[libvirt] [PATCH] nwfilter: extend schema + add testcase w/ connlimit-above test

[Stefan Berger]

I am extending the schema with the recently added connlimit-above
attribute and adding a test case to the test suite.

Signed-off-by: Stefan Berger <stefanb at us.ibm.com>

---
 docs/schemas/nwfilter.rng                   |    5 +++++
 tests/nwfilterxml2xmlin/conntrack-test.xml  |   14 ++++++++++++++
 tests/nwfilterxml2xmlout/conntrack-test.xml |   12 ++++++++++++
 tests/nwfilterxml2xmltest.c                 |    2 ++
 4 files changed, 33 insertions(+)

Index: libvirt-acl/docs/schemas/nwfilter.rng
===================================================================
--- libvirt-acl.orig/docs/schemas/nwfilter.rng
+++ libvirt-acl/docs/schemas/nwfilter.rng
@@ -387,6 +387,11 @@
           <ref name="sixbitrange"/>
         </attribute>
       </optional>
+      <optional>
+        <attribute name="connlimit-above">
+          <ref name="uint16range"/>
+        </attribute>
+      </optional>
     </interleave>
   </define>
 
Index: libvirt-acl/tests/nwfilterxml2xmlin/conntrack-test.xml
===================================================================
--- /dev/null
+++ libvirt-acl/tests/nwfilterxml2xmlin/conntrack-test.xml
@@ -0,0 +1,14 @@
+<filter name='testcase' chain='root'>
+  <uuid>0a5288ea-612c-834a-6bbf-82a03a1a3244</uuid>
+  <rule action='drop' direction='out' priority='500'>
+    <icmp connlimit-above='1'/>
+  </rule>
+  <rule action='drop' direction='out' priority='500'>
+    <tcp connlimit-above='2'/>
+  </rule>
+  <rule action='accept' direction='out' priority='500'>
+    <all/>
+  </rule>
+</filter>
+
+
Index: libvirt-acl/tests/nwfilterxml2xmlout/conntrack-test.xml
===================================================================
--- /dev/null
+++ libvirt-acl/tests/nwfilterxml2xmlout/conntrack-test.xml
@@ -0,0 +1,12 @@
+<filter name='testcase' chain='root'>
+  <uuid>0a5288ea-612c-834a-6bbf-82a03a1a3244</uuid>
+  <rule action='drop' direction='out' priority='500'>
+    <icmp connlimit-above='1'/>
+  </rule>
+  <rule action='drop' direction='out' priority='500'>
+    <tcp connlimit-above='2'/>
+  </rule>
+  <rule action='accept' direction='out' priority='500'>
+    <all/>
+  </rule>
+</filter>
Index: libvirt-acl/tests/nwfilterxml2xmltest.c
===================================================================
--- libvirt-acl.orig/tests/nwfilterxml2xmltest.c
+++ libvirt-acl/tests/nwfilterxml2xmltest.c
@@ -119,6 +119,8 @@ mymain(int argc, char **argv)
     DO_TEST("icmp-direction2-test");
     DO_TEST("icmp-direction3-test");
 
+    DO_TEST("conntrack-test");
+
     return (ret==0 ? EXIT_SUCCESS : EXIT_FAILURE);
 }