Compare commits
5 Commits
2e1c53e963
...
61dc101d76
| Author | SHA1 | Date |
|---|---|---|
Antonio Ojea
|
61dc101d76 | |
Antonio Ojea
|
a8a06f3379 | |
|
Antonio Ojea
|
48432232ee | |
dependabot[bot]
|
85aee131ff | |
Michael Stapelberg
|
45dc72792b |
|
|
@ -33,5 +33,5 @@ jobs:
|
|||
go test ./...
|
||||
go test -c github.com/google/nftables
|
||||
sudo ./nftables.test -test.v -run_system_tests
|
||||
go test -c github.com/google/nftables/tests
|
||||
sudo ./tests.test -test.v -run_system_tests
|
||||
go test -c github.com/google/nftables/integration
|
||||
sudo ./integration.test -test.v -run_system_tests
|
||||
|
|
|
|||
7
go.mod
7
go.mod
|
|
@ -4,15 +4,14 @@ go 1.21
|
|||
|
||||
require (
|
||||
github.com/google/go-cmp v0.6.0
|
||||
github.com/mdlayher/netlink v1.7.2
|
||||
github.com/mdlayher/netlink v1.7.3-0.20250113171957-fbb4dce95f42
|
||||
github.com/vishvananda/netlink v1.3.0
|
||||
github.com/vishvananda/netns v0.0.4
|
||||
golang.org/x/sys v0.18.0
|
||||
golang.org/x/sys v0.28.0
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/josharian/native v1.1.0 // indirect
|
||||
github.com/mdlayher/socket v0.5.0 // indirect
|
||||
golang.org/x/net v0.23.0 // indirect
|
||||
golang.org/x/net v0.33.0 // indirect
|
||||
golang.org/x/sync v0.6.0 // indirect
|
||||
)
|
||||
|
|
|
|||
14
go.sum
14
go.sum
|
|
@ -1,20 +1,18 @@
|
|||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/josharian/native v1.1.0 h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA=
|
||||
github.com/josharian/native v1.1.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
|
||||
github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g=
|
||||
github.com/mdlayher/netlink v1.7.2/go.mod h1:xraEF7uJbxLhc5fpHL4cPe221LI2bdttWlU+ZGLfQSw=
|
||||
github.com/mdlayher/netlink v1.7.3-0.20250113171957-fbb4dce95f42 h1:A1Cq6Ysb0GM0tpKMbdCXCIfBclan4oHk1Jb+Hrejirg=
|
||||
github.com/mdlayher/netlink v1.7.3-0.20250113171957-fbb4dce95f42/go.mod h1:BB4YCPDOzfy7FniQ/lxuYQ3dgmM2cZumHbK8RpTjN2o=
|
||||
github.com/mdlayher/socket v0.5.0 h1:ilICZmJcQz70vrWVes1MFera4jGiWNocSkykwwoy3XI=
|
||||
github.com/mdlayher/socket v0.5.0/go.mod h1:WkcBFfvyG8QENs5+hfQPl1X6Jpd2yeLIYgrGFmJiJxI=
|
||||
github.com/vishvananda/netlink v1.3.0 h1:X7l42GfcV4S6E4vHTsw48qbrV+9PVojNfIhZcwQdrZk=
|
||||
github.com/vishvananda/netlink v1.3.0/go.mod h1:i6NetklAujEcC6fK0JPjT8qSwWyO0HLn4UKG+hGqeJs=
|
||||
github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
|
||||
github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
|
||||
golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
|
||||
golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
|
||||
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
|
||||
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
|
||||
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
|
||||
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||
golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
|
||||
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
|
||||
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
|
|
|
|||
|
|
@ -12,13 +12,11 @@
|
|||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package tests
|
||||
package integration
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"runtime"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
|
|
@ -190,11 +188,7 @@ func TestNFTables(t *testing.T) {
|
|||
t.Fatal(err)
|
||||
}
|
||||
|
||||
_, filename, _, _ := runtime.Caller(0) // Get the current file's path
|
||||
filePath := filepath.Join(filepath.Dir(filename), tt.scriptPath)
|
||||
t.Logf("testing script from %s", filePath)
|
||||
|
||||
scriptOutput, err := applyNFTScript(filePath)
|
||||
scriptOutput, err := applyNFTRuleset(tt.scriptPath)
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to apply nftables script: %v\noutput:%s", err, scriptOutput)
|
||||
}
|
||||
|
|
@ -203,21 +197,20 @@ func TestNFTables(t *testing.T) {
|
|||
}
|
||||
|
||||
// Retrieve nftables state using nft
|
||||
expectedOutput, err := getNFTablesRuleset()
|
||||
expectedOutput, err := listNFTRuleset()
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to list nftables ruleset: %v\noutput:%s", err, expectedOutput)
|
||||
}
|
||||
t.Logf("Expected output:\n%s", expectedOutput)
|
||||
|
||||
// Program nftables using your Go code
|
||||
err = flushNFTRuleset()
|
||||
if err != nil {
|
||||
if err := flushNFTRuleset(); err != nil {
|
||||
t.Fatalf("Failed to flush nftables ruleset: %v", err)
|
||||
}
|
||||
tt.goCommands(t, c)
|
||||
|
||||
// Retrieve nftables state using nft
|
||||
actualOutput, err := getNFTablesRuleset()
|
||||
actualOutput, err := listNFTRuleset()
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to list nftables ruleset: %v\noutput:%s", err, actualOutput)
|
||||
}
|
||||
|
|
@ -228,38 +221,32 @@ func TestNFTables(t *testing.T) {
|
|||
t.Errorf("nftables ruleset mismatch:\n%s", cmp.Diff(expectedOutput, actualOutput))
|
||||
}
|
||||
|
||||
err = flushNFTRuleset()
|
||||
if err != nil {
|
||||
if err := flushNFTRuleset(); err != nil {
|
||||
t.Fatalf("Failed to flush nftables ruleset: %v", err)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func applyNFTScript(scriptPath string) (string, error) {
|
||||
cmd := exec.Command("nft", "-f", scriptPath)
|
||||
func applyNFTRuleset(scriptPath string) (string, error) {
|
||||
cmd := exec.Command("nft", "--debug=all", "-f", scriptPath)
|
||||
out, err := cmd.CombinedOutput()
|
||||
if err != nil {
|
||||
return string(out), err
|
||||
}
|
||||
return normalizeOutput(string(out)), nil
|
||||
return strings.TrimSpace(string(out)), nil
|
||||
}
|
||||
|
||||
func getNFTablesRuleset() (string, error) {
|
||||
func listNFTRuleset() (string, error) {
|
||||
cmd := exec.Command("nft", "list", "ruleset")
|
||||
out, err := cmd.CombinedOutput()
|
||||
if err != nil {
|
||||
return string(out), err
|
||||
}
|
||||
return normalizeOutput(string(out)), nil
|
||||
return strings.TrimSpace(string(out)), nil
|
||||
}
|
||||
|
||||
func flushNFTRuleset() error {
|
||||
cmd := exec.Command("nft", "flush", "ruleset")
|
||||
return cmd.Run()
|
||||
}
|
||||
|
||||
func normalizeOutput(output string) string {
|
||||
output = strings.TrimSpace(output)
|
||||
return output
|
||||
}
|
||||
Loading…
Reference in New Issue