* Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override [not found] ` <20190219193953.29066-4-phil@nwl.cc> @ 2019-03-01 12:52 ` Pablo Neira Ayuso 2019-03-01 18:08 ` Phil Sutter 0 siblings, 1 reply; 13+ messages in thread From: Pablo Neira Ayuso @ 2019-03-01 12:52 UTC (permalink / raw) To: Phil Sutter; +Cc: netfilter-devel Hi Phil, On Tue, Feb 19, 2019 at 08:39:51PM +0100, Phil Sutter wrote: > Check for environment variable XT_CONNLABEL_CFG and if set use its value > as path to connlabel.conf. > > Signed-off-by: Phil Sutter <phil@nwl.cc> > --- > extensions/libxt_connlabel.c | 6 ++++-- > extensions/libxt_connlabel.man | 2 ++ > 2 files changed, 6 insertions(+), 2 deletions(-) > > diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c > index d06bb27a7c2e9..9a2f9ce34647e 100644 > --- a/extensions/libxt_connlabel.c > +++ b/extensions/libxt_connlabel.c > @@ -3,6 +3,7 @@ > #include <string.h> > #include <stdio.h> > #include <stdint.h> > +#include <stdlib.h> > #include <xtables.h> > #include <linux/netfilter/xt_connlabel.h> > #include <libnetfilter_conntrack/libnetfilter_conntrack.h> > @@ -39,11 +40,12 @@ static void connlabel_open(void) > if (map) > return; > > - map = nfct_labelmap_new(NULL); > + fname = getenv("XT_CONNLABEL_CFG") ?: nfct_labels_get_path(); Only one question about this one: Would you need anything similar for nft? If so, probably it's better to place this code in libnetfilter_conntrack. ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override 2019-03-01 12:52 ` [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override Pablo Neira Ayuso @ 2019-03-01 18:08 ` Phil Sutter 0 siblings, 0 replies; 13+ messages in thread From: Phil Sutter @ 2019-03-01 18:08 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: netfilter-devel Hi Pablo, On Fri, Mar 01, 2019 at 01:52:09PM +0100, Pablo Neira Ayuso wrote: > Hi Phil, > > On Tue, Feb 19, 2019 at 08:39:51PM +0100, Phil Sutter wrote: > > Check for environment variable XT_CONNLABEL_CFG and if set use its value > > as path to connlabel.conf. > > > > Signed-off-by: Phil Sutter <phil@nwl.cc> > > --- > > extensions/libxt_connlabel.c | 6 ++++-- > > extensions/libxt_connlabel.man | 2 ++ > > 2 files changed, 6 insertions(+), 2 deletions(-) > > > > diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c > > index d06bb27a7c2e9..9a2f9ce34647e 100644 > > --- a/extensions/libxt_connlabel.c > > +++ b/extensions/libxt_connlabel.c > > @@ -3,6 +3,7 @@ > > #include <string.h> > > #include <stdio.h> > > #include <stdint.h> > > +#include <stdlib.h> > > #include <xtables.h> > > #include <linux/netfilter/xt_connlabel.h> > > #include <libnetfilter_conntrack/libnetfilter_conntrack.h> > > @@ -39,11 +40,12 @@ static void connlabel_open(void) > > if (map) > > return; > > > > - map = nfct_labelmap_new(NULL); > > + fname = getenv("XT_CONNLABEL_CFG") ?: nfct_labels_get_path(); > > Only one question about this one: Would you need anything similar for > nft? If so, probably it's better to place this code in > libnetfilter_conntrack. I guess not: In nftables, /etc/connlabel.conf is manually parsed via call to rt_symbol_table_init(). So while I could add the above to libnetfilter_conntrack, it wouldn't affect nftables. Cheers, Phil ^ permalink raw reply [flat|nested] 13+ messages in thread
[parent not found: <20190219193953.29066-6-phil@nwl.cc>]
* Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf [not found] ` <20190219193953.29066-6-phil@nwl.cc> @ 2019-03-03 21:03 ` Florian Westphal 2019-03-04 12:43 ` Phil Sutter 0 siblings, 1 reply; 13+ messages in thread From: Florian Westphal @ 2019-03-03 21:03 UTC (permalink / raw) To: Phil Sutter; +Cc: Pablo Neira Ayuso, netfilter-devel Phil Sutter <phil@nwl.cc> wrote: Sorry for being late. > +@cp -f extensions/libxt_connlabel.conf.test extensions/libxt_connlabel.conf.tmp > -m connlabel --label "bit40";=;OK > -m connlabel ! --label "bit40";=;OK > -m connlabel --label "bit41" --set;=;OK > -m connlabel ! --label "bit41" --set;=;OK > -m connlabel --label "bit128";;FAIL Maybe we should forget about the label names and just tests -m connlabel --label 127 i.e., parse the numeric value instead of providing a fake one. I agree that temporary replace of hosts one is bad. ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf 2019-03-03 21:03 ` [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf Florian Westphal @ 2019-03-04 12:43 ` Phil Sutter 2019-03-04 13:07 ` Pablo Neira Ayuso 0 siblings, 1 reply; 13+ messages in thread From: Phil Sutter @ 2019-03-04 12:43 UTC (permalink / raw) To: Florian Westphal; +Cc: Pablo Neira Ayuso, netfilter-devel Hi, On Sun, Mar 03, 2019 at 10:03:02PM +0100, Florian Westphal wrote: > Phil Sutter <phil@nwl.cc> wrote: > > Sorry for being late. No worries, it is not urgent. > > +@cp -f extensions/libxt_connlabel.conf.test extensions/libxt_connlabel.conf.tmp > > -m connlabel --label "bit40";=;OK > > -m connlabel ! --label "bit40";=;OK > > -m connlabel --label "bit41" --set;=;OK > > -m connlabel ! --label "bit41" --set;=;OK > > -m connlabel --label "bit128";;FAIL > > Maybe we should forget about the label names and just tests > -m connlabel --label 127 > > i.e., parse the numeric value instead of providing a fake > one. I agree that temporary replace of hosts one is bad. Fine with me as well. Obviously this would reduce code coverage of tests, although not much since libnetfilter_conntrack is used for label map lookup. Cheers, Phil ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf 2019-03-04 12:43 ` Phil Sutter @ 2019-03-04 13:07 ` Pablo Neira Ayuso 2019-03-04 14:59 ` Phil Sutter 0 siblings, 1 reply; 13+ messages in thread From: Pablo Neira Ayuso @ 2019-03-04 13:07 UTC (permalink / raw) To: Phil Sutter, Florian Westphal, netfilter-devel On Mon, Mar 04, 2019 at 01:43:11PM +0100, Phil Sutter wrote: > Hi, > > On Sun, Mar 03, 2019 at 10:03:02PM +0100, Florian Westphal wrote: > > Phil Sutter <phil@nwl.cc> wrote: > > > > Sorry for being late. > > No worries, it is not urgent. > > > > +@cp -f extensions/libxt_connlabel.conf.test extensions/libxt_connlabel.conf.tmp > > > -m connlabel --label "bit40";=;OK > > > -m connlabel ! --label "bit40";=;OK > > > -m connlabel --label "bit41" --set;=;OK > > > -m connlabel ! --label "bit41" --set;=;OK > > > -m connlabel --label "bit128";;FAIL > > > > Maybe we should forget about the label names and just tests > > -m connlabel --label 127 > > > > i.e., parse the numeric value instead of providing a fake > > one. I agree that temporary replace of hosts one is bad. > > Fine with me as well. Obviously this would reduce code coverage of > tests, although not much since libnetfilter_conntrack is used for label > map lookup. We can probably place some mapping lookup tests for this in libnetfilter_conntrack. ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf 2019-03-04 13:07 ` Pablo Neira Ayuso @ 2019-03-04 14:59 ` Phil Sutter 2019-03-04 15:02 ` Florian Westphal 2019-03-08 18:12 ` [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf Pablo Neira Ayuso 0 siblings, 2 replies; 13+ messages in thread From: Phil Sutter @ 2019-03-04 14:59 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: Florian Westphal, netfilter-devel Hi, On Mon, Mar 04, 2019 at 02:07:55PM +0100, Pablo Neira Ayuso wrote: > On Mon, Mar 04, 2019 at 01:43:11PM +0100, Phil Sutter wrote: > > Hi, > > > > On Sun, Mar 03, 2019 at 10:03:02PM +0100, Florian Westphal wrote: > > > Phil Sutter <phil@nwl.cc> wrote: > > > > > > Sorry for being late. > > > > No worries, it is not urgent. > > > > > > +@cp -f extensions/libxt_connlabel.conf.test extensions/libxt_connlabel.conf.tmp > > > > -m connlabel --label "bit40";=;OK > > > > -m connlabel ! --label "bit40";=;OK > > > > -m connlabel --label "bit41" --set;=;OK > > > > -m connlabel ! --label "bit41" --set;=;OK > > > > -m connlabel --label "bit128";;FAIL > > > > > > Maybe we should forget about the label names and just tests > > > -m connlabel --label 127 > > > > > > i.e., parse the numeric value instead of providing a fake > > > one. I agree that temporary replace of hosts one is bad. > > > > Fine with me as well. Obviously this would reduce code coverage of > > tests, although not much since libnetfilter_conntrack is used for label > > map lookup. Argh. So I started with simply dropping all the connlabel.conf mangling in libxt_connlabel.t along with replacing the names by values. Turns out the extension exits if file wasn't found, no big deal changing that. Doing so I discovered that parsing bit values is done by nfct_labelmap_get_bit() as well but only if library initialization has succeeded. Fine, manual parsing as a fallback it is. Checking libnetfilter_conntrack once again to be sure, I noticed that it doesn't accept bit values unless they appear in connlabel.conf. Now I start changing functional behaviour and dropping label name test becomes a larger change than supporting connlabel.conf in non-standard path. /o\ > We can probably place some mapping lookup tests for this in > libnetfilter_conntrack. I just found the ominous "qa" directory in there, so I guess we're already fine in that regard. :) Cheers, Phil ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf 2019-03-04 14:59 ` Phil Sutter @ 2019-03-04 15:02 ` Florian Westphal 2019-03-04 15:53 ` [iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf Phil Sutter 2019-03-08 18:12 ` [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf Pablo Neira Ayuso 1 sibling, 1 reply; 13+ messages in thread From: Florian Westphal @ 2019-03-04 15:02 UTC (permalink / raw) To: Phil Sutter, Pablo Neira Ayuso, Florian Westphal, netfilter-devel Phil Sutter <phil@nwl.cc> wrote: > libnetfilter_conntrack once again to be sure, I noticed that it doesn't > accept bit values unless they appear in connlabel.conf. Now I start > changing functional behaviour and dropping label name test becomes a > larger change than supporting connlabel.conf in non-standard path. /o\ I think it would make sense to accept raw numbers as well as a fallback. We accept it from nftables, and IIRC the extension will print the raw hex value if it can't map it back to a name on -save. ^ permalink raw reply [flat|nested] 13+ messages in thread
* [iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf 2019-03-04 15:02 ` Florian Westphal @ 2019-03-04 15:53 ` Phil Sutter 2019-03-08 19:20 ` Florian Westphal 0 siblings, 1 reply; 13+ messages in thread From: Phil Sutter @ 2019-03-04 15:53 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: netfilter-devel, Florian Westphal If connlabel.conf was not found, fall back to manually parsing arguments as plain numbers. If nfct_labelmap_new() has failed, nfct_labelmap_get_name() segfaults. Therefore make sure it is not called in connlabel_get_name() if that's the case. Signed-off-by: Phil Sutter <phil@nwl.cc> --- This patch supersedes patches 3-5 of this series. --- extensions/libxt_connlabel.c | 49 ++++++++++++++++++++++++------- extensions/libxt_connlabel.t | 23 ++++----------- extensions/libxt_connlabel.txlate | 8 ++--- 3 files changed, 48 insertions(+), 32 deletions(-) diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c