mirror of
https://github.com/firehol/firehol.git
synced 2024-06-29 18:32:16 +00:00
Make unit tests more robust
This commit is contained in:
parent
c36fdde175
commit
5efe439266
@ -1,3 +1,5 @@
|
||||
FIREQOS_DEFAULT_QDISC=fq_codel
|
||||
|
||||
interface veth0 world-in input rate 11111kbit adsl local pppoe-llc mtu 1492
|
||||
class public
|
||||
match sport 22
|
||||
|
@ -3,6 +3,8 @@
|
||||
# to ensure that the run script is invoked, which is responsible
|
||||
# for the actual running
|
||||
#
|
||||
FIREQOS_DEFAULT_QDISC=fq_codel
|
||||
|
||||
interface veth0 world-in input rate 11111kbit adsl local pppoe-llc mtu 1492
|
||||
class public
|
||||
match sport 22
|
||||
|
@ -3,6 +3,8 @@
|
||||
# to ensure that the run script is invoked, which is responsible
|
||||
# for the actual running
|
||||
#
|
||||
FIREQOS_DEFAULT_QDISC=fq_codel
|
||||
|
||||
interface veth0 world-in input rate 11111kbit adsl local pppoe-llc mtu 1492
|
||||
class public
|
||||
match sport 22
|
||||
|
@ -14,9 +14,5 @@ default
|
||||
10.0.1.0/24 dev veth1 proto kernel scope link src 10.0.1.1
|
||||
===== TABLE 2 =====
|
||||
default via 10.0.0.254 dev veth0
|
||||
10.0.0.0/24 dev veth0 proto kernel scope link src 10.0.0.1
|
||||
10.0.1.0/24 dev veth1 proto kernel scope link src 10.0.1.1
|
||||
===== TABLE 3 =====
|
||||
default via 10.0.1.254 dev veth1
|
||||
10.0.0.0/24 dev veth0 proto kernel scope link src 10.0.0.1
|
||||
10.0.1.0/24 dev veth1 proto kernel scope link src 10.0.1.1
|
||||
|
@ -32,7 +32,7 @@ do
|
||||
if [ ! "$(lsmod | cut -f1 -d' ' | grep $module)" ]
|
||||
then
|
||||
test "$missing" = "" && echo "Missing module(s). Run:"
|
||||
echo " modprobe ${module}"
|
||||
echo " sudo modprobe ${module}"
|
||||
missing="Y"
|
||||
haderror="Y"
|
||||
fi
|
||||
@ -51,15 +51,9 @@ if [ "$1" = "-inns" ]
|
||||
then
|
||||
# First set up our namespace so we can write where we need to
|
||||
mount -t tmpfs tmpfs /etc/firehol
|
||||
if [ -d /var/run/firehol ]
|
||||
then
|
||||
mount -t tmpfs tmpfs /var/run/firehol
|
||||
mount -t tmpfs tmpfs /var/run/netns
|
||||
else
|
||||
mount -t tmpfs tmpfs /var/run
|
||||
mkdir /var/run/firehol
|
||||
mkdir /var/run/netns
|
||||
fi
|
||||
mount -t tmpfs tmpfs /var/run
|
||||
mkdir /var/run/firehol
|
||||
mkdir /var/run/netns
|
||||
if [ -d /var/spool/firehol ]
|
||||
then
|
||||
mount -t tmpfs tmpfs /var/spool/firehol
|
||||
@ -81,7 +75,7 @@ then
|
||||
fi
|
||||
|
||||
# /proc/net/ip_tables_names is read-only for the real root in kernels
|
||||
# up to and possibly beyond 4.1, so we may not be able to access it.
|
||||
# up to and possibly beyond 4.3, so we may not be able to access it.
|
||||
# This file just contains the well known list of tables, depending
|
||||
# on which modules are loaded.
|
||||
# It is relied on by firehol but also by iptables-save and iptables-restore
|
||||
@ -95,6 +89,7 @@ then
|
||||
# https://lists.linuxcontainers.org/pipermail/lxc-users/2014-November/008099.html
|
||||
if [ ! -r /proc/net/ip_tables_names ]
|
||||
then
|
||||
echo "Faking /proc/net/ip_tables_names"
|
||||
mkdir /var/run/firehol/proc
|
||||
mkdir /var/run/firehol/proc/net
|
||||
ls /proc | while read name
|
||||
@ -161,7 +156,7 @@ then
|
||||
elif [ ! "$haderror" ]
|
||||
then
|
||||
echo "Unsharing namespaces"
|
||||
unshare -m -n -U -r -- $0 -inns "$@"
|
||||
unshare -r unshare -m -n -- $0 -inns "$@"
|
||||
exit
|
||||
fi
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user