[netfilter-cvslog] r3439 - trunk/nfsim-testsuite/01iptables

Sat Dec 18 14:20:19 CET 2004

Author: rusty at netfilter.org
Date: 2004-12-18 14:20:18 +0100 (Sat, 18 Dec 2004)
New Revision: 3439

Added:
   trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args-complain.sim
   trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args.sim
Log:
Samuel Jean:
Like the subject suggests, here's the ipt_multiport testcase.
This is your fourth christmas gift. This one was very expensive
so I hope you will like it.

[ Rusty: iptables v1.3.0 actually complains about ! usage with -m multiport, rahter than silently ignoring it.  Separate that part of the test and mark it expected-fail ]


Added: trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args-complain.sim
===================================================================

--- trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args-complain.sim	2004-12-18 13:18:45 UTC (rev 3438)
+++ trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args-complain.sim	2004-12-18 13:20:18 UTC (rev 3439)
@@ -0,0 +1,13 @@
+# Multiport doesn't support invert.
+# Older versions don't complain about it.
+expect iptables *multiport does not support invert
+expect iptables *command failed
+iptables -I INPUT -p tcp -m multiport ! --source-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+
+expect iptables *multiport does not support invert
+expect iptables *command failed
+iptables -I INPUT -p tcp -m multiport ! --destination-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+
+expect iptables *multiport does not support invert
+expect iptables *command failed
+iptables -I INPUT -p tcp -m multiport ! --ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15

Added: trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args.sim
===================================================================
--- trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args.sim	2004-12-18 13:18:45 UTC (rev 3438)
+++ trunk/nfsim-testsuite/01iptables/36ipt_multiport-bad-args.sim	2004-12-18 13:20:18 UTC (rev 3439)
@@ -0,0 +1,33 @@
+# the three options should work (expecting: success)
+# Default maximum ports number supported by the library is 15
+iptables -I INPUT -p tcp -m multiport --source-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+iptables -D INPUT -p tcp -m multiport --source-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+iptables -I INPUT -p tcp -m multiport --destination-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+iptables -D INPUT -p tcp -m multiport --destination-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+iptables -I INPUT -p tcp -m multiport --ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+iptables -D INPUT -p tcp -m multiport --ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+
+# Ensure UDP works too.. (expecting: success)
+# One test should be sufficient
+iptables -I INPUT -p udp -m multiport --source-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+iptables -D INPUT -p udp -m multiport --source-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15
+
+# Multiport doesn't support multiple options. (expecting: failure)
+expect iptables iptables: command failed
+iptables -I INPUT -p tcp -m multiport --sports 1 --dports 2 --ports 3
+expect iptables iptables: command failed
+iptables -I INPUT -p tcp -m multiport --sports 1 --dports 2
+
+# Can we override ourself ? (expecting: failure)
+expect iptables iptables: command failed
+iptables -I INPUT -p tcp -m multiport --sports 1 --sports 1
+expect iptables iptables: command failed
+iptables -I INPUT -p tcp -m multiport --dports 2 --dports 2
+expect iptables iptables: command failed
+iptables -I INPUT -p tcp -m multiport --ports 3 --ports 3
+
+# Reject ICMP and ALL (expecting: failure)
+expect iptables iptables: command failed
+iptables -I INPUT -p icmp -m multiport --ports 3
+expect iptables iptables: command failed
+iptables -I INPUT -m multiport --ports 3


