From 9ffa72e5b9b3d36f8a2b52a3dcaac519f7f08b5e Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Wed, 29 Jan 2020 10:56:06 -0500 Subject: [PATCH 34/37] chore: test: retab some test cases Replace leading tabs with spaces. (cherry picked from commit 890d8a60893a0c3975b792bcbd3a6c65419a8e8c) (cherry picked from commit 9b2609406c0f20681bc02f98b24091e8f509e26f) --- src/tests/features/helpers_custom.at | 120 +++++++++++++-------------- src/tests/regression/gh453.at | 68 +++++++-------- src/tests/regression/rhbz1506742.at | 2 +- src/tests/regression/rhbz1734765.at | 28 +++---- 4 files changed, 109 insertions(+), 109 deletions(-) diff --git a/src/tests/features/helpers_custom.at b/src/tests/features/helpers_custom.at index bf673bd70b33..bd4b52cfb1d6 100644 --- a/src/tests/features/helpers_custom.at +++ b/src/tests/features/helpers_custom.at @@ -33,32 +33,32 @@ ftptest FWD_CHECK([-q --add-service=ftptest]) NFT_LIST_RULES([inet], [filter_IN_public_allow], 0, [dnl - table inet firewalld { - chain filter_IN_public_allow { - tcp dport 22 ct state new,untracked accept - ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept - tcp dport 9090 ct state new,untracked accept - tcp dport 2121 ct helper set "helper-ftptest-tcp" - tcp dport 2121 ct state new,untracked accept - } - } + table inet firewalld { + chain filter_IN_public_allow { + tcp dport 22 ct state new,untracked accept + ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept + tcp dport 9090 ct state new,untracked accept + tcp dport 2121 ct helper set "helper-ftptest-tcp" + tcp dport 2121 ct state new,untracked accept + } + } ]) IPTABLES_LIST_RULES([raw], [PRE_public_allow], 0, [dnl - CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 CT helper ftp + CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 CT helper ftp ]) IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 ctstate NEW,UNTRACKED ]) IP6TABLES_LIST_RULES([raw], [PRE_public_allow], 0, [dnl - CT tcp ::/0 ::/0 tcp dpt:2121 CT helper ftp + CT tcp ::/0 ::/0 tcp dpt:2121 CT helper ftp ]) IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl - ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED - ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED - ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED - ACCEPT tcp ::/0 ::/0 tcp dpt:2121 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED + ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:2121 ctstate NEW,UNTRACKED ]) dnl Same thing as above, but with the new "helper" in service. @@ -90,32 +90,32 @@ ftptest FWD_CHECK([-q --add-service=ftptest]) NFT_LIST_RULES([inet], [filter_IN_public_allow], 0, [dnl - table inet firewalld { - chain filter_IN_public_allow { - tcp dport 22 ct state new,untracked accept - ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept - tcp dport 9090 ct state new,untracked accept - tcp dport 2121 ct helper set "helper-ftptest-tcp" - tcp dport 2121 ct state new,untracked accept - } - } + table inet firewalld { + chain filter_IN_public_allow { + tcp dport 22 ct state new,untracked accept + ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept + tcp dport 9090 ct state new,untracked accept + tcp dport 2121 ct helper set "helper-ftptest-tcp" + tcp dport 2121 ct state new,untracked accept + } + } ]) IPTABLES_LIST_RULES([raw], [PRE_public_allow], 0, [dnl - CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 CT helper ftp + CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 CT helper ftp ]) IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 ctstate NEW,UNTRACKED ]) IP6TABLES_LIST_RULES([raw], [PRE_public_allow], 0, [dnl - CT tcp ::/0 ::/0 tcp dpt:2121 CT helper ftp + CT tcp ::/0 ::/0 tcp dpt:2121 CT helper ftp ]) IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl - ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED - ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED - ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED - ACCEPT tcp ::/0 ::/0 tcp dpt:2121 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED + ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:2121 ctstate NEW,UNTRACKED ]) dnl again, but with both "module" and "helper" @@ -128,38 +128,38 @@ FWD_RELOAD FWD_CHECK([-q --add-service=ftptest]) NFT_LIST_RULES([inet], [filter_IN_public_allow], 0, [dnl - table inet firewalld { - chain filter_IN_public_allow { - tcp dport 22 ct state new,untracked accept - ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept - tcp dport 9090 ct state new,untracked accept - tcp dport 21 ct helper set "helper-ftp-tcp" - tcp dport 2121 ct helper set "helper-ftptest-tcp" - tcp dport 2121 ct state new,untracked accept - tcp dport 21 ct state new,untracked accept - } - } + table inet firewalld { + chain filter_IN_public_allow { + tcp dport 22 ct state new,untracked accept + ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept + tcp dport 9090 ct state new,untracked accept + tcp dport 21 ct helper set "helper-ftp-tcp" + tcp dport 2121 ct helper set "helper-ftptest-tcp" + tcp dport 2121 ct state new,untracked accept + tcp dport 21 ct state new,untracked accept + } + } ]) IPTABLES_LIST_RULES([raw], [PRE_public_allow], 0, [dnl - CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 CT helper ftp - CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 CT helper ftp + CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 