X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=test%2Ffwtester.pl;h=555e1516700ad15769450adbec98c4b27bff96cf;hb=8215a0dafbc638e6513fc506575075037271ab65;hp=0399bbe2599de9f616f1f90ee2ffdc084ff02286;hpb=31dc73f1fd74613a6f06b86665c7fec6b1286cdd;p=pve-firewall.git

diff --git a/test/fwtester.pl b/test/fwtester.pl
index 0399bbe..555e151 100755
--- a/test/fwtester.pl
+++ b/test/fwtester.pl
@@ -5,6 +5,8 @@ use strict;
 use warnings;
 use Data::Dumper;
 use PVE::Firewall;
+use Getopt::Long;
+use File::Basename;
 
 my $mark;
 my $trace;
@@ -14,6 +16,17 @@ my $outside_bridge = 'vmbr0';
 
 my $debug = 0;
 
+sub print_usage_and_exit {
+    die "usage: $0 [--debug] [testfile [testid]]\n";
+}
+
+if (!GetOptions ('debug' => \$debug)) {
+    print_usage_and_exit();
+}
+
+my $testfilename = shift;
+my $testid = shift;
+
 sub add_trace {
     my ($text) = @_;
 
@@ -382,18 +395,21 @@ sub simulate_firewall {
     my $from = delete $test->{from} || die "missing 'from' field";
     my $to = delete $test->{to} || die "missing 'to' field";
     my $action = delete $test->{action} || die "missing 'action'";
-
+    
+    my $testid = delete $test->{id};
+    
     die "from/to needs to be different" if $from eq $to;
 
     my $pkg = {
 	proto => 'tcp',
-	sport => '1234',
-	dport => '4321',
-	source => '10.11.12.13',
-	dest => '10.11.12.14',
+	sport => undef,
+	dport => undef,
+	source => undef,
+	dest => undef,
     };
 
     while (my ($k,$v) = each %$test) {
+	die "unknown attribute '$k'\n" if !exists($pkg->{$k});
 	$pkg->{$k} = $v;
     }
 
@@ -459,25 +475,30 @@ sub simulate_firewall {
 }
 
 sub run_tests {
-    my ($vmdata, $testdir) = @_;
+    my ($vmdata, $testdir, $testfile, $testid) = @_;
+
+    $testfile = 'tests' if !$testfile;
 
     $vmdata->{testdir} = $testdir;
 
     my ($ruleset, $ipset_ruleset) = 
 	PVE::Firewall::compile(undef, undef, $vmdata);
 
-    my $testfile = "$testdir/tests";
-    my $fh = IO::File->new($testfile) ||
-	die "unable to open '$testfile' - $!\n";
+    my $filename = "$testdir/$testfile";
+    my $fh = IO::File->new($filename) ||
+	die "unable to open '$filename' - $!\n";
 
+    my $testcount = 0;
     while (defined(my $line = <$fh>)) {
 	next if $line =~ m/^\s*$/;
 	next if $line =~ m/^#.*$/;
 	if ($line =~ m/^\{.*\}\s*$/) {
 	    my $test = eval $line;
 	    die $@ if $@;
+	    next if defined($testid) && (!defined($test->{id}) || ($testid ne $test->{id}));
 	    $trace = '';
 	    print Dumper($ruleset) if $debug;
+	    $testcount++;
 	    eval { simulate_firewall($ruleset, $ipset_ruleset, $vmdata, $test); };
 	    if (my $err = $@) {
 
@@ -485,7 +506,7 @@ sub run_tests {
 
 		print "$trace\n" if !$debug;
 
-		print "$testfile line $.: $line";
+		print "$filename line $.: $line";
 
 		print "test failed: $err\n";
 
@@ -496,7 +517,9 @@ sub run_tests {
 	}
     }
 
-    print "PASS: $testfile\n";
+    die "no tests found\n" if $testcount <= 0;
+
+    print "PASS: $filename\n";
 
     return undef;
 }
@@ -524,9 +547,26 @@ my $vmdata = {
     },
 };
 
-foreach my $dir (<test-*>) {
-    next if ! -d $dir;
-    run_tests($vmdata, $dir);
+if ($testfilename) {
+    my $testfile;
+    my $dir;
+
+    if (-d $testfilename) {
+	$dir = $testfilename;
+    } elsif (-f $testfilename) {
+	$dir = dirname($testfilename);
+	$testfile = basename($testfilename);
+    } else {
+	die "no such file/dir '$testfilename'\n"; 
+    }
+
+    run_tests($vmdata, $dir, $testfile, $testid);
+
+} else { 
+    foreach my $dir (<test-*>) {
+	next if ! -d $dir;
+	run_tests($vmdata, $dir);
+    }
 }
 
 print "OK - all tests passed\n";