diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2017-07-17 21:48:14 +0900 |
---|---|---|
committer | Lorenzo Colitti <lorenzo@google.com> | 2017-07-17 21:57:25 +0900 |
commit | 6324b18c1a7dddfc44a1f5f9e6bc79026e7daafc (patch) | |
tree | bc999c275c04263862619503b2f0efaa60d45503 /server/FirewallControllerTest.cpp | |
parent | ac74fb7c13a7442914feb3ff591e590c09b889b0 (diff) | |
download | netd-6324b18c1a7dddfc44a1f5f9e6bc79026e7daafc.tar.gz |
Add tests for FirewallController::setInterfaceRule.
Bug: 28362720
Test: new unit test passes
Change-Id: I29c2272458b5fda46d2fc110663e01841b2e895b
Diffstat (limited to 'server/FirewallControllerTest.cpp')
-rw-r--r-- | server/FirewallControllerTest.cpp | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/server/FirewallControllerTest.cpp b/server/FirewallControllerTest.cpp index db9b31e2..0805580b 100644 --- a/server/FirewallControllerTest.cpp +++ b/server/FirewallControllerTest.cpp @@ -23,11 +23,13 @@ #include <gtest/gtest.h> #include <android-base/strings.h> +#include <android-base/stringprintf.h> #include "FirewallController.h" #include "IptablesBaseTest.h" using android::base::Join; +using android::base::StringPrintf; class FirewallControllerTest : public IptablesBaseTest { protected: @@ -215,7 +217,7 @@ TEST_F(FirewallControllerTest, TestEnableChildChains) { expectIptablesRestoreCommands(expected); } -TEST_F(FirewallControllerTest, TestEnableDisableFirewall) { +TEST_F(FirewallControllerTest, TestFirewall) { std::vector<std::string> enableCommands = { "*filter\n" "-A fw_INPUT -j DROP\n" @@ -253,6 +255,20 @@ TEST_F(FirewallControllerTest, TestEnableDisableFirewall) { EXPECT_EQ(0, mFw.enableFirewall(WHITELIST)); expectIptablesRestoreCommands(disableEnableCommands); + std::vector<std::string> ifaceCommands = { + "-I fw_INPUT -i rmnet_data0 -j RETURN", + "-I fw_OUTPUT -o rmnet_data0 -j RETURN", + }; + EXPECT_EQ(0, mFw.setInterfaceRule("rmnet_data0", ALLOW)); + expectIptablesCommands(ifaceCommands); + + ifaceCommands = { + "-D fw_INPUT -i rmnet_data0 -j RETURN", + "-D fw_OUTPUT -o rmnet_data0 -j RETURN", + }; + EXPECT_EQ(0, mFw.setInterfaceRule("rmnet_data0", DENY)); + expectIptablesCommands(ifaceCommands); + EXPECT_EQ(0, mFw.enableFirewall(WHITELIST)); expectIptablesRestoreCommands(noCommands); |