#include "gdbus.h"
+
+#define STC_IPT_METHOD_MANAGER_STOP "Stop"
+
+class Manager : public GDbus {
+private:
+public:
+ Manager();
+ ~Manager();
+ error_e StopManager(void);
+};
+
+
+#endif /* __STC_IPT_MANAGER_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "rule.h"
+
+Rule::Rule()
+{
+ Create();
+}
+
+Rule::~Rule()
+{
+ Destroy();
+}
+
+error_e Rule::SetRule(const char *chain, ipt_rule_type_e rule_type,
+ const char *iface_name, int classid, const char *nfacct_name,
+ const char *target_name)
+{
+ if (chain == NULL || strlen(chain) == 0)
+ this->m_ChainName[0] = '\0';
+ else
+ g_strlcpy(this->m_ChainName, chain, CHAIN_NAME_LEN);
+
+ switch (rule_type) {
+ case IPT_RULE_IN:
+ case IPT_RULE_OUT:
+ this->m_RuleType = rule_type;
+ break;
+ default:
+ return ERROR_INVALID_PARAMETER;
+ }
+
+ if (iface_name == NULL || strlen(iface_name) == 0)
+ this->m_IfaceName[0] = '\0';
+ else
+ g_strlcpy(this->m_IfaceName, iface_name, IFACE_NAME_LEN);
+
+ if (classid > 0)
+ this->m_ClassID = classid;
+
+ if (nfacct_name == NULL || strlen(nfacct_name) == 0)
+ this->m_NfacctName[0] = '\0';
+ else
+ g_strlcpy(this->m_NfacctName, nfacct_name, NFACCT_NAME_LEN);
+
+ if (target_name == NULL || strlen(target_name) == 0)
+ this->m_TargetName[0] = '\0';
+ else
+ g_strlcpy(this->m_TargetName, target_name, TARGET_NAME_LEN);
+
+ return ERROR_NONE;
+}
+
+void Rule::MakeRuleParams(GVariant **params)
+{
+ GVariantBuilder *builder;
+
+ builder = g_variant_builder_new(G_VARIANT_TYPE("a{sv}"));
+
+ g_variant_builder_add(builder, "{sv}", RULE_CHAIN,
+ g_variant_new_string(this->m_ChainName));
+
+ g_variant_builder_add(builder, "{sv}", RULE_TYPE,
+ g_variant_new_uint32(this->m_RuleType));
+
+ g_variant_builder_add(builder, "{sv}", RULE_IFNAME,
+ g_variant_new_string(this->m_IfaceName));
+
+ g_variant_builder_add(builder, "{sv}", RULE_CGROUP,
+ g_variant_new_uint32(this->m_ClassID));
+
+ g_variant_builder_add(builder, "{sv}", RULE_NFACCT,
+ g_variant_new_string(this->m_NfacctName));
+
+ g_variant_builder_add(builder, "{sv}", RULE_TARGET,
+ g_variant_new_string(this->m_TargetName));
+
+ *params = g_variant_new("(a{sv})", builder);
+ g_variant_builder_unref(builder);
+}
+
+error_e Rule::AddRule(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_RULE_PATH,
+ STC_IPT_DBUS_RULE_INTERFACE,
+ STC_IPT_METHOD_IPT_ADD_RULE,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to add rule [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Rule::Add6Rule(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_RULE_PATH,
+ STC_IPT_DBUS_RULE_INTERFACE,
+ STC_IPT_METHOD_IP6T_ADD_RULE,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to add 6 rule [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Rule::RemoveRule(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_RULE_PATH,
+ STC_IPT_DBUS_RULE_INTERFACE,
+ STC_IPT_METHOD_IPT_REMOVE_RULE,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to remove rule [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
+
+error_e Rule::Remove6Rule(void)
+{
+ GVariant *message = NULL;
+ GVariant *params = NULL;
+ error_e error = ERROR_NONE;
+ int result = 0;
+
+ MakeRuleParams(¶ms);
+
+ message = InvokeMethod(STC_IPT_DBUS_SERVICE,
+ STC_IPT_DBUS_SERVICE_RULE_PATH,
+ STC_IPT_DBUS_RULE_INTERFACE,
+ STC_IPT_METHOD_IP6T_REMOVE_RULE,
+ params,
+ &error);
+
+ if (message == NULL) {
+ if (error == ERROR_NONE ||
+ error == ERROR_INVALID_OPERATION) {
+ GLOGD("Failed to invoke dbus method but it's normal operation");
+ return ERROR_NONE;
+ }
+
+ GLOGD("Failed to invoke dbus method [%d]", error);
+ return error;
+ }
+
+ g_variant_get(message, "(i)", &result);
+ GLOGD("Succeeded to remove 6 rule [%d]", result);
+ g_variant_unref(message);
+
+ return ERROR_NONE;
+}
\ No newline at end of file
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_IPT_RULE_H__
+#define __STC_IPT_RULE_H__
+
+#include <glib.h>
