[LTP] [PATCH 3/5] iptables/iptables_tests.sh: Add new testcases for iptables -o

Tue, 26 May 2015 18:04:05 -0700 

Add new testcase for testing 'iptables -o'

Signed-off-by: Cui Bixuan <cuibix...@huawei.com>
---
 testcases/network/iptables/iptables_tests.sh |   54 +++++++++++++++++++++++++-
 1 files changed, 53 insertions(+), 1 deletions(-)

diff --git a/testcases/network/iptables/iptables_tests.sh 
b/testcases/network/iptables/iptables_tests.sh
index 387cdfa..a464240 100755
--- a/testcases/network/iptables/iptables_tests.sh
+++ b/testcases/network/iptables/iptables_tests.sh
@@ -22,7 +22,7 @@
 #                                     <hubertnospa...@symbio.com.tw>

 export TCID="iptables"
-export TST_TOTAL=7
+export TST_TOTAL=8

 . test.sh

@@ -450,6 +450,57 @@ test07()
        tst_resm TPASS "iptables -c test succeed."
 }

+test08()
+{
+       tst_resm TINFO "Use iptables to DROP packets from particular" \
+               "network card"
+       tst_resm TINFO "Rule to block icmp from 127.0.0.1"
+
+       iptables -A OUTPUT -o lo -p icmp -j DROP > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                tst_resm TFAIL "iptables command failed to append new rule."
+                cat tst_iptables.out
+                return
+        fi
+
+        tst_resm TINFO "Pinging 127.0.0.1"
+        ping -c 2 127.0.0.1 > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                grep "100% packet loss" tst_iptables.out > tst_iptables.err 
2>&1
+                if [ $? -ne 0 ]; then
+                        tst_resm TFAIL \
+                                 "iptables did not block packets from loopback"
+                        cat tst_iptables.err
+                        return
+                else
+                        tst_resm TINFO "Ping 127.0.0.1 not successful."
+                fi
+        else
+                tst_resm TFAIL "iptables did not block icmp from 127.0.0.1"
+                cat tst_iptables.out
+                return
+        fi
+
+        tst_resm TINFO "Deleting icmp DROP from lo rule."
+        iptables -D OUTPUT 1 > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                tst_resm TFAIL "iptables did not remove the rule."
+                cat tst_iptables.out
+                return
+        fi
+        tst_resm TINFO "Pinging 127.0.0.1 again"
+        ping -c 2 127.0.0.1 > tst_iptables.out 2>&1
+        if [ $? -ne 0 ]; then
+                tst_resm TFAIL "iptables blocking loopback. This is expected" \
+                               "behaviour on certain distributions where" \
+                               "enabling firewall drops all packets by 
default."
+                cat tst_iptables.out
+                return
+        fi
+        tst_resm TINFO "Ping succsess"
+        tst_resm TPASS "iptables can DROP packets from particular network 
card."
+}
+
 init
 TST_CLEANUP=cleanup

@@ -460,5 +511,6 @@ test04
 test05
 test06
 test07
+test08

 tst_exit
-- 
1.6.0.2 .


------------------------------------------------------------------------------
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list

Reply via email to