|
@@ -11,6 +11,7 @@ class TestIptables(infra.basetest.BRTest):
|
|
|
"""
|
|
"""
|
|
|
BR2_aarch64=y
|
|
BR2_aarch64=y
|
|
|
BR2_TOOLCHAIN_EXTERNAL=y
|
|
BR2_TOOLCHAIN_EXTERNAL=y
|
|
|
|
|
+ BR2_INIT_BUSYBOX=y
|
|
|
BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
|
|
BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
|
|
|
BR2_LINUX_KERNEL=y
|
|
BR2_LINUX_KERNEL=y
|
|
|
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
|
|
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
|
|
@@ -70,9 +71,26 @@ class TestIptables(infra.basetest.BRTest):
|
|
|
_, exit_code = self.emulator.run(ping_test_cmd)
|
|
_, exit_code = self.emulator.run(ping_test_cmd)
|
|
|
self.assertNotEqual(exit_code, 0)
|
|
self.assertNotEqual(exit_code, 0)
|
|
|
|
|
|
|
|
|
|
+ # Save the current rules to test the init script later.
|
|
|
|
|
+ self.assertRunOk("/etc/init.d/S35iptables save")
|
|
|
|
|
+
|
|
|
# We delete our only rule #1 in the INPUT chain.
|
|
# We delete our only rule #1 in the INPUT chain.
|
|
|
self.assertRunOk("iptables --delete INPUT 1")
|
|
self.assertRunOk("iptables --delete INPUT 1")
|
|
|
|
|
|
|
|
# Since we deleted the rule, the ping test command which was
|
|
# Since we deleted the rule, the ping test command which was
|
|
|
# supposed to fail earlier is now supposed to succeed.
|
|
# supposed to fail earlier is now supposed to succeed.
|
|
|
self.assertRunOk(ping_test_cmd)
|
|
self.assertRunOk(ping_test_cmd)
|
|
|
|
|
+
|
|
|
|
|
+ # Load the rules as saved before.
|
|
|
|
|
+ self.assertRunOk("/etc/init.d/S35iptables start")
|
|
|
|
|
+
|
|
|
|
|
+ # Ping to 127.0.0.2 is expected to fail again.
|
|
|
|
|
+ _, exit_code = self.emulator.run(ping_test_cmd)
|
|
|
|
|
+ self.assertNotEqual(exit_code, 0)
|
|
|
|
|
+
|
|
|
|
|
+ # And flush the rules again.
|
|
|
|
|
+ self.assertRunOk("/etc/init.d/S35iptables stop")
|
|
|
|
|
+
|
|
|
|
|
+ # Since we deleted the rule, the ping test command which was
|
|
|
|
|
+ # supposed to fail earlier is now supposed to succeed.
|
|
|
|
|
+ self.assertRunOk(ping_test_cmd)
|
Fiona Klute (WIWA)