+#include <gio/gio.h>
+
+#include "stcmgr.h"
+#include "gdbus.h"
+
+#define RULE_CHAIN "chain"
+#define RULE_TYPE "type"
+#define RULE_IFNAME "ifname"
+#define RULE_CGROUP "cgroup"
+#define RULE_NFACCT "nfacct"
+#define RULE_TARGET "target"
+
+#define STC_IPT_METHOD_IPT_ADD_RULE "IptAddRule"
+#define STC_IPT_METHOD_IPT_REMOVE_RULE "IptRemoveRule"
+
+#define STC_IPT_METHOD_IP6T_ADD_RULE "Ip6tAddRule"
+#define STC_IPT_METHOD_IP6T_REMOVE_RULE "Ip6tRemoveRule"
+
+typedef enum {
+ IPT_RULE_IN,
+ IPT_RULE_OUT
+} ipt_rule_type_e;
+
+class Rule : public GDbus {
+private:
+ char m_ChainName[CHAIN_NAME_LEN];
+ char m_IfaceName[IFACE_NAME_LEN];
+ char m_NfacctName[NFACCT_NAME_LEN];
+ char m_TargetName[TARGET_NAME_LEN];
+ int m_ClassID;
+ ipt_rule_type_e m_RuleType;
+public:
+ Rule();
+ ~Rule();
+ error_e SetRule(const char *chain, ipt_rule_type_e rule_type,
+ const char *iface_name, int classid, const char *nfacct_name,
+ const char *target_name);
+ void MakeRuleParams(GVariant **params);
+ error_e AddRule(void);
+ error_e Add6Rule(void);
+ error_e RemoveRule(void);
+ error_e Remove6Rule(void);
+};
+
+#endif /* __STC_IPT_RULE_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "stcmgr.h"
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_MGR_H__
+#define __STC_MGR_H__
+
+#include <glib.h>
+
+#define CHAIN_NAME_LEN 128
+#define IFACE_NAME_LEN 64
+#define NFACCT_NAME_LEN 128
+#define TARGET_NAME_LEN 64
+
+#ifdef USE_DLOG
+#include <dlog.h>
+#undef LOG_TAG
+#define LOG_TAG "STC_GTEST"
+#define GLOGD(format, args...) LOGD(format, ##args)
+#else
+#define GLOGD(format, args...)
+#endif
+
+typedef enum {
+ ERROR_NONE = 0,
+ ERROR_NOT_PERMITTED = -1,
+ ERROR_OUT_OF_MEMORY = -2,
+ ERROR_PERMISSION_DENIED = -3,
+ ERROR_RESOURCE_BUSY = -4,
+ ERROR_INVALID_OPERATION = -5,
+ ERROR_INVALID_PARAMETER = -6,
+ ERROR_NOT_SUPPORTED = -7,
+ ERROR_OPERATION_FAILED = -8,
+ ERROR_NOT_INITIALIZED = -9,
+ ERROR_ALREADY_INITIALIZED = -10,
+ ERROR_IN_PROGRESS = -11,
+} error_e;
+
+#endif /* __STC_MGR_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <iostream>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <unistd.h>
+
+#include "unittest.h"
+#include "chain.h"
+#include "rule.h"
+#include "manager.h"
+
+using ::testing::InitGoogleTest;
+using ::testing::Test;
+using ::testing::TestCase;
+
+#define TEST_IN_CHAIN "GTEST_IN"
+#define TEST_OUT_CHAIN "GTEST_OUT"
+#define TEST_IFNAME "seth_w0"
+
+#define TARGET_ACCEPT "ACCEPT"
+#define TARGET_DROP "DROP"
+
+typedef struct {
+ int classid;
+ const char *nfacct;
+} cgroup_nfacct_s;
+
+static cgroup_nfacct_s examples_in[] = {
+ {21, "c2_1_21_seth_w0"}, {22, "c2_1_22_seth_w0"},
+ {23, "c2_1_23_seth_w0"}, {24, "c2_1_24_seth_w0"},
+ {25, "c2_1_25_seth_w0"}, {26, "c2_1_26_seth_w0"},
+ {27, "c2_1_27_seth_w0"}, {28, "c2_1_28_seth_w0"},
+ {29, "c2_1_29_seth_w0"},
+};
+
+static cgroup_nfacct_s examples_out[] = {
+ {21, "c4_1_21_seth_w0"}, {22, "c4_1_22_seth_w0"},
+ {23, "c4_1_23_seth_w0"}, {24, "c4_1_24_seth_w0"},
+ {25, "c4_1_25_seth_w0"}, {26, "c4_1_26_seth_w0"},
+ {27, "c4_1_27_seth_w0"}, {28, "c4_1_28_seth_w0"},
+ {29, "c4_1_29_seth_w0"},
+};
+
+static int exams_in_cnt = sizeof(examples_in) / sizeof(examples_in[0]);
+static int exams_out_cnt = sizeof(examples_out) / sizeof(examples_out[0]);
+
+TEST(StcIptables_Chain_Set, Add_p)
+{
+ error_e ret = ERROR_NONE;
+ Chain chain;
+
+ ret = chain.SetChainName(TEST_IN_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.AddChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Add6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.SetChainName(TEST_OUT_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.AddChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Add6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcIptables_Chain_Set, Flush_p)
+{
+ error_e ret = ERROR_NONE;
+ Chain chain;
+
