blob: fdc70bb7890a2a50dd924832c21933081e3727e8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
#!/system/bin/sh
mount -o rw,remount /
mkdir -p /tmp
IFACE=lo
T=5
LABEL=sample
NLLOG=/tmp/nl.$$.log
NLEXE=/system/bin/nl-listener
function init_modules() {
PWD=`pwd`
cd /system/modules
insmod x_tables.ko
insmod ip_tables.ko
insmod iptable_filter.ko
insmod iptable_raw.ko
insmod xt_IDLETIMER.ko
cd $PWD
}
function init_iptables() {
iptables -F
iptables -t raw -F idletimer_PREROUTING
iptables -t raw -N idletimer_PREROUTING
iptables -t raw -D PREROUTING -j idletimer_PREROUTING
iptables -t raw -I PREROUTING -j idletimer_PREROUTING
}
function fail() {
rc=$1
shift
echo "FAIL: $*"
return $rc
}
function pass() {
echo "PASS: $*"
return 0
}
function note() {
echo "NOTE: $*"
return 0
}
function iptables_set() {
iptables -t raw -F
iptables -t raw -N idletimer_PREROUTING
iptables -t raw -A idletimer_PREROUTING -i $1 -j IDLETIMER --timeout $2 --label $3 $4
rc=$?
note "iptables_set: exit code $rc"
return $rc
}
function test_5() {
A="Xyz -1 17" # each value is incorrect
for a in $A; do
iptables_set $IFACE $T $LABEL "--send_nl_msg $a"
rc=$?
if [ $rc -eq 0 ]; then
fail $rc "iptables should fail on --send_nl_msg $a"
return $?
fi
done
pass $1
}
function test_1_2() {
#
# The idea of test is:
# 1. flush iptables rules
# 2. set rule to fire IDLETIMER after T seconds (with additional parameter, probably)
# 3. start listener with timeout of T+2 seconds
# 3a. do nothing for T seconds... DONE!
# 4. verify that:
# a. listener caught the event
# b. listener printed it with "OK" -- event was correct
# c. time between end and start of listener is no greater than T
# 5. print the log, just for reference
#
iptables_set $IFACE $T $LABEL "$2"
rc=$?
if [ $rc -ne 0 ]; then
fail $rc "iptables failed"
return $?
fi
note "Waiting for event..."
T1=`date +%s`
$NLEXE "$3" --timeout $(($T+2)) > $NLLOG
rc=$?
T2=`date +%s`
if [ $rc -ne 0 ]; then
#
# for example, timeout
#
fail $rc "nl-listener failed"
return $?
fi
if [ `grep "^OK" $NLLOG | wc -l` -ne "1" ]; then
#
# No OK in the log? Fail!
#
fail -1 "No 'OK' in nl-listener output"
return $?
fi
if [ $(($T2-$T1)) -lt $(($T-1)) ]; then
#
# nl-listener garantees us that it will wait no longer than T+2
# now, check that delay was no shorter than T-1
#
fail -1 "Too short delay! $(($T2-$T1)) instead of $T"
return $rc
fi
note "nl-listener log is below"
echo "---===== listener log =====---"
cat $NLLOG
echo "---=====++++++++++++++=====---"
pass "$1"
return 0
}
note "Starting tests"
init_modules
init_iptables
echo -e "\nTest 1: verify sysfs events"
test_1_2 "Test 1" "" "--sysfs=$LABEL"
echo -e "\nTest 2: verify netlink events"
test_1_2 "Test 2" "--send_nl_msg 1" "--netlink"
echo -e "\nTest 3: verify sysfs events even in case of --send-nl-msg 1"
test_1_2 "Test 3" "--send_nl_msg 1" "--sysfs=$LABEL"
echo -e "\nTest 4: verify sysfs events in case of --send_nl_msg 0"
test_1_2 "Test 4" "--send_nl_msg 0" "--sysfs=$LABEL"
echo -e "\nTest 5: verify parameters of send-nl-msg"
test_5 "Test 5"
exit 0
|