CT helper ftp + CT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 CT helper ftp ]) IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 ctstate NEW,UNTRACKED - ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2121 ctstate NEW,UNTRACKED + ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW,UNTRACKED ]) IP6TABLES_LIST_RULES([raw], [PRE_public_allow], 0, [dnl - CT tcp ::/0 ::/0 tcp dpt:21 CT helper ftp - CT tcp ::/0 ::/0 tcp dpt:2121 CT helper ftp + CT tcp ::/0 ::/0 tcp dpt:21 CT helper ftp + CT tcp ::/0 ::/0 tcp dpt:2121 CT helper ftp ]) IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl - ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED - ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED - ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED - ACCEPT tcp ::/0 ::/0 tcp dpt:2121 ctstate NEW,UNTRACKED - ACCEPT tcp ::/0 ::/0 tcp dpt:21 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED + ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:2121 ctstate NEW,UNTRACKED + ACCEPT tcp ::/0 ::/0 tcp dpt:21 ctstate NEW,UNTRACKED ]) FWD_END_TEST diff --git a/src/tests/regression/gh453.at b/src/tests/regression/gh453.at index 6d820fce840a..61bc90aae673 100644 --- a/src/tests/regression/gh453.at +++ b/src/tests/regression/gh453.at @@ -8,50 +8,50 @@ FWD_CHECK([-q --set-automatic-helpers=no]) FWD_CHECK([-q --add-service=ftp]) NS_CHECK([nft list ruleset | TRIM_WHITESPACE |grep -A3 "ct helper helper-ftp-tcp"], 0, [m4_strip([dnl - ct helper helper-ftp-tcp { - type "ftp" protocol tcp - l3proto inet - } + ct helper helper-ftp-tcp { + type "ftp" protocol tcp + l3proto inet + } ])]) NFT_LIST_RULES([inet], [filter_IN_public_allow], 0, [dnl - table inet firewalld { - chain filter_IN_public_allow { - tcp dport 22 ct state new,untracked accept - ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept - tcp dport 9090 ct state new,untracked accept - tcp dport 21 ct helper set "helper-ftp-tcp" - tcp dport 21 ct state new,untracked accept - } - } + table inet firewalld { + chain filter_IN_public_allow { + tcp dport 22 ct state new,untracked accept + ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept + tcp dport 9090 ct state new,untracked accept + tcp dport 21 ct helper set "helper-ftp-tcp" + tcp dport 21 ct state new,untracked accept + } + } ]) FWD_CHECK([-q --add-service=sip]) NS_CHECK([nft list ruleset | TRIM_WHITESPACE |grep -A3 "ct helper helper-sip-tcp"], 0, [m4_strip([dnl - ct helper helper-sip-tcp { - type "sip" protocol tcp - l3proto inet - } + ct helper helper-sip-tcp { + type "sip" protocol tcp + l3proto inet + } ])]) NS_CHECK([nft list ruleset | TRIM_WHITESPACE |grep -A3 "ct helper helper-sip-udp"], 0, [m4_strip([dnl - ct helper helper-sip-udp { - type "sip" protocol udp - l3proto inet - } + ct helper helper-sip-udp { + type "sip" protocol udp + l3proto inet + } ])]) NFT_LIST_RULES([inet], [filter_IN_public_allow], 0, [dnl - table inet firewalld { - chain filter_IN_public_allow { - tcp dport 22 ct state new,untracked accept - ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept - tcp dport 9090 ct state new,untracked accept - tcp dport 21 ct helper set "helper-ftp-tcp" - tcp dport 21 ct state new,untracked accept - tcp dport 5060 ct helper set "helper-sip-tcp" - udp dport 5060 ct helper set "helper-sip-udp" - tcp dport 5060 ct state new,untracked accept - udp dport 5060 ct state new,untracked accept - } - } + table inet firewalld { + chain filter_IN_public_allow { + tcp dport 22 ct state new,untracked accept + ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept + tcp dport 9090 ct state new,untracked accept + tcp dport 21 ct helper set "helper-ftp-tcp" + tcp dport 21 ct state new,untracked accept + tcp dport 5060 ct helper set "helper-sip-tcp" + udp dport 5060 ct helper set "helper-sip-udp" + tcp dport 5060 ct state new,untracked accept + udp dport 5060 ct state new,untracked accept + } + } ]) FWD_END_TEST diff --git a/src/tests/regression/rhbz1506742.at b/src/tests/regression/rhbz1506742.at index 48b224731fbc..2ab4f1a9cef1 100644 --- a/src/tests/regression/rhbz1506742.at +++ b/src/tests/regression/rhbz1506742.at @@ -20,4 +20,4 @@ FWD_CHECK([-q --ipset=foobar --query-entry=1.2.3.4], 32, ignore, ignore) FWD_CHECK([-q --ipset=foobar --remove-entries-from-file=foobar_entries.txt]) FWD_END_TEST([-e '/Error: IPSET_WITH_TIMEOUT/d' dnl -e '/ERROR: IPSET_WITH_TIMEOUT/d' dnl - -e '/WARNING: NOT_ENABLED/d']) + -e '/WARNING: NOT_ENABLED/d']) diff --git a/src/tests/regression/rhbz1734765.at b/src/tests/regression/rhbz1734765.at index bb054bdb0361..b5023a058a55 100644 --- a/src/tests/regression/rhbz1734765.at +++ b/src/tests/regression/rhbz1734765.at @@ -44,22 +44,22 @@ FWD_CHECK([-q --permanent --zone=trusted --add-interface=foobar1]) FWD_RELOAD NFT_LIST_SET([ipsetv4], 0, [dnl - table inet firewalld { - set ipsetv4 { - type ipv4_addr - flags interval - elements = { 192.0.2.12 } - } - } + table inet firewalld { + set ipsetv4 { + type ipv4_addr + flags interval + elements = { 192.0.2.12 } + } + } ]) NFT_LIST_SET([ipsetv6], 0, [dnl - table inet firewalld { - set ipsetv6 { - type ipv6_addr - flags interval - elements = { ::2 } - } - } + table inet firewalld { + set ipsetv6 { + type ipv6_addr + flags interval + elements = { ::2 } + } + } ]) FWD_CHECK([-q --zone=foobar_010 --add-source="10.10.10.10"]) -- 2.23.0