github.com/codemac/docker@v1.2.1-0.20150518222241-6a18412d5b9c/pkg/iptables/firewalld_test.go (about) 1 package iptables 2 3 import ( 4 "net" 5 "strconv" 6 "testing" 7 ) 8 9 func TestFirewalldInit(t *testing.T) { 10 if !checkRunning() { 11 t.Skip("firewalld is not running") 12 } 13 if err := FirewalldInit(); err != nil { 14 t.Fatal(err) 15 } 16 } 17 18 func TestReloaded(t *testing.T) { 19 var err error 20 var fwdChain *Chain 21 22 fwdChain, err = NewChain("FWD", "lo", Filter, false) 23 if err != nil { 24 t.Fatal(err) 25 } 26 defer fwdChain.Remove() 27 28 // copy-pasted from iptables_test:TestLink 29 ip1 := net.ParseIP("192.168.1.1") 30 ip2 := net.ParseIP("192.168.1.2") 31 port := 1234 32 proto := "tcp" 33 34 err = fwdChain.Link(Append, ip1, ip2, port, proto) 35 if err != nil { 36 t.Fatal(err) 37 } else { 38 // to be re-called again later 39 OnReloaded(func() { fwdChain.Link(Append, ip1, ip2, port, proto) }) 40 } 41 42 rule1 := []string{ 43 "-i", fwdChain.Bridge, 44 "-o", fwdChain.Bridge, 45 "-p", proto, 46 "-s", ip1.String(), 47 "-d", ip2.String(), 48 "--dport", strconv.Itoa(port), 49 "-j", "ACCEPT"} 50 51 if !Exists(fwdChain.Table, fwdChain.Name, rule1...) { 52 t.Fatalf("rule1 does not exist") 53 } 54 55 // flush all rules 56 fwdChain.Remove() 57 58 reloaded() 59 60 // make sure the rules have been recreated 61 if !Exists(fwdChain.Table, fwdChain.Name, rule1...) { 62 t.Fatalf("rule1 hasn't been recreated") 63 } 64 } 65 66 func TestPassthrough(t *testing.T) { 67 rule1 := []string{ 68 "-i", "lo", 69 "-p", "udp", 70 "--dport", "123", 71 "-j", "ACCEPT"} 72 73 if firewalldRunning { 74 _, err := Passthrough(Iptables, append([]string{"-A"}, rule1...)...) 75 if err != nil { 76 t.Fatal(err) 77 } 78 if !Exists(Filter, "INPUT", rule1...) { 79 t.Fatalf("rule1 does not exist") 80 } 81 } 82 83 }