use warnings;
use Data::Dumper;
use PVE::Firewall;
+use Getopt::Long;
+use File::Basename;
my $mark;
my $trace;
my $debug = 0;
+sub print_usage_and_exit {
+ die "usage: $0 [--debug] [testfile [testid]]\n";
+}
+
+if (!GetOptions ('debug' => \$debug)) {
+ print_usage_and_exit();
+}
+
+my $testfilename = shift;
+my $testid = shift;
+
sub add_trace {
my ($text) = @_;
my $from = delete $test->{from} || die "missing 'from' field";
my $to = delete $test->{to} || die "missing 'to' field";
my $action = delete $test->{action} || die "missing 'action'";
-
+
+ my $testid = delete $test->{id};
+
die "from/to needs to be different" if $from eq $to;
my $pkg = {
proto => 'tcp',
- sport => '1234',
- dport => '4321',
- source => '10.11.12.13',
- dest => '10.11.12.14',
+ sport => undef,
+ dport => undef,
+ source => undef,
+ dest => undef,
};
while (my ($k,$v) = each %$test) {
+ die "unknown attribute '$k'\n" if !exists($pkg->{$k});
$pkg->{$k} = $v;
}
}
sub run_tests {
- my ($vmdata, $testdir) = @_;
+ my ($vmdata, $testdir, $testfile, $testid) = @_;
+
+ $testfile = 'tests' if !$testfile;
$vmdata->{testdir} = $testdir;
my ($ruleset, $ipset_ruleset) =
PVE::Firewall::compile(undef, undef, $vmdata);
- my $testfile = "$testdir/tests";
- my $fh = IO::File->new($testfile) ||
- die "unable to open '$testfile' - $!\n";
+ my $filename = "$testdir/$testfile";
+ my $fh = IO::File->new($filename) ||
+ die "unable to open '$filename' - $!\n";
+ my $testcount = 0;
while (defined(my $line = <$fh>)) {
next if $line =~ m/^\s*$/;
next if $line =~ m/^#.*$/;
if ($line =~ m/^\{.*\}\s*$/) {
my $test = eval $line;
die $@ if $@;
+ next if defined($testid) && (!defined($test->{id}) || ($testid ne $test->{id}));
$trace = '';
print Dumper($ruleset) if $debug;
+ $testcount++;
eval { simulate_firewall($ruleset, $ipset_ruleset, $vmdata, $test); };
if (my $err = $@) {
print "$trace\n" if !$debug;
- print "$testfile line $.: $line";
+ print "$filename line $.: $line";
print "test failed: $err\n";
}
}
- print "PASS: $testfile\n";
+ die "no tests found\n" if $testcount <= 0;
+
+ print "PASS: $filename\n";
return undef;
}
},
};
-foreach my $dir (<test-*>) {
- next if ! -d $dir;
- run_tests($vmdata, $dir);
+if ($testfilename) {
+ my $testfile;
+ my $dir;
+
+ if (-d $testfilename) {
+ $dir = $testfilename;
+ } elsif (-f $testfilename) {
+ $dir = dirname($testfilename);
+ $testfile = basename($testfilename);
+ } else {
+ die "no such file/dir '$testfilename'\n";
+ }
+
+ run_tests($vmdata, $dir, $testfile, $testid);
+
+} else {
+ foreach my $dir (<test-*>) {
+ next if ! -d $dir;
+ run_tests($vmdata, $dir);
+ }
}
print "OK - all tests passed\n";