summaryrefslogtreecommitdiff
path: root/tests/nfct
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2015-08-21 19:18:38 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2015-08-26 20:43:55 +0200
commitdd73ceecdbe87b6ecf9e96643cd5326e520d7a1c (patch)
treec4c3a7b933dde6bd9094abad606a9435256e383d /tests/nfct
parent1c36d487cda8d1bed799b4daa28c44aa7198bb31 (diff)
downloadconntrack-tools-dd73ceecdbe87b6ecf9e96643cd5326e520d7a1c.tar.gz
conntrack-tools-dd73ceecdbe87b6ecf9e96643cd5326e520d7a1c.zip
nfct: Update syntax to specify command before subsystem
This patch gets the nfct syntax in sync with nft so it looks like this: nfct <add|delete|...> object ... instead of: nfct object <add|delete|...> ... This patch retains backward compatibility so you can still use the old syntax. The manpage and tests have been also updated to promote the adoption of this syntax. We should have little existing clients of this tool as we can only use this to configure the cttimeout and cthelper infrastructures. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/nfct')
-rw-r--r--tests/nfct/test-live.sh14
-rw-r--r--tests/nfct/timeout/00tcp16
-rw-r--r--tests/nfct/timeout/01udp16
-rw-r--r--tests/nfct/timeout/02generic16
-rw-r--r--tests/nfct/timeout/03udplite16
-rw-r--r--tests/nfct/timeout/04icmp16
-rw-r--r--tests/nfct/timeout/05icmpv616
-rw-r--r--tests/nfct/timeout/06sctp16
-rw-r--r--tests/nfct/timeout/07dccp16
-rw-r--r--tests/nfct/timeout/08gre16
10 files changed, 79 insertions, 79 deletions
diff --git a/tests/nfct/test-live.sh b/tests/nfct/test-live.sh
index c338e63..2257087 100644
--- a/tests/nfct/test-live.sh
+++ b/tests/nfct/test-live.sh
@@ -6,7 +6,7 @@
WAIT_BETWEEN_TESTS=10
# flush cttimeout table
-nfct timeout flush
+nfct flush timeout
# flush the conntrack table
conntrack -F
@@ -19,7 +19,7 @@ echo "---- test no. 1 ----"
conntrack -E -p 13 &
-nfct timeout add test-generic inet generic timeout 100
+nfct add timeout test-generic inet generic timeout 100
iptables -I OUTPUT -t raw -p all -j CT --timeout test-generic
hping3 -c 1 -V -I eth0 -0 8.8.8.8 -H 13
@@ -30,7 +30,7 @@ echo "---- end test no. 1 ----"
sleep $WAIT_BETWEEN_TESTS
iptables -D OUTPUT -t raw -p all -j CT --timeout test-generic
-nfct timeout del test-generic
+nfct del timeout test-generic
#
# No.2: test TCP timeout policy
@@ -40,14 +40,14 @@ echo "---- test no. 2 ----"
conntrack -E -p tcp &
-nfct timeout add test-tcp inet tcp syn_sent 100
+nfct add timeout test-tcp inet tcp syn_sent 100
iptables -I OUTPUT -t raw -p tcp -j CT --timeout test-tcp
hping3 -V -S -p 80 -s 5050 8.8.8.8 -c 1
sleep $WAIT_BETWEEN_TESTS
iptables -D OUTPUT -t raw -p tcp -j CT --timeout test-tcp
-nfct timeout del test-tcp
+nfct del timeout test-tcp
killall -15 conntrack
@@ -61,12 +61,12 @@ echo "---- test no. 3 ----"
conntrack -E -p icmp &
-nfct timeout add test-icmp inet icmp timeout 50
+nfct add timeout test-icmp inet icmp timeout 50
iptables -I OUTPUT -t raw -p icmp -j CT --timeout test-icmp
hping3 -1 8.8.8.8 -c 2
iptables -D OUTPUT -t raw -p icmp -j CT --timeout test-icmp
-nfct timeout del test-icmp
+nfct del timeout test-icmp
killall -15 conntrack
diff --git a/tests/nfct/timeout/00tcp b/tests/nfct/timeout/00tcp
index c9d7d24..ab2e6fc 100644
--- a/tests/nfct/timeout/00tcp
+++ b/tests/nfct/timeout/00tcp
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet tcp established 100 ; OK
+nfct add timeout test inet tcp established 100 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet tcp syn_sent 1 syn_recv 2 established 3 fin_wait 4 close_wait 5 last_ack 6 time_wait 7 close 8 syn_sent2 9 retrans 10 unacknowledged 11 ; OK
+nfct add timeout test inet tcp syn_sent 1 syn_recv 2 established 3 fin_wait 4 close_wait 5 last_ack 6 time_wait 7 close 8 syn_sent2 9 retrans 10 unacknowledged 11 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/01udp b/tests/nfct/timeout/01udp
index 952526c..f8097d6 100644
--- a/tests/nfct/timeout/01udp
+++ b/tests/nfct/timeout/01udp
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet udp unreplied 10 ; OK