index d06bb27a7c2e9..5a01fe7237bd8 100644 --- a/extensions/libxt_connlabel.c +++ b/extensions/libxt_connlabel.c @@ -1,8 +1,10 @@ +#define _GNU_SOURCE #include <errno.h> #include <stdbool.h> #include <string.h> #include <stdio.h> #include <stdint.h> +#include <stdlib.h> #include <xtables.h> #include <linux/netfilter/xt_connlabel.h> #include <libnetfilter_conntrack/libnetfilter_conntrack.h> @@ -32,40 +34,59 @@ static const struct xt_option_entry connlabel_mt_opts[] = { /* cannot do this via _init, else static builds might spew error message * for every iptables invocation. */ -static void connlabel_open(void) +static int connlabel_open(void) { const char *fname; if (map) - return; + return 0; map = nfct_labelmap_new(NULL); if (map != NULL) - return; + return 0; fname = nfct_labels_get_path(); if (errno) { - xtables_error(RESOURCE_PROBLEM, - "cannot open %s: %s", fname, strerror(errno)); + fprintf(stderr, "Warning: cannot open %s: %s\n", + fname, strerror(errno)); } else { xtables_error(RESOURCE_PROBLEM, "cannot parse %s: no labels found", fname); } + return 1; +} + +static int connlabel_value_parse(const char *in) +{ + char *end; + unsigned long value = strtoul(in, &end, 0); + + if (in[0] == '\0' || *end != '\0') + return -1; + + return value; } static void connlabel_mt_parse(struct xt_option_call *cb) { struct xt_connlabel_mtinfo *info = cb->data; + bool have_labelmap = !connlabel_open(); int tmp; - connlabel_open(); xtables_option_parse(cb); switch (cb->entry->id) { case O_LABEL: - tmp = nfct_labelmap_get_bit(map, cb->arg); + if (have_labelmap) + tmp = nfct_labelmap_get_bit(map, cb->arg); + else + tmp = connlabel_value_parse(cb->arg); + if (tmp < 0) - xtables_error(PARAMETER_PROBLEM, "label '%s' not found", cb->arg); + xtables_error(PARAMETER_PROBLEM, + "label '%s' not found or invalid value", + cb->arg); + info->bit = tmp; if (cb->invert) info->options |= XT_CONNLABEL_OP_INVERT; @@ -81,7 +102,8 @@ static const char *connlabel_get_name(int b) { const char *name; - connlabel_open(); + if (connlabel_open()) + return NULL; name = nfct_labelmap_get_name(map, b); if (name && strcmp(name, "")) @@ -134,9 +156,13 @@ static int connlabel_mt_xlate(struct xt_xlate *xl, const struct xt_connlabel_mtinfo *info = (const void *)params->match->data; const char *name = connlabel_get_name(info->bit); + char *valbuf = NULL; - if (name == NULL) - return 0; + if (name == NULL) { + if (asprintf(&valbuf, "%u", info->bit) < 0) + return 0; + name = valbuf; + } if (info->options & XT_CONNLABEL_OP_SET) xt_xlate_add(xl, "ct label set %s ", name); @@ -146,6 +172,7 @@ static int connlabel_mt_xlate(struct xt_xlate *xl, xt_xlate_add(xl, "and %s != ", name); xt_xlate_add(xl, "%s", name); + free(valbuf); return 1; } diff --git a/extensions/libxt_connlabel.t b/extensions/libxt_connlabel.t index aad1032b5a8bb..7265bd4764865 100644 --- a/extensions/libxt_connlabel.t +++ b/extensions/libxt_connlabel.t @@ -1,18 +1,7 @@ :INPUT,FORWARD,OUTPUT -# Backup the connlabel.conf, then add some label maps for test -@[ -f /etc/xtables/connlabel.conf ] && mv /etc/xtables/connlabel.conf /tmp/connlabel.conf.bak -@mkdir -p /etc/xtables -@echo "40 bit40" > /etc/xtables/connlabel.conf -@echo "41 bit41" >> /etc/xtables/connlabel.conf -@echo "128 bit128" >> /etc/xtables/connlabel.conf --m connlabel --label "bit40";=;OK --m connlabel ! --label "bit40";=;OK --m connlabel --label "bit41" --set;=;OK --m connlabel ! --label "bit41" --set;=;OK --m connlabel --label "bit128";;FAIL -@echo > /etc/xtables/connlabel.conf --m connlabel --label "abc";;FAIL -@rm -f /etc/xtables/connlabel.conf --m connlabel --label "abc";;FAIL -# Restore the original connlabel.conf -@[ -f /tmp/connlabel.conf.bak ] && mv /tmp/connlabel.conf.bak /etc/xtables/connlabel.conf +-m connlabel --label "40";=;OK +-m connlabel ! --label "40";=;OK +-m connlabel --label "41" --set;=;OK +-m connlabel ! --label "41" --set;=;OK +-m connlabel --label "2048";;FAIL +-m connlabel --label "foobar_not_there";;FAIL diff --git a/extensions/libxt_connlabel.txlate b/extensions/libxt_connlabel.txlate index 5be422044637d..12e4ac0351103 100644 --- a/extensions/libxt_connlabel.txlate +++ b/extensions/libxt_connlabel.txlate @@ -1,5 +1,5 @@ -iptables-translate -A INPUT -m connlabel --label bit40 -nft add rule ip filter INPUT ct label bit40 counter +iptables-translate -A INPUT -m connlabel --label 40 +nft add rule ip filter INPUT ct label 40 counter -iptables-translate -A INPUT -m connlabel ! --label bit40 --set -nft add rule ip filter INPUT ct label set bit40 ct label and bit40 != bit40 counter +iptables-translate -A INPUT -m connlabel ! --label 40 --set +nft add rule ip filter INPUT ct label set 40 ct label and 40 != 40 counter -- 2.20.1 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf 2019-03-04 15:53 ` [iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf Phil Sutter @ 2019-03-08 19:20 ` Florian Westphal 0 siblings, 0 replies; 13+ messages in thread From: Florian Westphal @ 2019-03-08 19:20 UTC (permalink / raw) To: Phil Sutter; +Cc: Pablo Neira Ayuso, netfilter-devel, Florian Westphal Phil Sutter <phil@nwl.cc> wrote: > If connlabel.conf was not found, fall back to manually parsing arguments > as plain numbers. > > If nfct_labelmap_new() has failed, nfct_labelmap_get_name() segfaults. > Therefore make sure it is not called in connlabel_get_name() if that's > the case. > > Signed-off-by: Phil Sutter <phil@nwl.cc> > --- > This patch supersedes patches 3-5 of this series. Applied, thanks for updating this. ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf 2019-03-04 14:59 ` Phil Sutter 2019-03-04 15:02 ` Florian Westphal @ 2019-03-08 18:12 ` Pablo Neira Ayuso 2019-03-09 10:51 ` [libnetfilter_conntrack PATCH] Rename 'qa' directory to 'tests' Phil Sutter 1 sibling, 1 reply; 13+ messages in thread From: Pablo Neira Ayuso @ 2019-03-08 18:12 UTC (permalink / raw) To: Phil Sutter, Florian Westphal, netfilter-devel On Mon, Mar 04, 2019 at 03:59:01PM +0100, Phil Sutter wrote: > On Mon, Mar 04, 2019 at 02:07:55PM +0100, Pablo Neira Ayuso wrote: > > On Mon, Mar 04, 2019 at 01:43:11PM +0100, Phil Sutter wrote: [...] > > We can probably place some mapping lookup tests for this in > > libnetfilter_conntrack. > > I just found the ominous "qa" directory in there, so I guess we're > already fine in that regard. :) We could rename this to a more orthodox tests/ directory :-) ^ permalink raw reply [flat|nested] 13+ messages in thread
* [libnetfilter_conntrack PATCH] Rename 'qa' directory to 'tests' 2019-03-08 18:12 ` [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf Pablo Neira Ayuso @ 2019-03-09 10:51 ` Phil Sutter 2019-03-09 10:56 ` [libnetfilter_conntrack PATCH v2] " Phil Sutter 0 siblings, 1 reply; 13+ messages in thread From: Phil Sutter @ 2019-03-09 10:51 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: netfilter-devel When searching for library tests, 'qa' is easily overlooked. Use a more common name instead. Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Phil Sutter <phil@nwl.cc> --- Makefile.am | 2 +- {qa => tests}/.gitignore | 0 {qa => tests}/Makefile.am | 0 {qa => tests}/ct_echo_event.c | 0 {qa => tests}/ct_echo_event.sh | 0 {qa => tests}/ct_events_reliable.c | 0 {qa => tests}/ct_mark_filter.c | 0 {qa => tests}/ct_mark_filter.sh | 0 {qa => tests}/ct_stress.c | 0 {qa => tests}/inetd.conf | 0 {qa => tests}/nssocket.c | 0 {qa => tests}/nssocket.h | 0 {qa => tests}/nssocket_env.sh | 0 {qa => tests}/qa-connlabel.conf | 0 {qa => tests}/test_api.c | 0 {qa => tests}/test_connlabel.c | 2 +- {qa => tests}/test_filter.c | 0 17 files changed, 2 insertions(+), 2 deletions(-) rename {qa => tests}/.gitignore (100%) rename {qa => tests}/Makefile.am (100%) rename {qa => tests}/ct_echo_event.c (100%) rename {qa => tests}/ct_echo_event.sh (100%) rename {qa => tests}/ct_events_reliable.c (100%) rename {qa => tests}/ct_mark_filter.c (100%) rename {qa => tests}/ct_mark_filter.sh (100%) rename {qa => tests}/ct_stress.c (100%) rename {qa => tests}/inetd.conf (100%) rename {qa => tests}/nssocket.c (100%) rename {qa => tests}/nssocket.h (100%) rename {qa => tests}/nssocket_env.sh (100%) rename {qa => tests}/qa-connlabel.conf (100%) rename {qa => tests}/test_api.c (100%) rename {qa => tests}/test_connlabel.c (96%) rename {qa => tests}/test_filter.c (100%) diff --git a/Makefile.am b/Makefile.am index baa98ade1a5ec..1a53c1086a508 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2,7 +2,7 @@ include $(top_srcdir)/Make_global.am ACLOCAL_AMFLAGS = -I m4 -SUBDIRS = include src utils examples qa +SUBDIRS = include src utils examples tests man_MANS = #nfnetlink_conntrack.3 nfnetlink_conntrack.7 diff --git a/qa/.gitignore b/tests/.gitignore similarity index 100% rename from qa/.gitignore rename to tests/.gitignore diff --git a/qa/Makefile.am b/tests/Makefile.am similarity index 100% rename from qa/Makefile.am rename to tests/Makefile.am diff --git a/qa/ct_echo_event.c b/tests/ct_echo_event.c similarity index 100% rename from qa/ct_echo_event.c rename to tests/ct_echo_event.c diff --git a/qa/ct_echo_event.sh b/tests/ct_echo_event.sh similarity index 100% rename from qa/ct_echo_event.sh rename to tests/ct_echo_event.sh diff --git a/qa/ct_events_reliable.c b/tests/ct_events_reliable.c similarity index 100% rename from qa/ct_events_reliable.c rename to tests/ct_events_reliable.c diff --git a/qa/ct_mark_filter.c b/tests/ct_mark_filter.c similarity index 100% rename from qa/ct_mark_filter.c rename to tests/ct_mark_filter.c diff --git a/qa/ct_mark_filter.sh b/tests/ct_mark_filter.sh similarity index 100% rename from qa/ct_mark_filter.sh rename to tests/ct_mark_filter.sh diff --git a/qa/ct_stress.c b/tests/ct_stress.c similarity index 100% rename from qa/ct_stress.c rename to tests/ct_stress.c diff --git a/qa/inetd.conf b/tests/inetd.conf similarity index 100% rename from qa/inetd.conf rename to tests/inetd.conf diff --git a/qa/nssocket.c b/tests/nssocket.c similarity index 100% rename from qa/nssocket.c rename to tests/nssocket.c diff --git a/qa/nssocket.h b/tests/nssocket.h similarity index 100% rename from qa/nssocket.h rename to tests/nssocket.h diff --git a/qa/nssocket_env.sh b/tests/nssocket_env.sh similarity index 100% rename from qa/nssocket_env.sh rename to tests/nssocket_env.sh diff --git a/qa/qa-connlabel.conf b/tests/qa-connlabel.conf similarity index 100% rename from qa/qa-connlabel.conf rename to tests/qa-connlabel.conf diff --git a/qa/test_api.c b/tests/test_api.c similarity index 100% rename from qa/test_api.c rename to tests/test_api.c diff --git a/qa/test_connlabel.c b/tests/test_connlabel.c similarity index 96% rename from qa/test_connlabel.c rename to tests/test_connlabel.c index 345ecf608647b..99b1171857db3 100644 --- a/qa/test_connlabel.c +++ b/tests/test_connlabel.c @@ -59,7 +59,7 @@ int main(void) l = nfct_labelmap_new("qa-connlabel.conf"); if (!l) - l = nfct_labelmap_new("qa/qa-connlabel.conf"); + l = nfct_labelmap_new("tests/qa-connlabel.conf"); assert(l); puts("qa-connlabel.conf:"); dump_map(l); diff --git a/qa/test_filter.c b/tests/test_filter.c similarity index 100% rename from