summaryrefslogtreecommitdiff
path: root/test.sh
diff options
context:
space:
mode:
author/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org>2005-05-01 23:19:42 +0000
committer/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org>2005-05-01 23:19:42 +0000
commitd894e26211f38db37015850afab6b7331edeecdb (patch)
tree27f9eb6baebd2fc2c5b54c97b4775797b69e43ba /test.sh
parent21ed4ac1f957f1e4d7be195a98fb235de13ede21 (diff)
downloadconntrack-tools-d894e26211f38db37015850afab6b7331edeecdb.tar.gz
conntrack-tools-d894e26211f38db37015850afab6b7331edeecdb.zip
o Created changelog file
o Deleted libctnetlink.h and libnfnetlink.h from the include/ dir. o Added support for version (-V) and help (-h) o Added event mask based support o Added GPLv2 headers o Use fprintf instead of printf o Defined print_tuple and print_proto output interfaces o ctnl_[get|del]_conntrack handles return value from kernel via msgerr o Added support for conntrack table flushing o Added test case file (test.sh) o Improve dump output o Autoconf stuff for conntrack + some pablo's modifications. o Fixed packet counters formatting (use %llu instead of %lu)
Diffstat (limited to 'test.sh')
-rw-r--r--test.sh67
1 files changed, 67 insertions, 0 deletions
diff --git a/test.sh b/test.sh
new file mode 100644
index 0000000..dd67a83
--- /dev/null
+++ b/test.sh
@@ -0,0 +1,67 @@
+CONNTRACK=conntrack
+
+SRC=1.1.1.1
+DST=2.2.2.2
+SPORT=1980
+DPORT=2005
+
+case $1 in
+ dump)
+ # Setting dump mask
+ echo "dump mask set to TUPLE"
+ $CONNTRACK -A -m TUPLE
+ $CONNTRACK -L
+ echo "Press any key to continue..."
+ read
+ echo "dump mask set to TUPLE,COUNTERS"
+ $CONNTRACK -A -m TUPLE,COUNTERS
+ $CONNTRACK -L
+ echo "Press any key to continue..."
+ read
+ echo "dump mask set to ALL"
+ $CONNTRACK -A -m ALL
+ $CONNTRACK -L
+ echo "Press any key to continue..."
+ read
+ ;;
+ new)
+ echo "creating a new conntrack"
+ $CONNTRACK -I --orig-src $SRC --orig-dst $DST \
+ --reply-src $DST --reply-dst $SRC -p tcp \
+ --orig-port-src $SPORT --orig-port-dst $DPORT \
+ --reply-port-src $DPORT --reply-port-dst $SPORT \
+ --state LISTEN -u SEEN_REPLY -t 50
+ ;;
+
+ change)
+ echo "change a conntrack"
+ $CONNTRACK -I --orig-src $SRC --orig-dst $DST \
+ --reply-src $DST --reply-dst $SRC -p tcp \
+ --orig-port-src $SPORT --orig-port-dst $DPORT \
+ --reply-port-src $DPORT --reply-port-dst $SPORT \
+ --state TIME_WAIT -u ASSURED -t 500
+ ;;
+ delete)
+ # 66.111.58.52 dst=85.136.125.64 sport=22 dport=60239
+ $CONNTRACK -D conntrack --orig-src 66.111.58.1 \
+ --orig-dst 85.136.125.64 -p tcp --orig-port-src 22 \
+ --orig-port-dst 60239
+ ;;
+ output)
+ proc=$(cat /proc/net/ip_conntrack | wc -l)
+ netl=$($CONNTRACK -L | wc -l)
+ count=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count)
+ if [ $proc -ne $netl ]; then
+ echo "proc is $proc and netl is $netl and count is $count"
+ else
+ if [ $proc -ne $count ]; then
+ echo "proc is $proc and netl is $netl and count is $count"
+ else
+ echo "now $proc"
+ fi
+ fi
+ ;;
+ *)
+ echo "Usage: $0 [dump|new|change|delete|output]"
+ ;;
+esac