g_assert(err == 0);
}
+static void test_iptables_chain0(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain1(void)
+{
+ int err;
+
+ err = __connman_iptables_new_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_flush_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete_chain("filter", "foo");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_chain2(void)
+{
+ int err;
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "DROP");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_change_policy("filter", "INPUT", "ACCEPT");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule0(void)
+{
+ int err;
+
+ /* Test simple appending and removing a rule */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
+
+static void test_iptables_rule1(void)
+{
+ int err;
+
+ /* Test if we can do NAT stuff */
+
+ err = __connman_iptables_append("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("nat", "POSTROUTING",
+ "-s 10.10.1.0/24 -o eth0 -j MASQUERADE");
+
+ err = __connman_iptables_commit("nat");
+ g_assert(err == 0);
+}
+
+static void test_iptables_rule2(void)
+{
+ int err;
+
+ /* Test if the right rule is removed */
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_append("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 2 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+
+ err = __connman_iptables_delete("filter", "INPUT",
+ "-m mark --mark 1 -j LOG");
+ g_assert(err == 0);
+
+ err = __connman_iptables_commit("filter");
+ g_assert(err == 0);
+}
+
int main(int argc, char *argv[])
{
int err;
g_test_add_func("/iptables/basic0", test_iptables_basic0);
g_test_add_func("/iptables/basic1", test_iptables_basic1);
g_test_add_func("/iptables/basic2", test_iptables_basic2);
+ g_test_add_func("/iptables/chain0", test_iptables_chain0);
+ g_test_add_func("/iptables/chain1", test_iptables_chain1);
+ g_test_add_func("/iptables/chain2", test_iptables_chain2);
+ g_test_add_func("/iptables/rule0", test_iptables_rule0);
+ g_test_add_func("/iptables/rule1", test_iptables_rule1);
+ g_test_add_func("/iptables/rule2", test_iptables_rule2);
err = g_test_run();
projects / platform / upstream / connman.git / commitdiff