static int testFirewallSingleGroup(const void *opaque) { virBuffer cmdbuf = VIR_BUFFER_INITIALIZER; virFirewallPtr fw = NULL; int ret = -1; const char *actual = NULL; const char *expected = IPTABLES_PATH " -A INPUT --source-host 192.168.122.1 --jump ACCEPT\n" IPTABLES_PATH " -A INPUT --source-host '!192.168.122.1' --jump REJECT\n"; const struct testFirewallData *data = opaque; fwDisabled = data->fwDisabled; if (virFirewallSetBackend(data->tryBackend) < 0) goto cleanup; if (data->expectBackend == VIR_FIREWALL_BACKEND_DIRECT) virCommandSetDryRun(&cmdbuf, NULL, NULL); else fwBuf = &cmdbuf; fw = virFirewallNew(); virFirewallStartTransaction(fw, 0); virFirewallAddRule(fw, VIR_FIREWALL_LAYER_IPV4, "-A", "INPUT", "--source-host", "192.168.122.1", "--jump", "ACCEPT", NULL); virFirewallAddRule(fw, VIR_FIREWALL_LAYER_IPV4, "-A", "INPUT", "--source-host", "!192.168.122.1", "--jump", "REJECT", NULL); if (virFirewallApply(fw) < 0) goto cleanup; if (virBufferError(&cmdbuf)) goto cleanup; actual = virBufferCurrentContent(&cmdbuf); if (STRNEQ_NULLABLE(expected, actual)) { fprintf(stderr, "Unexected command execution\n"); virTestDifference(stderr, expected, actual); goto cleanup; } ret = 0; cleanup: virBufferFreeAndReset(&cmdbuf); fwBuf = NULL; virCommandSetDryRun(NULL, NULL, NULL); virFirewallFree(fw); return ret; }
static int testCompareXMLToArgvFiles(const char *xml, const char *cmdline) { char *actualargv = NULL; virBuffer buf = VIR_BUFFER_INITIALIZER; virNWFilterHashTablePtr vars = virNWFilterHashTableCreate(0); virNWFilterInst inst; int ret = -1; memset(&inst, 0, sizeof(inst)); virCommandSetDryRun(&buf, NULL, NULL); if (!vars) goto cleanup; if (testSetDefaultParameters(vars) < 0) goto cleanup; if (virNWFilterDefToInst(xml, vars, &inst) < 0) goto cleanup; if (ebiptables_driver.applyNewRules("vnet0", inst.rules, inst.nrules) < 0) goto cleanup; if (virBufferError(&buf)) goto cleanup; actualargv = virBufferContentAndReset(&buf); virTestClearCommandPath(actualargv); virCommandSetDryRun(NULL, NULL, NULL); testRemoveCommonRules(actualargv); if (virTestCompareToFile(actualargv, cmdline) < 0) goto cleanup; ret = 0; cleanup: virBufferFreeAndReset(&buf); VIR_FREE(actualargv); virNWFilterInstReset(&inst); virNWFilterHashTableFree(vars); return ret; }
static int testVirNetDevBandwidthSet(const void *data) { int ret = -1; const struct testSetStruct *info = data; const char *iface = info->iface; virNetDevBandwidthPtr band = NULL; virBuffer buf = VIR_BUFFER_INITIALIZER; char *actual_cmd = NULL; PARSE(info->band, band); if (!iface) iface = "eth0"; virCommandSetDryRun(&buf, NULL, NULL); if (virNetDevBandwidthSet(iface, band, info->hierarchical_class) < 0) goto cleanup; if (!(actual_cmd = virBufferContentAndReset(&buf))) { int err = virBufferError(&buf); if (err) { fprintf(stderr, "buffer's in error state: %d", err); goto cleanup; } /* This is interesting, no command has been executed. * Maybe that's expected, actually. */ } if (STRNEQ_NULLABLE(info->exp_cmd, actual_cmd)) { virTestDifference(stderr, NULLSTR(info->exp_cmd), NULLSTR(actual_cmd)); goto cleanup; } ret = 0; cleanup: virCommandSetDryRun(NULL, NULL, NULL); virNetDevBandwidthFree(band); virBufferFreeAndReset(&buf); VIR_FREE(actual_cmd); return ret; }
static int testCompareXMLToArgvFiles(const char *xml, const char *cmdline) { char *expectargv = NULL; char *actualargv = NULL; virBuffer buf = VIR_BUFFER_INITIALIZER; virNetworkDefPtr def = NULL; int ret = -1; virCommandSetDryRun(&buf, NULL, NULL); if (!(def = virNetworkDefParseFile(xml))) goto cleanup; if (networkAddFirewallRules(def) < 0) goto cleanup; if (virBufferError(&buf)) goto cleanup; actualargv = virBufferContentAndReset(&buf); virTestClearCommandPath(actualargv); virCommandSetDryRun(NULL, NULL, NULL); if (virTestCompareToFile(actualargv, cmdline) < 0) goto cleanup; ret = 0; cleanup: virBufferFreeAndReset(&buf); VIR_FREE(expectargv); VIR_FREE(actualargv); virNetworkDefFree(def); return ret; }