qa/test_filter.c rename to tests/test_filter.c -- 2.21.0 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [libnetfilter_conntrack PATCH v2] Rename 'qa' directory to 'tests' 2019-03-09 10:51 ` [libnetfilter_conntrack PATCH] Rename 'qa' directory to 'tests' Phil Sutter @ 2019-03-09 10:56 ` Phil Sutter 2019-03-11 12:36 ` Pablo Neira Ayuso 0 siblings, 1 reply; 13+ messages in thread From: Phil Sutter @ 2019-03-09 10:56 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: netfilter-devel When searching for library tests, 'qa' is easily overlooked. Use a more common name instead. Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Phil Sutter <phil@nwl.cc> --- Changes since v1: - Add needed changes to configure.ac missed in previous patch. --- Makefile.am | 2 +- configure.ac | 4 ++-- {qa => tests}/.gitignore | 0 {qa => tests}/Makefile.am | 0 {qa => tests}/ct_echo_event.c | 0 {qa => tests}/ct_echo_event.sh | 0 {qa => tests}/ct_events_reliable.c | 0 {qa => tests}/ct_mark_filter.c | 0 {qa => tests}/ct_mark_filter.sh | 0 {qa => tests}/ct_stress.c | 0 {qa => tests}/inetd.conf | 0 {qa => tests}/nssocket.c | 0 {qa => tests}/nssocket.h | 0 {qa => tests}/nssocket_env.sh | 0 {qa => tests}/qa-connlabel.conf | 0 {qa => tests}/test_api.c | 0 {qa => tests}/test_connlabel.c | 2 +- {qa => tests}/test_filter.c | 0 18 files changed, 4 insertions(+), 4 deletions(-) rename {qa => tests}/.gitignore (100%) rename {qa => tests}/Makefile.am (100%) rename {qa => tests}/ct_echo_event.c (100%) rename {qa => tests}/ct_echo_event.sh (100%) rename {qa => tests}/ct_events_reliable.c (100%) rename {qa => tests}/ct_mark_filter.c (100%) rename {qa => tests}/ct_mark_filter.sh (100%) rename {qa => tests}/ct_stress.c (100%) rename {qa => tests}/inetd.conf (100%) rename {qa => tests}/nssocket.c (100%) rename {qa => tests}/nssocket.h (100%) rename {qa => tests}/nssocket_env.sh (100%) rename {qa => tests}/qa-connlabel.conf (100%) rename {qa => tests}/test_api.c (100%) rename {qa => tests}/test_connlabel.c (96%) rename {qa => tests}/test_filter.c (100%) diff --git a/Makefile.am b/Makefile.am index baa98ade1a5ec..1a53c1086a508 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2,7 +2,7 @@ include $(top_srcdir)/Make_global.am ACLOCAL_AMFLAGS = -I m4 -SUBDIRS = include src utils examples qa +SUBDIRS = include src utils examples tests man_MANS = #nfnetlink_conntrack.3 nfnetlink_conntrack.7 diff --git a/configure.ac b/configure.ac index 6304543eca7cd..6940c3894e570 100644 --- a/configure.ac +++ b/configure.ac @@ -31,7 +31,7 @@ PKG_CHECK_MODULES([LIBMNL], [libmnl >= 1.0.3]) AC_CHECK_HEADERS(arpa/inet.h) dnl Check for inet_ntop AC_CHECK_FUNCS(inet_ntop) -dnl Check for setns used in qa +dnl Check for setns used in tests AC_CHECK_FUNCS(setns) dnl Again, some systems have it, but not IPv6 if test "$ac_cv_func_inet_ntop" = "yes" ; then @@ -66,7 +66,7 @@ fi dnl Output the makefile AC_CONFIG_FILES([Makefile src/Makefile include/Makefile utils/Makefile - examples/Makefile qa/Makefile include/libnetfilter_conntrack/Makefile + examples/Makefile tests/Makefile include/libnetfilter_conntrack/Makefile include/internal/Makefile src/conntrack/Makefile src/expect/Makefile libnetfilter_conntrack.pc doxygen.cfg]) AC_OUTPUT diff --git a/qa/.gitignore b/tests/.gitignore similarity index 100% rename from qa/.gitignore rename to tests/.gitignore diff --git a/qa/Makefile.am b/tests/Makefile.am similarity index 100% rename from qa/Makefile.am rename to tests/Makefile.am diff --git a/qa/ct_echo_event.c b/tests/ct_echo_event.c similarity index 100% rename from qa/ct_echo_event.c rename to tests/ct_echo_event.c diff --git a/qa/ct_echo_event.sh b/tests/ct_echo_event.sh similarity index 100% rename from qa/ct_echo_event.sh