2020-11-09 05:23:58 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
2015-01-13 13:44:30 +01:00
|
|
|
|
2015-06-15 13:50:43 +02:00
|
|
|
#include "firewall-util.h"
|
2015-11-16 22:09:36 +01:00
|
|
|
#include "log.h"
|
2018-09-13 14:31:13 +02:00
|
|
|
#include "tests.h"
|
2015-01-13 13:44:30 +01:00
|
|
|
|
|
|
|
#define MAKE_IN_ADDR_UNION(a,b,c,d) (union in_addr_union) { .in.s_addr = htobe32((uint32_t) (a) << 24 | (uint32_t) (b) << 16 | (uint32_t) (c) << 8 | (uint32_t) (d))}
|
|
|
|
|
|
|
|
int main(int argc, char *argv[]) {
|
2020-09-15 19:58:44 +02:00
|
|
|
_cleanup_(fw_ctx_freep) FirewallContext *ctx;
|
2015-01-13 13:44:30 +01:00
|
|
|
int r;
|
2018-09-13 14:31:13 +02:00
|
|
|
test_setup_logging(LOG_DEBUG);
|
2020-06-24 11:55:14 +02:00
|
|
|
uint8_t prefixlen = 32;
|
2015-01-13 13:44:30 +01:00
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_ctx_new(&ctx);
|
|
|
|
if (r < 0)
|
|
|
|
return log_error_errno(r, "Failed to init firewall: %m");
|
|
|
|
|
|
|
|
r = fw_add_masquerade(&ctx, true, AF_INET, NULL, 0);
|
2020-06-24 11:55:14 +02:00
|
|
|
if (r == 0)
|
|
|
|
log_error("Expected failure: NULL source");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_masquerade(&ctx, true, AF_INET, &MAKE_IN_ADDR_UNION(10,1,2,0), 0);
|
2020-06-24 11:55:14 +02:00
|
|
|
if (r == 0)
|
|
|
|
log_error("Expected failure: 0 prefixlen");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_masquerade(&ctx, true, AF_INET, &MAKE_IN_ADDR_UNION(10,1,2,3), prefixlen);
|
2015-01-13 13:44:30 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
2020-06-24 11:55:14 +02:00
|
|
|
prefixlen = 28;
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_masquerade(&ctx, true, AF_INET, &MAKE_IN_ADDR_UNION(10,0,2,0), prefixlen);
|
2020-06-24 11:55:14 +02:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_masquerade(&ctx, false, AF_INET, &MAKE_IN_ADDR_UNION(10,0,2,0), prefixlen);
|
2015-01-13 13:44:30 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_masquerade(&ctx, false, AF_INET, &MAKE_IN_ADDR_UNION(10,1,2,3), 32);
|
2015-01-13 13:44:30 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_local_dnat(&ctx, true, AF_INET, IPPROTO_TCP, 4711, &MAKE_IN_ADDR_UNION(1, 2, 3, 4), 815, NULL);
|
2015-01-13 13:44:30 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_local_dnat(&ctx, true, AF_INET, IPPROTO_TCP, 4711, &MAKE_IN_ADDR_UNION(1, 2, 3, 4), 815, NULL);
|
2015-01-13 13:44:30 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_local_dnat(&ctx, true, AF_INET, IPPROTO_TCP, 4711, &MAKE_IN_ADDR_UNION(1, 2, 3, 5), 815, &MAKE_IN_ADDR_UNION(1, 2, 3, 4));
|
2015-01-13 13:44:30 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
2020-09-15 19:58:44 +02:00
|
|
|
r = fw_add_local_dnat(&ctx, false, AF_INET, IPPROTO_TCP, 4711, &MAKE_IN_ADDR_UNION(1, 2, 3, 5), 815, NULL);
|
2015-01-13 13:44:30 +01:00
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to modify firewall: %m");
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|