interesting
/
nftables
mirror of https://github.com/google/nftables.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[FIX]fix test method

This commit is contained in:
RandolphCYG 2021-11-23 19:23:58 +08:00
parent bc0ae9ae6f
commit c1dd8d928e
3 changed files with 44 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
go.mod
View File

@ -1,11 +0,0 @@
module github.com/google/nftables
go 1.12
require (
github.com/koneu/natend v0.0.0-20150829182554-ec0926ea948d
github.com/mdlayher/netlink v0.0.0-20191009155606-de872b0d824b
github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc
golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271 // indirect
golang.org/x/sys v0.0.0-20191029155521-f43be2a4598c
)

28
go.sum
View File

@ -1,28 +0,0 @@
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/jsimonetti/rtnetlink v0.0.0-20190606172950-9527aa82566a h1:84IpUNXj4mCR9CuCEvSiCArMbzr/TMbuPIadKDwypkI=
github.com/jsimonetti/rtnetlink v0.0.0-20190606172950-9527aa82566a/go.mod h1:Oz+70psSo5OFh8DBl0Zv2ACw7Esh6pPUphlvZG9x7uw=
github.com/koneu/natend v0.0.0-20150829182554-ec0926ea948d h1:MFX8DxRnKMY/2M3H61iSsVbo/n3h0MWGmWNN1UViOU0=
github.com/koneu/natend v0.0.0-20150829182554-ec0926ea948d/go.mod h1:QHb4k4cr1fQikUahfcRVPcEXiUgFsdIstGqlurL0XL4=
github.com/mdlayher/netlink v0.0.0-20190409211403-11939a169225/go.mod h1:eQB3mZE4aiYnlUsyGGCOpPETfdQq4Jhsgf1fk3cwQaA=
github.com/mdlayher/netlink v0.0.0-20191009155606-de872b0d824b h1:W3er9pI7mt2gOqOWzwvx20iJ8Akiqz1mUMTxU6wdvl8=
github.com/mdlayher/netlink v0.0.0-20191009155606-de872b0d824b/go.mod h1:KxeJAFOFLG6AjpyDkQ/iIhxygIUKD+vcwqcnu43w/+M=
github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc h1:R83G5ikgLMxrBvLh22JhdfI8K6YXEPHx5P03Uu3DRs4=
github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 h1:k7pJ2yAPLPgbskkFdhRCsA77k2fySZ1zf2zCjvQCiIM=
golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271 h1:N66aaryRB3Ax92gH0v3hp1QYZ3zWWCCUR/j8Ifh45Ss=
golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190411185658-b44545bcd369/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg=
golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191029155521-f43be2a4598c h1:S/FtSvpNLtFBgjTqcKsRpsa6aVsI6iztaz1bQd9BJwE=
golang.org/x/sys v0.0.0-20191029155521-f43be2a4598c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191112214154-59a1497f0cea h1:Mz1TMnfJDRJLk8S8OPCoJYgrsp/Se/2TBre2+vwX128=
golang.org/x/sys v0.0.0-20191113150313-8ad342257130 h1:+sdNBpwFF05NvMnEyGynbOs/Gr2LQwORWEPKXuEXxzU=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=

93
nftables_test.go
View File

@ -18,6 +18,7 @@ import (
"bytes" "bytes"
"flag" "flag"
"fmt" "fmt"
"github.com/google/nftables"
"net" "net"
"os" "os"
"reflect" "reflect"
@ -26,7 +27,6 @@ import (
"testing" "testing"
"time" "time"
"github.com/google/nftables"
"github.com/google/nftables/binaryutil" "github.com/google/nftables/binaryutil"
"github.com/google/nftables/expr" "github.com/google/nftables/expr"
"github.com/mdlayher/netlink" "github.com/mdlayher/netlink"
@ -38,54 +38,6 @@ var (
enableSysTests = flag.Bool("run_system_tests", false, "Run tests that operate against the live kernel") enableSysTests = flag.Bool("run_system_tests", false, "Run tests that operate against the live kernel")
) )
// Get table by net family and its name
func TestGetTable(t *testing.T) {
conn := nftables.Conn{} // start up a conn
table, _ := conn.GetTable("nat", nftables.TableFamilyIPv4)
fmt.Println(table.Name, table.Family)
table2, _ := conn.GetTable("filter", nftables.TableFamilyIPv4)
fmt.Println(table2.Name, table.Family)
}
// Get chain by chain's name
func TestGetChain(t *testing.T) {
conn := nftables.Conn{} // start up a conn
chain, _ := conn.GetChain("POSTROUTING") // get chain
fmt.Println(chain.Name)
}
// Get set and set's elements by table and set's name
func TestGetSet(t *testing.T) {
conn := nftables.Conn{} // start up a conn
table, _ := conn.GetTable("nat", nftables.TableFamilyIPv4) // get table
set, _ := conn.GetSetByName(table, "dest_addrs") // get set
fmt.Println(set.Name)
eles, _ := conn.GetSetElements(set)
fmt.Println(eles)
}
// Get rules by table and chain
func TestGetRules(t *testing.T) {
conn := nftables.Conn{} // start up a conn
table, _ := conn.GetTable("nat", nftables.TableFamilyIPv4) // get table
chain, _ := conn.GetChain("POSTROUTING") // get chain
rules, _ := conn.GetRule(table, chain) // get rules
for _, rule := range rules {
fmt.Println(rule.Table.Name, rule.Table.Family, rule.Chain.Name, rule.Handle)
// unpack exprs
//for _, expr := range rule.Exprs {
// fmt.Println(expr)
//}
}
}
// nfdump returns a hexdump of 4 bytes per line (like nft --debug=all), allowing // nfdump returns a hexdump of 4 bytes per line (like nft --debug=all), allowing
// users to make sense of large byte literals more easily. // users to make sense of large byte literals more easily.
func nfdump(b []byte) string { func nfdump(b []byte) string {
@ -161,6 +113,49 @@ func cleanupSystemNFTConn(t *testing.T, newNS netns.NsHandle) {
} }
} }
func TestGetTableGetChain(t *testing.T) {
conn := nftables.Conn{}
nat2 := conn.AddTable(&nftables.Table{
Family: nftables.TableFamilyIPv4,
Name: "nat2",
})
fmt.Println(nat2.Name, nat2.Family)
// sends all buffered commands in a single batch to nftables
if err := conn.Flush(); err != nil {
t.Errorf("c.Flush() failed: %v", err)
}
// gets table by net family and its name
table, _ := conn.GetTable("nat2", nftables.TableFamilyIPv4)
fmt.Println(table.Name, table.Family)
postrouting := conn.AddChain(&nftables.Chain{
Name: "POSTROUTING",
Hooknum: nftables.ChainHookPostrouting,
Priority: nftables.ChainPriorityNATSource,
Table: nat2,
Type: nftables.ChainTypeNAT,
})
conn.AddRule(&nftables.Rule{
Table: nat2,
Chain: postrouting,
Exprs: []expr.Any{
&expr.Counter{},
},
})
// sends all buffered commands in a single batch to nftables
if err := conn.Flush(); err != nil {
t.Errorf("c.Flush() failed: %v", err)
}
// gets chain by its name
chain, _ := conn.GetChain("POSTROUTING") // get chain
fmt.Println(chain.Name, chain.Table)
}
func TestRuleOperations(t *testing.T) { func TestRuleOperations(t *testing.T) {
// Create a new network namespace to test these operations, // Create a new network namespace to test these operations,