static int
testFirewallSingleGroup(const void *opaque)
{
virBuffer cmdbuf = VIR_BUFFER_INITIALIZER;
virFirewallPtr fw = NULL;
int ret = -1;
const char *actual = NULL;
const char *expected =
IPTABLES_PATH " -A INPUT --source-host 192.168.122.1 --jump ACCEPT\n"
IPTABLES_PATH " -A INPUT --source-host '!192.168.122.1' --jump REJECT\n";
const struct testFirewallData *data = opaque;
fwDisabled = data->fwDisabled;
if (virFirewallSetBackend(data->tryBackend) < 0)
goto cleanup;
if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT)
virCommandSetDryRun(&cmdbuf, NULL, NULL);
else
fwBuf = &cmdbuf;
fw = virFirewallNew();
virFirewallStartTransaction(fw, 0);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_IPV4,
"-A", "INPUT",
"--source-host", "192.168.122.1",
"--jump", "ACCEPT", NULL);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_IPV4,
"-A", "INPUT",
"--source-host", "!192.168.122.1",
"--jump", "REJECT", NULL);
if (virFirewallApply(fw) < 0)
goto cleanup;
if (virBufferError(&cmdbuf))
goto cleanup;
actual = virBufferCurrentContent(&cmdbuf);
if (STRNEQ_NULLABLE(expected, actual)) {
fprintf(stderr, "Unexected command execution\n");
virTestDifference(stderr, expected, actual);
goto cleanup;
}
ret = 0;
cleanup:
virBufferFreeAndReset(&cmdbuf);
fwBuf = NULL;
virCommandSetDryRun(NULL, NULL, NULL);
virFirewallFree(fw);
return ret;
}
static int testCompareXMLToArgvFiles(const char *xml,
const char *cmdline)
{
char *actualargv = NULL;
virBuffer buf = VIR_BUFFER_INITIALIZER;
virNWFilterHashTablePtr vars = virNWFilterHashTableCreate(0);
virNWFilterInst inst;
int ret = -1;
memset(&inst, 0, sizeof(inst));
virCommandSetDryRun(&buf, NULL, NULL);
if (!vars)
goto cleanup;
if (testSetDefaultParameters(vars) < 0)
goto cleanup;
if (virNWFilterDefToInst(xml,
vars,
&inst) < 0)
goto cleanup;
if (ebiptables_driver.applyNewRules("vnet0", inst.rules, inst.nrules) < 0)
goto cleanup;
if (virBufferError(&buf))
goto cleanup;
actualargv = virBufferContentAndReset(&buf);
virTestClearCommandPath(actualargv);
virCommandSetDryRun(NULL, NULL, NULL);
testRemoveCommonRules(actualargv);
if (virTestCompareToFile(actualargv, cmdline) < 0)
goto cleanup;
ret = 0;
cleanup:
virBufferFreeAndReset(&buf);
VIR_FREE(actualargv);
virNWFilterInstReset(&inst);
virNWFilterHashTableFree(vars);
return ret;
}
static int
testVirNetDevBandwidthSet(const void *data)
{
int ret = -1;
const struct testSetStruct *info = data;
const char *iface = info->iface;
virNetDevBandwidthPtr band = NULL;
virBuffer buf = VIR_BUFFER_INITIALIZER;
char *actual_cmd = NULL;
PARSE(info->band, band);
if (!iface)
iface = "eth0";
virCommandSetDryRun(&buf, NULL, NULL);
if (virNetDevBandwidthSet(iface, band, info->hierarchical_class) < 0)
goto cleanup;
if (!(actual_cmd = virBufferContentAndReset(&buf))) {
int err = virBufferError(&buf);
if (err) {
fprintf(stderr, "buffer's in error state: %d", err);
goto cleanup;
}
/* This is interesting, no command has been executed.
* Maybe that's expected, actually. */
}
if (STRNEQ_NULLABLE(info->exp_cmd, actual_cmd)) {
virTestDifference(stderr,
NULLSTR(info->exp_cmd),
NULLSTR(actual_cmd));
goto cleanup;
}
ret = 0;
cleanup:
virCommandSetDryRun(NULL, NULL, NULL);
virNetDevBandwidthFree(band);
virBufferFreeAndReset(&buf);
VIR_FREE(actual_cmd);
return ret;
}
static int testCompareXMLToArgvFiles(const char *xml,
const char *cmdline)
{
char *expectargv = NULL;
char *actualargv = NULL;
virBuffer buf = VIR_BUFFER_INITIALIZER;
virNetworkDefPtr def = NULL;
int ret = -1;
virCommandSetDryRun(&buf, NULL, NULL);
if (!(def = virNetworkDefParseFile(xml)))
goto cleanup;
if (networkAddFirewallRules(def) < 0)
goto cleanup;
if (virBufferError(&buf))
goto cleanup;
actualargv = virBufferContentAndReset(&buf);
virTestClearCommandPath(actualargv);
virCommandSetDryRun(NULL, NULL, NULL);
if (virTestCompareToFile(actualargv, cmdline) < 0)
goto cleanup;
ret = 0;
cleanup:
virBufferFreeAndReset(&buf);
VIR_FREE(expectargv);
VIR_FREE(actualargv);
virNetworkDefFree(def);
return ret;
}