+ ret = chain.SetChainName(TEST_IN_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.FlushChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Flush6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.SetChainName(TEST_OUT_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.FlushChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Flush6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcIptables_Rule_Set, AddIn_p)
+{
+ error_e ret = ERROR_NONE;
+ int index;
+ Rule rule;
+
+ for (index = 0; index < exams_in_cnt; ++index) {
+ ret = rule.SetRule(TEST_IN_CHAIN,
+ IPT_RULE_IN,
+ TEST_IFNAME,
+ examples_in[index].classid,
+ examples_in[index].nfacct,
+ (index % 2) ? TARGET_ACCEPT : TARGET_DROP);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.AddRule();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.Add6Rule();
+ EXPECT_EQ(ERROR_NONE, ret);
+ }
+}
+
+TEST(StcIptables_Rule_Set, AddOut_p)
+{
+ error_e ret = ERROR_NONE;
+ int index;
+ Rule rule;
+
+ for (index = 0; index < exams_out_cnt; ++index) {
+ ret = rule.SetRule(TEST_OUT_CHAIN,
+ IPT_RULE_OUT,
+ TEST_IFNAME,
+ examples_out[index].classid,
+ examples_out[index].nfacct,
+ (index % 2) ? TARGET_ACCEPT : TARGET_DROP);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.AddRule();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.Add6Rule();
+ EXPECT_EQ(ERROR_NONE, ret);
+ }
+}
+
+TEST(StcIptables_Rule_Unset, RemoveIn_p)
+{
+ error_e ret = ERROR_NONE;
+ int index;
+ Rule rule;
+
+ for (index = 0; index < exams_in_cnt; ++index) {
+ ret = rule.SetRule(TEST_IN_CHAIN,
+ IPT_RULE_IN,
+ TEST_IFNAME,
+ examples_in[index].classid,
+ examples_in[index].nfacct,
+ (index % 2) ? TARGET_ACCEPT : TARGET_DROP);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.RemoveRule();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.Remove6Rule();
+ EXPECT_EQ(ERROR_NONE, ret);
+ }
+}
+
+TEST(StcIptables_Rule_Unset, RemoveOut_p)
+{
+ error_e ret = ERROR_NONE;
+ int index;
+ Rule rule;
+
+ for (index = 0; index < exams_out_cnt; ++index) {
+ ret = rule.SetRule(TEST_OUT_CHAIN,
+ IPT_RULE_OUT,
+ TEST_IFNAME,
+ examples_out[index].classid,
+ examples_out[index].nfacct,
+ (index % 2) ? TARGET_ACCEPT : TARGET_DROP);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.RemoveRule();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = rule.Remove6Rule();
+ EXPECT_EQ(ERROR_NONE, ret);
+ }
+}
+
+TEST(StcIptables_Chain_Unset, Flush_p)
+{
+ error_e ret = ERROR_NONE;
+ Chain chain;
+
+ ret = chain.SetChainName(TEST_IN_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.FlushChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Flush6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.SetChainName(TEST_OUT_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.FlushChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Flush6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+TEST(StcIptables_Chain_Unset, Remove_p)
+{
+ error_e ret = ERROR_NONE;
+ Chain chain;
+
+ ret = chain.SetChainName(TEST_IN_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.RemoveChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Remove6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.SetChainName(TEST_OUT_CHAIN);
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.RemoveChain();
+ EXPECT_EQ(ERROR_NONE, ret);
+
+ ret = chain.Remove6Chain();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+
+TEST(StcIptables_Manager, Stop_p)
+{
+ error_e ret = ERROR_NONE;
+ Manager mgr;
+
+ ret = mgr.StopManager();
+ EXPECT_EQ(ERROR_NONE, ret);
+}
+
+int main(int argc, char **argv)
+{
+ InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef __STC_IPT_UNITTEST_H__
+#define __STC_IPT_UNITTEST_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <glib.h>
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __STC_IPT_UNITTEST_H__ */
\ No newline at end of file
projects / platform / core / connectivity / stc-iptables.git / commitdiff