+nfct add timeout test inet udp unreplied 10 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet udp unreplied 1 replied 2 ; OK
+nfct add timeout test inet udp unreplied 1 replied 2 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/02generic b/tests/nfct/timeout/02generic
index b6ca699..ffba138 100644
--- a/tests/nfct/timeout/02generic
+++ b/tests/nfct/timeout/02generic
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet generic timeout 10 ; OK
+nfct add timeout test inet generic timeout 10 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet generic timeout 1 ; OK
+nfct add timeout test inet generic timeout 1 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/03udplite b/tests/nfct/timeout/03udplite
index 69dda15..8ed3459 100644
--- a/tests/nfct/timeout/03udplite
+++ b/tests/nfct/timeout/03udplite
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet udplite unreplied 10 ; OK
+nfct add timeout test inet udplite unreplied 10 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet udplite unreplied 1 replied 2 ; OK
+nfct add timeout test inet udplite unreplied 1 replied 2 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/04icmp b/tests/nfct/timeout/04icmp
index 606e8b9..edb1c99 100644
--- a/tests/nfct/timeout/04icmp
+++ b/tests/nfct/timeout/04icmp
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet icmp timeout 10 ; OK
+nfct add timeout test inet icmp timeout 10 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet icmp timeout 1 ; OK
+nfct add timeout test inet icmp timeout 1 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/05icmpv6 b/tests/nfct/timeout/05icmpv6
index 16541f5..40ccc49 100644
--- a/tests/nfct/timeout/05icmpv6
+++ b/tests/nfct/timeout/05icmpv6
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet6 icmpv6 timeout 10 ; OK
+nfct add timeout test inet6 icmpv6 timeout 10 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet6 icmpv6 timeout 1 ; OK
+nfct add timeout test inet6 icmpv6 timeout 1 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/06sctp b/tests/nfct/timeout/06sctp
index f475215..62b44c6 100644
--- a/tests/nfct/timeout/06sctp
+++ b/tests/nfct/timeout/06sctp
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet sctp established 100 ; OK
+nfct add timeout test inet sctp established 100 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet sctp closed 1 cookie_wait 2 cookie_echoed 3 established 4 shutdown_sent 5 shutdown_recd 6 shutdown_ack_sent 7 ; OK
+nfct add timeout test inet sctp closed 1 cookie_wait 2 cookie_echoed 3 established 4 shutdown_sent 5 shutdown_recd 6 shutdown_ack_sent 7 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/07dccp b/tests/nfct/timeout/07dccp
index 1bd4fa5..1d88585 100644
--- a/tests/nfct/timeout/07dccp
+++ b/tests/nfct/timeout/07dccp
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet dccp request 100 ; OK
+nfct add timeout test inet dccp request 100 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet dccp request 1 respond 2 partopen 3 open 4 closereq 5 closing 6 timewait 7 ; OK
+nfct add timeout test inet dccp request 1 respond 2 partopen 3 open 4 closereq 5 closing 6 timewait 7 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
diff --git a/tests/nfct/timeout/08gre b/tests/nfct/timeout/08gre
index 7ef4bdb..709b943 100644
--- a/tests/nfct/timeout/08gre
+++ b/tests/nfct/timeout/08gre
@@ -1,16 +1,16 @@
# add policy object `test'
-nfct timeout add test inet gre unreplied 10 ; OK
+nfct add timeout test inet gre unreplied 10 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK
# get unexistent policy object `dummy'
-nfct timeout get test ; BAD
+nfct get timeout test ; BAD
# delete policy object `test', however, it does not exists anymore
-nfct timeout delete test ; BAD
+nfct delete timeout test ; BAD
# add policy object `test'
-nfct timeout add test inet gre unreplied 1 replied 2 ; OK
+nfct add timeout test inet gre unreplied 1 replied 2 ; OK
# get policy object `test'
-nfct timeout get test ; OK
+nfct get timeout test ; OK
# delete policy object `test'
-nfct timeout delete test ; OK
+nfct delete timeout test ; OK