summaryrefslogtreecommitdiffstats
path: root/src/test/test-nft-set.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:49:52 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:49:52 +0000
commit55944e5e40b1be2afc4855d8d2baf4b73d1876b5 (patch)
tree33f869f55a1b149e9b7c2b7e201867ca5dd52992 /src/test/test-nft-set.c
parentInitial commit. (diff)
downloadsystemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.tar.xz
systemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.zip
Adding upstream version 255.4.upstream/255.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/test/test-nft-set.c78
1 files changed, 78 insertions, 0 deletions
diff --git a/src/test/test-nft-set.c b/src/test/test-nft-set.c
new file mode 100644
index 0000000..bb0c902
--- /dev/null
+++ b/src/test/test-nft-set.c
@@ -0,0 +1,78 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <assert.h>
+#include <unistd.h>
+
+#include "firewall-util.h"
+#include "in-addr-util.h"
+#include "log.h"
+#include "netlink-internal.h"
+#include "parse-util.h"
+#include "string-util.h"
+#include "tests.h"
+
+int main(int argc, char **argv) {
+ int r;
+
+ assert_se(argc == 7);
+
+ test_setup_logging(LOG_DEBUG);
+
+ if (getuid() != 0)
+ return log_tests_skipped("not root");
+
+ int nfproto;
+ nfproto = nfproto_from_string(argv[2]);
+ assert_se(nfproto_is_valid(nfproto));
+
+ const char *table = argv[3], *set = argv[4];
+
+ FirewallContext *ctx;
+ r = fw_ctx_new(&ctx);
+ assert_se(r == 0);
+
+ bool add;
+ if (streq(argv[1], "add"))
+ add = true;
+ else
+ add = false;
+
+ if (streq(argv[5], "uint32")) {
+ uint32_t element;
+
+ r = safe_atou32(argv[6], &element);
+ assert_se(r == 0);
+
+ r = nft_set_element_modify_any(ctx, add, nfproto, table, set, &element, sizeof(element));
+ assert_se(r == 0);
+ } else if (streq(argv[5], "uint64")) {
+ uint64_t element;
+
+ r = safe_atou64(argv[6], &element);
+ assert_se(r == 0);
+
+ r = nft_set_element_modify_any(ctx, add, nfproto, table, set, &element, sizeof(element));
+ assert_se(r == 0);
+ } else if (streq(argv[5], "in_addr")) {
+ union in_addr_union addr;
+ int af;
+
+ r = in_addr_from_string_auto(argv[6], &af, &addr);
+ assert_se(r == 0);
+
+ r = nft_set_element_modify_ip(ctx, add, nfproto, af, table, set, &addr);
+ assert_se(r == 0);
+ } else if (streq(argv[5], "network")) {
+ union in_addr_union addr;
+ int af;
+ unsigned char prefixlen;
+
+ r = in_addr_prefix_from_string_auto(argv[6], &af, &addr, &prefixlen);
+ assert_se(r == 0);
+
+ r = nft_set_element_modify_iprange(ctx, add, nfproto, af, table, set, &addr, prefixlen);
+ assert_se(r == 0);
+ }
+
+ return 0;
+}