github.com/pwn-term/docker@v0.0.0-20210616085119-6e977cce2565/libnetwork/iptables/firewalld_test.go (about) 1 package iptables 2 3 import ( 4 "net" 5 "strconv" 6 "testing" 7 ) 8 9 func TestFirewalldInit(t *testing.T) { 10 if !checkRunning() { 11 t.Skip("firewalld is not running") 12 } 13 if err := FirewalldInit(); err != nil { 14 t.Fatal(err) 15 } 16 } 17 18 func TestReloaded(t *testing.T) { 19 var err error 20 var fwdChain *ChainInfo 21 22 iptable := GetIptable(IPv4) 23 fwdChain, err = iptable.NewChain("FWD", Filter, false) 24 if err != nil { 25 t.Fatal(err) 26 } 27 bridgeName := "lo" 28 29 err = iptable.ProgramChain(fwdChain, bridgeName, false, true) 30 if err != nil { 31 t.Fatal(err) 32 } 33 defer fwdChain.Remove() 34 35 // copy-pasted from iptables_test:TestLink 36 ip1 := net.ParseIP("192.168.1.1") 37 ip2 := net.ParseIP("192.168.1.2") 38 port := 1234 39 proto := "tcp" 40 41 err = fwdChain.Link(Append, ip1, ip2, port, proto, bridgeName) 42 if err != nil { 43 t.Fatal(err) 44 } else { 45 // to be re-called again later 46 OnReloaded(func() { fwdChain.Link(Append, ip1, ip2, port, proto, bridgeName) }) 47 } 48 49 rule1 := []string{ 50 "-i", bridgeName, 51 "-o", bridgeName, 52 "-p", proto, 53 "-s", ip1.String(), 54 "-d", ip2.String(), 55 "--dport", strconv.Itoa(port), 56 "-j", "ACCEPT"} 57 58 if !iptable.Exists(fwdChain.Table, fwdChain.Name, rule1...) { 59 t.Fatal("rule1 does not exist") 60 } 61 62 // flush all rules 63 fwdChain.Remove() 64 65 reloaded() 66 67 // make sure the rules have been recreated 68 if !iptable.Exists(fwdChain.Table, fwdChain.Name, rule1...) { 69 t.Fatal("rule1 hasn't been recreated") 70 } 71 } 72 73 func TestPassthrough(t *testing.T) { 74 rule1 := []string{ 75 "-i", "lo", 76 "-p", "udp", 77 "--dport", "123", 78 "-j", "ACCEPT"} 79 80 iptable := GetIptable(IPv4) 81 if firewalldRunning { 82 _, err := Passthrough(Iptables, append([]string{"-A"}, rule1...)...) 83 if err != nil { 84 t.Fatal(err) 85 } 86 if !iptable.Exists(Filter, "INPUT", rule1...) { 87 t.Fatal("rule1 does not exist") 88 } 89 } 90 91 }