rename to tests/ct_echo_event.sh diff --git a/qa/ct_events_reliable.c b/tests/ct_events_reliable.c similarity index 100% rename from qa/ct_events_reliable.c rename to tests/ct_events_reliable.c diff --git a/qa/ct_mark_filter.c b/tests/ct_mark_filter.c similarity index 100% rename from qa/ct_mark_filter.c rename to tests/ct_mark_filter.c diff --git a/qa/ct_mark_filter.sh b/tests/ct_mark_filter.sh similarity index 100% rename from qa/ct_mark_filter.sh rename to tests/ct_mark_filter.sh diff --git a/qa/ct_stress.c b/tests/ct_stress.c similarity index 100% rename from qa/ct_stress.c rename to tests/ct_stress.c diff --git a/qa/inetd.conf b/tests/inetd.conf similarity index 100% rename from qa/inetd.conf rename to tests/inetd.conf diff --git a/qa/nssocket.c b/tests/nssocket.c similarity index 100% rename from qa/nssocket.c rename to tests/nssocket.c diff --git a/qa/nssocket.h b/tests/nssocket.h similarity index 100% rename from qa/nssocket.h rename to tests/nssocket.h diff --git a/qa/nssocket_env.sh b/tests/nssocket_env.sh similarity index 100% rename from qa/nssocket_env.sh rename to tests/nssocket_env.sh diff --git a/qa/qa-connlabel.conf b/tests/qa-connlabel.conf similarity index 100% rename from qa/qa-connlabel.conf rename to tests/qa-connlabel.conf diff --git a/qa/test_api.c b/tests/test_api.c similarity index 100% rename from qa/test_api.c rename to tests/test_api.c diff --git a/qa/test_connlabel.c b/tests/test_connlabel.c similarity index 96% rename from qa/test_connlabel.c rename to tests/test_connlabel.c index 345ecf608647b..99b1171857db3 100644 --- a/qa/test_connlabel.c +++ b/tests/test_connlabel.c @@ -59,7 +59,7 @@ int main(void) l = nfct_labelmap_new("qa-connlabel.conf"); if (!l) - l = nfct_labelmap_new("qa/qa-connlabel.conf"); + l = nfct_labelmap_new("tests/qa-connlabel.conf"); assert(l); puts("qa-connlabel.conf:"); dump_map(l); diff --git a/qa/test_filter.c b/tests/test_filter.c similarity index 100% rename from qa/test_filter.c rename to tests/test_filter.c -- 2.21.0 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [libnetfilter_conntrack PATCH v2] Rename 'qa' directory to 'tests' 2019-03-09 10:56 ` [libnetfilter_conntrack PATCH v2] " Phil Sutter @ 2019-03-11 12:36 ` Pablo Neira Ayuso 0 siblings, 0 replies; 13+ messages in thread From: Pablo Neira Ayuso @ 2019-03-11 12:36 UTC (permalink / raw) To: Phil Sutter; +Cc: netfilter-devel On Sat, Mar 09, 2019 at 11:56:05AM +0100, Phil Sutter wrote: > When searching for library tests, 'qa' is easily overlooked. Use a more > common name instead. Applied, thanks Phil! ^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2019-03-11 12:36 UTC | newest] Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <20190219193953.29066-1-phil@nwl.cc> [not found] ` <20190219193953.29066-4-phil@nwl.cc> 2019-03-01 12:52 ` [iptables PATCH 3/5] extensions: connlabel: Allow connlabel.conf override Pablo Neira Ayuso 2019-03-01 18:08 ` Phil Sutter [not found] ` <20190219193953.29066-6-phil@nwl.cc> 2019-03-03 21:03 ` [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf Florian Westphal 2019-03-04 12:43 ` Phil Sutter 2019-03-04 13:07 ` Pablo Neira Ayuso 2019-03-04 14:59 ` Phil Sutter 2019-03-04 15:02 ` Florian Westphal 2019-03-04 15:53 ` [iptables PATCH] extensions: connlabel: Fallback on missing connlabel.conf Phil Sutter 2019-03-08 19:20 ` Florian Westphal 2019-03-08 18:12 ` [iptables PATCH 5/5] iptables-test: Make use of sample connlabel.conf Pablo Neira Ayuso 2019-03-09 10:51 ` [libnetfilter_conntrack PATCH] Rename 'qa' directory to 'tests' Phil Sutter 2019-03-09 10:56 ` [libnetfilter_conntrack PATCH v2] " Phil Sutter 2019-03-11 12:36 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).