forked from google/nftables
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathset_test.go
135 lines (128 loc) · 3.44 KB
/
set_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
package nftables
import (
"reflect"
"testing"
)
func genSetKeyType(types ...uint32) uint32 {
c := types[0]
for i := 1; i < len(types); i++ {
c = c<<SetConcatTypeBits | types[i]
}
return c
}
func TestValidateNFTMagic(t *testing.T) {
t.Parallel()
tests := []struct {
name string
nftMagicPacked uint32
pass bool
invalid []uint32
}{
{
name: "Single valid nftMagic",
nftMagicPacked: genSetKeyType(7),
pass: true,
invalid: nil,
},
{
name: "Single invalid nftMagic",
nftMagicPacked: genSetKeyType(25),
pass: false,
invalid: []uint32{25},
},
{
name: "Multiple valid nftMagic",
nftMagicPacked: genSetKeyType(7, 13),
pass: true,
invalid: nil,
},
{
name: "Multiple nftMagic with 1 invalid",
nftMagicPacked: genSetKeyType(7, 13, 25),
pass: false,
invalid: []uint32{25},
},
{
name: "Multiple nftMagic with 2 invalid",
nftMagicPacked: genSetKeyType(7, 13, 25, 26),
pass: false,
invalid: []uint32{26, 25},
// Invalid entries will appear in reverse order
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
invalid, pass := validateKeyType(tt.nftMagicPacked)
if pass && !tt.pass {
t.Fatalf("expected to fail but succeeded")
}
if !pass && tt.pass {
t.Fatalf("expected to succeed but failed with invalid nftMagic: %+v", invalid)
}
if !reflect.DeepEqual(tt.invalid, invalid) {
t.Fatalf("Expected invalid: %+v but got: %+v", tt.invalid, invalid)
}
})
}
}
func TestConcatSetType(t *testing.T) {
t.Parallel()
tests := []struct {
name string
types []SetDatatype
err error
concatName string
concatBytes uint32
concatMagic uint32
}{
{
name: "Concatenate six (too many) IPv4s",
types: []SetDatatype{TypeIPAddr, TypeIPAddr, TypeIPAddr, TypeIPAddr, TypeIPAddr, TypeIPAddr},
err: ErrTooManyTypes,
},
{
name: "Concatenate five IPv4s",
types: []SetDatatype{TypeIPAddr, TypeIPAddr, TypeIPAddr, TypeIPAddr, TypeIPAddr},
err: nil,
concatName: "ipv4_addr . ipv4_addr . ipv4_addr . ipv4_addr . ipv4_addr",
concatBytes: 20,
concatMagic: 0x071c71c7,
},
{
name: "Concatenate IPv6 and port",
types: []SetDatatype{TypeIP6Addr, TypeInetService},
err: nil,
concatName: "ipv6_addr . inet_service",
concatBytes: 20,
concatMagic: 0x0000020d,
},
{
name: "Concatenate protocol and port",
types: []SetDatatype{TypeInetProto, TypeInetService},
err: nil,
concatName: "inet_proto . inet_service",
concatBytes: 8,
concatMagic: 0x0000030d,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
concat, err := ConcatSetType(tt.types...)
if tt.err != err {
t.Errorf("ConcatSetType() returned an incorrect error: expected %v but got %v", tt.err, err)
}
if err != nil {
return
}
if tt.concatName != concat.Name {
t.Errorf("invalid concatinated name: expceted %s but got %s", tt.concatName, concat.Name)
}
if tt.concatBytes != concat.Bytes {
t.Errorf("invalid concatinated number of bytes: expceted %d but got %d", tt.concatBytes, concat.Bytes)
}
if tt.concatMagic != concat.nftMagic {
t.Errorf("invalid concatinated magic: expceted %08x but got %08x", tt.concatMagic, concat.nftMagic)
}
})
}
}