* init() --> setup()
* Use "ROD_SILENT" and "tst_check_cmds"
* Save the iptables before the testcase and restore it after the testcase
* Delete some useless comments
* Delete the needless check(grep -c Chain and grep "100% packet loss")
in test01 and test02
* Use "tst_resm TBROK" if remove the rule failed
Signed-off-by: Cui Bixuan <cuibix...@huawei.com>
---
testcases/network/iptables/iptables_tests.sh | 111 ++++++-------------------
1 files changed, 27 insertions(+), 84 deletions(-)
diff --git a/testcases/network/iptables/iptables_tests.sh
b/testcases/network/iptables/iptables_tests.sh
index a3f90a3..ad426bf 100755
--- a/testcases/network/iptables/iptables_tests.sh
+++ b/testcases/network/iptables/iptables_tests.sh
@@ -26,98 +26,56 @@ export TST_TOTAL=6
. test.sh
-init()
+setup()
{
+ ROD_SILENT modprobe ip_tables
+
+ tst_check_cmds iptables
+
tst_tmpdir
tst_resm TINFO "INIT: Inititalizing tests."
- modprobe ip_tables
- if [ $? -ne 0 ]; then
- iptables -L > tst_iptables.out 2>&1
- if [ $? -ne 0 ]; then
- tst_brkm TBROK "no iptables support in kenrel."
- fi
- fi
-
- tst_resm TINFO "INIT: Flushing all rules."
- iptables -F -t filter > tst_iptables.out 2>&1
- iptables -F -t nat > tst_iptables.out 2>&1
- iptables -F -t mangle > tst_iptables.out 2>&1
+ ROD_SILENT iptables-save > saved_iptables
+ ROD_SILENT iptables -F
}
cleanup()
{
- lsmod | grep "ip_tables" > tst_iptables.out 2>&1
- if [ $? -eq 0 ]; then
- iptables -F -t filter > tst_iptables.out 2>&1
- iptables -F -t nat > tst_iptables.out 2>&1
- iptables -F -t mangle > tst_iptables.out 2>&1
- rmmod -v ipt_limit ipt_multiport ipt_LOG ipt_REJECT \
- iptable_mangle iptable_nat ip_conntrack \
- iptable_filter ip_tables nf_nat_ipv4 nf_nat \
- nf_log_ipv4 nf_log_common nf_reject_ipv4 \
- nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack \
- > tst_iptables.out 2>&1
- fi
+ ROD_SILENT iptables-restore < saved_iptables
+
tst_rmdir
}
test01()
{
- local chaincnt=0
+ tst_resm TINFO "iptables -L -t filter/nat/mangle test."
- local cmd="iptables -L -t filter"
- tst_resm TINFO "$cmd will list all rules in table filter."
- $cmd > tst_iptables.out 2>&1
+ iptables -L -t filter > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "$cmd failed to list rules."
+ tst_resm TFAIL "iptables -L -t filter failed to list rules."
cat tst_iptables.out
return
else
- chaincnt=$(grep -c Chain tst_iptables.out)
- if [ $chaincnt -lt 3 ]; then
- tst_resm TFAIL "$cmd failed to list rules."
- cat tst_iptables.out
- return
- else
- tst_resm TINFO "$cmd lists rules."
- fi
+ tst_resm TINFO "iptables -L -t filter lists rules."
fi
- local cmd="iptables -L -t nat"
- tst_resm TINFO "$cmd will list all rules in table nat."
- $cmd > tst_iptables.out 2>&1
+ iptables -L -t nat > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "$cmd failed to list rules."
+ tst_resm TFAIL "iptables -L -t nat failed to list rules."
cat tst_iptables.out
return
else
- chaincnt=$(grep -c Chain tst_iptables.out)
- if [ $chaincnt -lt 3 ]; then
- tst_resm TFAIL "$cmd failed to list rules."
- cat tst_iptables.out
- return
- else
- tst_resm TINFO "$cmd lists rules."
