On 03/07/2013 03:23 PM, Patrik Flykt wrote:
Hi,
On Thu, 2013-03-07 at 14:35 +0100, Daniel Wagner wrote:
From: Daniel Wagner <[email protected]>
Instead just relying on the error code return by ConnMan's iptables API
we use iptables-save to check if the rules either are installed
or removed.
---
unit/test-iptables.c | 88 +++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 87 insertions(+), 1 deletion(-)
diff --git a/unit/test-iptables.c b/unit/test-iptables.c
index 49b05e0..c5d9d3b 100644
--- a/unit/test-iptables.c
+++ b/unit/test-iptables.c
@@ -27,6 +27,32 @@
#include "../src/connman.h"
+static connman_bool_t check_rule_exists(const char *table_name, const char
*rule)
+{
+ char *cmd, *output, **lines;
+ GError **error = NULL;
+ int i;
+
+ cmd = g_strdup_printf("iptables-save -t %s", table_name);
+ g_spawn_command_line_sync(cmd, &output, NULL, NULL, error);
+ g_free(cmd);
You are basing a unit test on a command that is in /sbin/ without a
dependency on the binary, so this will in general fail.
Damnit, faceplant...
If the bug is in
ConnMan's iptables API, let's fix the API to return the needed error
codes.
The return codes might indicate everything has worked fine, but
it didn't do anything. This test tries to verify if ConnMan's iptables
implementation.
This code is doing module testing, as it looks up the system
response to a particular command which will fail when the user is not
equipped with suitable capabilities. AFAIK unit tests should be
executable with 'make distcheck'.
Don't think we can make this work as long we are talking to the kernel.
The only way I see would be to intercept the final table as buffer and
return it.
What do you propose? Remove test-iptables.c?
cheers,
daniel
_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman
