Home | History | Annotate | Download | only in tests

Lines Matching full:chainname

178 static std::vector<std::string> listIptablesRule(const char *binary, const char *chainName) {
179     std::string command = StringPrintf("%s -w -n -L %s", binary, chainName);
183 static int iptablesRuleLineLength(const char *binary, const char *chainName) {
184     return listIptablesRule(binary, chainName).size();
188                                const char *chainName,
190     std::vector<std::string> rules = listIptablesRule(binary, chainName);
199 static bool iptablesNoSocketAllowRuleExists(const char *chainName){
200     return iptablesRuleExists(IPTABLES_PATH, chainName, NO_SOCKET_ALLOW_RULE) &&
201            iptablesRuleExists(IP6TABLES_PATH, chainName, NO_SOCKET_ALLOW_RULE);
204 static bool iptablesEspAllowRuleExists(const char *chainName){
205     return iptablesRuleExists(IPTABLES_PATH, chainName, ESP_ALLOW_RULE) &&
206            iptablesRuleExists(IP6TABLES_PATH, chainName, ESP_ALLOW_RULE);
212     std::string chainName = StringPrintf("netd_binder_test_%u", arc4random_uniform(10000));
223         mNetd->firewallReplaceUidChain(String16(chainName.c_str()), true, uids, &ret);
226     EXPECT_EQ((int) uids.size() + 9, iptablesRuleLineLength(IPTABLES_PATH, chainName.c_str()));
227     EXPECT_EQ((int) uids.size() + 15, iptablesRuleLineLength(IP6TABLES_PATH, chainName.c_str()));
228     EXPECT_EQ(true, iptablesNoSocketAllowRuleExists(chainName.c_str()));
229     EXPECT_EQ(true, iptablesEspAllowRuleExists(chainName.c_str()));
232         mNetd->firewallReplaceUidChain(String16(chainName.c_str()), false, noUids, &ret);
235     EXPECT_EQ(5, iptablesRuleLineLength(IPTABLES_PATH, chainName.c_str()));
236     EXPECT_EQ(5, iptablesRuleLineLength(IP6TABLES_PATH, chainName.c_str()));
240         mNetd->firewallReplaceUidChain(String16(chainName.c_str()), false, uids, &ret);
243     EXPECT_EQ((int) uids.size() + 5, iptablesRuleLineLength(IPTABLES_PATH, chainName.c_str()));
244     EXPECT_EQ((int) uids.size() + 5, iptablesRuleLineLength(IP6TABLES_PATH, chainName.c_str()));
245     EXPECT_EQ(false, iptablesNoSocketAllowRuleExists(chainName.c_str()));
246     EXPECT_EQ(false, iptablesEspAllowRuleExists(chainName.c_str()));
250         mNetd->firewallReplaceUidChain(String16(chainName.c_str()), false, noUids, &ret);
253     EXPECT_EQ(5, iptablesRuleLineLength(IPTABLES_PATH, chainName.c_str()));
254     EXPECT_EQ(5, iptablesRuleLineLength(IP6TABLES_PATH, chainName.c_str()));