[libvirt] [PATCH 14/26] Add test for converting network XML to iptables rules

Daniel P. Berrange berrange at redhat.com
Fri Apr 25 13:37:01 UTC 2014 

On Wed, Apr 16, 2014 at 03:54:48PM +0200, Ján Tomko wrote:
> On 04/08/2014 05:38 PM, Daniel P. Berrange wrote:
> > Using the virCommand dry run capability, capture iptables rules
> > created by various network XML documents.
> > 
> > Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> > ---
> 
> 
> > diff --git a/tests/networkxml2firewalldata/nat-default-linux.args b/tests/networkxml2firewalldata/nat-default-linux.args
> > new file mode 100644
> > index 0000000..0ec2807
> > --- /dev/null
> > +++ b/tests/networkxml2firewalldata/nat-default-linux.args
> > @@ -0,0 +1,30 @@
> > +/usr/sbin/iptables --table filter --insert INPUT --in-interface virbr0 --protocol tcp \
> > +--destination-port 67 --jump ACCEPT
> 
> This test fails on systems having iptables in /sbin

I'm going to add the following code which strips off any path
component from the buffer we construct. The '.args' files can
then be changed to say 'iptables' instead of '/sbin/iptables'
which will make is portable

diff --git a/tests/networkxml2firewalltest.c b/tests/networkxml2firewalltest.c
index 55cb38a..9255e01 100644
--- a/tests/networkxml2firewalltest.c
+++ b/tests/networkxml2firewalltest.c
@@ -65,6 +65,7 @@ static int testCompareXMLToArgvFiles(const char *xml,
         goto cleanup;
 
     actualargv = virBufferContentAndReset(&buf);
+    virtTestClearCommandPath(actualargv);
     virCommandSetDryRun(NULL, NULL, NULL);
 
     len = virtTestLoadFile(cmdline, &expectargv);
diff --git a/tests/testutils.c b/tests/testutils.c
index feda22b..a1d31f0 100644
--- a/tests/testutils.c
+++ b/tests/testutils.c
@@ -855,6 +855,57 @@ int virtTestClearLineRegex(const char *pattern,
 }
 
 
+/*
+ * @cmdset contains a list of command line args, eg
+ *
+ * "/usr/sbin/iptables --table filter --insert INPUT --in-interface virbr0 --protocol tcp --destination-port 53 --jump ACCEPT
+ *  /usr/sbin/iptables --table filter --insert INPUT --in-interface virbr0 --protocol udp --destination-port 53 --jump ACCEPT
+ *  /usr/sbin/iptables --table filter --insert FORWARD --in-interface virbr0 --jump REJECT
+ *  /usr/sbin/iptables --table filter --insert FORWARD --out-interface virbr0 --jump REJECT
+ *  /usr/sbin/iptables --table filter --insert FORWARD --in-interface virbr0 --out-interface virbr0 --jump ACCEPT"
+ *
+ * And we're munging it in-place to string the path component
+ * of the command line, to produce
+ *
+ * "iptables --table filter --insert INPUT --in-interface virbr0 --protocol tcp --destination-port 53 --jump ACCEPT
+ *  iptables --table filter --insert INPUT --in-interface virbr0 --protocol udp --destination-port 53 --jump ACCEPT
+ *  iptables --table filter --insert FORWARD --in-interface virbr0 --jump REJECT
+ *  iptables --table filter --insert FORWARD --out-interface virbr0 --jump REJECT
+ *  iptables --table filter --insert FORWARD --in-interface virbr0 --out-interface virbr0 --jump ACCEPT"
+ */
+void virtTestClearCommandPath(char *cmdset)
+{
+    size_t offset = 0;
+    char *lineStart = cmdset;
+    char *lineEnd = strchr(lineStart, '\n');
+
+    while (lineStart) {
+        char *dirsep;
+        char *movestart;
+        size_t movelen;
+        dirsep = strchr(lineStart, ' ');
+        if (dirsep) {
+            while (dirsep > lineStart && *dirsep != '/')
+                dirsep--;
+            if (*dirsep == '/')
+                dirsep++;
+            movestart = dirsep;
+        } else {
+            movestart = lineStart;
+        }
+        movelen = lineEnd ? lineEnd - movestart : strlen(movestart);
+
+        if (movelen) {
+            memmove(cmdset + offset, movestart, movelen + 1);
+            offset += movelen + 1;
+        }
+        lineStart = lineEnd ? lineEnd + 1 : NULL;
+        lineEnd = lineStart ? strchr(lineStart, '\n') : NULL;
+    }
+    cmdset[offset] = '\0';
+}
+
+
 virCapsPtr virTestGenericCapsInit(void)
 {
     virCapsPtr caps;
diff --git a/tests/testutils.h b/tests/testutils.h
index e89492b..ad28ea7 100644
--- a/tests/testutils.h
+++ b/tests/testutils.h
@@ -59,6 +59,8 @@ int virtTestCaptureProgramOutput(const char *const argv[], char **buf, int maxle
 int virtTestClearLineRegex(const char *pattern,
                            char *string);
 
+void virtTestClearCommandPath(char *cmdset);
+
 int virtTestDifference(FILE *stream,
                        const char *expect,
                        const char *actual);



Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list