- fi
+ tst_resm TINFO "iptables -L -t nat lists rules."
fi
- local cmd="iptables -L -t mangle"
- tst_resm TINFO "$cmd will list all rules in table mangle."
- $cmd > tst_iptables.out 2>&1
+ iptables -L -t mangle > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "$cmd failed to list rules."
+ tst_resm TFAIL "iptables -L -t mangle failed to list rules."
cat tst_iptables.out
return
else
- chaincnt=$(grep -c Chain tst_iptables.out)
- if [ $chaincnt -lt 5 ]; then
- tst_resm TFAIL "$cmd failed to list rules."
- cat tst_iptables.out
- else
- tst_resm TINFO "$cmd lists rules."
- fi
+ tst_resm TINFO "iptables -L -t mangle lists rules."
fi
tst_resm TPASS "iptables -L lists rules."
@@ -138,15 +96,7 @@ test02()
tst_resm TINFO "Pinging 127.0.0.1"
ping -c 2 127.0.0.1 > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- grep "100% packet loss" tst_iptables.out > tst_iptables.err 2>&1
- if [ $? -ne 0 ]; then
- tst_resm TFAIL \
- "iptables did not block packets from loopback"
- cat tst_iptables.err
- return
- else
- tst_resm TINFO "Ping 127.0.0.1 not successful."
- fi
+ tst_resm TINFO "Ping 127.0.0.1 not successful."
else
tst_resm TFAIL "iptables did not block icmp from 127.0.0.1"
cat tst_iptables.out
@@ -156,7 +106,7 @@ test02()
tst_resm TINFO "Deleting icmp DROP from 127.0.0.1 rule."
iptables -D INPUT 1 > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "iptables did not remove the rule."
+ tst_resm TBROK "iptables did not remove the rule."
cat tst_iptables.out
return
fi
@@ -189,14 +139,7 @@ test03()
tst_resm TINFO "Pinging 127.0.0.1"
ping -c 2 127.0.0.1 > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- grep "100% packet loss" tst_iptables.out > tst_iptables.err 2>&1
- if [ $? -ne 0 ]; then
- tst_resm TFAIL "iptables did not block ping request."
- cat tst_iptables.err
- return
- else
- tst_resm TINFO "Ping 127.0.0.1 not successful."
- fi
+ tst_resm TINFO "Ping 127.0.0.1 not successful."
else
tst_resm TFAIL "iptables did not reject ping request."
cat tst_iptables.out
@@ -206,7 +149,7 @@ test03()
tst_resm TINFO "Deleting icmp request REJECT rule."
iptables -D INPUT 1 > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "iptables did not remove the rule."
+ tst_resm TBROK "iptables did not remove the rule."
cat tst_iptables.out
return
fi
@@ -262,7 +205,7 @@ test04()
tst_resm TINFO "Deleting the rule to log."
iptables -D INPUT 1 > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "iptables did not remove the rule."
+ tst_resm TBROK "iptables did not remove the rule."
cat tst_iptables.out
return
fi
@@ -320,7 +263,7 @@ test05()
tst_resm TINFO "Flushing all rules."
iptables -F > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "iptables did not flush all rules."
+ tst_resm TBROK "iptables did not flush all rules."
cat tst_iptables.out
return
fi
@@ -368,7 +311,7 @@ test06()
tst_resm TINFO "Deleting the rule to log."
iptables -D INPUT 1 > tst_iptables.out 2>&1
if [ $? -ne 0 ]; then
- tst_resm TFAIL "iptables did not remove the rule."
+ tst_resm TBROK "iptables did not remove the rule."
cat tst_iptables.out
return
fi
@@ -376,7 +319,7 @@ test06()
tst_resm TPASS "iptables can log packets with limited rate."
}
-init
+setup
TST_CLEANUP=cleanup
test01
--
1.6.0.2
------------------------------------------------------------------------------
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
