Commit 3293b209 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

Makefile: check target

parent c3f53365
......@@ -51,4 +51,7 @@ $(ROOT_DIR)/$(resdir)/modules:
install: $(foreach f,$(files),$(ROOT_DIR)/$(f)) $(ROOT_DIR)/$(resdir)/modules
.PHONY: all
check:
LUA_VERSION=$(LUA_VERSION) ./test.sh
.PHONY: all check install
#!/bin/sh -e
# Alpine Wall test script
# Copyright (C) 2012-2017 Kaarle Ritvanen
# See LICENSE file for license details
cd "$(dirname "$0")"
export LUA_PATH="./?.lua;;"
for cls in mandatory optional private; do
eval "export AWALL_PATH_$(echo $cls | tr a-z A-Z)=test/$cls"
mkdir -p test/$cls
done
exec lua${LUA_VERSION} ./awall-cli ${1:-diff} -o test/output
Ipset awall-masquerade {"family":"inet","type":"hash:net"}
(masquerade)
Log _default {"limit":1}
(defaults)
Service babel {"port":6697,"proto":"tcp"}
(services)
Service bacula-dir {"port":9101,"proto":"tcp"}
(services)
Service bacula-fd {"port":9102,"proto":"tcp"}
(services)
Service bacula-sd {"port":9103,"proto":"tcp"}
(services)
Service bgp {"port":179,"proto":"tcp"}
(services)
Service dhcp {"family":"inet","port":[67,68],"proto":"udp"}
(services)
Service discard [{"port":9,"proto":"udp"},{"port":9,"proto":"tcp"}]
(services)
Service dns [{"port":53,"proto":"udp"},{"port":53,"proto":"tcp"}]
(services)
Service epmap [{"port":135,"proto":"tcp"},{"port":135,"proto":"udp"}]
(services)
Service ftp {"ct-helper":"ftp","port":21,"proto":"tcp"}
(services)
Service gre {"proto":"gre"}
(services)
Service hp-pdl {"port":9100,"proto":"tcp"}
(services)
Service http {"port":80,"proto":"tcp"}
(services)
Service http-alt {"port":8080,"proto":"tcp"}
(services)
Service https {"port":443,"proto":"tcp"}
(services)
Service icmp {"proto":"icmp"}
(services)
Service igmp {"proto":"igmp"}
(services)
Service imap {"port":143,"proto":"tcp"}
(services)
Service imaps {"port":993,"proto":"tcp"}
(services)
Service ipsec [{"proto":"esp"},{"port":[500,4500],"proto":"udp"}]
(services)
Service irc {"ct-helper":"irc","port":6667,"proto":"tcp"}
(services)
Service kerberos [{"port":88,"proto":"tcp"},{"port":88,"proto":"udp"}]
(services)
Service kpasswd [{"port":464,"proto":"tcp"},{"port":464,"proto":"udp"}]
(services)
Service l2tp {"port":1701,"proto":"udp"}
(services)
Service ldap [{"port":389,"proto":"tcp"},{"port":389,"proto":"udp"}]
(services)
Service ldaps [{"port":636,"proto":"tcp"},{"port":636,"proto":"udp"}]
(services)
Service microsoft-ds [{"port":445,"proto":"tcp"},{"port":445,"proto":"udp"}]
(services)
Service ms-sql-m {"port":1434,"proto":"tcp"}
(services)
Service ms-sql-s {"port":1433,"proto":"tcp"}
(services)
Service msft-gc [{"port":3268,"proto":"tcp"},{"port":3268,"proto":"udp"}]
(services)
Service msft-gc-ssl [{"port":3269,"proto":"tcp"},{"port":3269,"proto":"udp"}]
(services)
Service netbios-ds [{"port":138,"proto":"tcp"},{"port":138,"proto":"udp"}]
(services)
Service netbios-ns [{"family":"inet","port":137,"proto":"tcp"},{"ct-helper":"netbios-ns","family":"inet","port":137,"proto":"udp"}]
(services)
Service netbios-ssn [{"port":139,"proto":"tcp"},{"port":139,"proto":"udp"}]
(services)
Service ntp {"port":123,"proto":"udp"}
(services)
Service ospf {"proto":"ospf"}
(services)
Service pgsql {"port":5432,"proto":"tcp"}
(services)
Service ping [{"proto":"icmp","reply-type":0,"type":8},{"proto":"icmpv6","reply-type":129,"type":128}]
(services)
Service pop3 {"port":110,"proto":"tcp"}
(services)
Service pop3s {"port":995,"proto":"tcp"}
(services)
Service radius [{"port":1812,"proto":"udp"},{"port":1812,"proto":"tcp"}]
(services)
Service radius-acct [{"port":1813,"proto":"udp"},{"port":1813,"proto":"tcp"}]
(services)
Service rdp {"port":3389,"proto":"tcp"}
(services)
Service rsync {"port":873,"proto":"tcp"}
(services)
Service rtmp {"port":1935,"proto":"tcp"}
(services)
Service rtsp {"port":554,"proto":"tcp"}
(services)
Service sieve {"port":4190,"proto":"tcp"}
(services)
Service sip [{"ct-helper":"sip","port":5060,"proto":"udp"},{"ct-helper":"sip","port":5060,"proto":"tcp"}]
(services)
Service sip-tls [{"port":5061,"proto":"udp"},{"port":5061,"proto":"tcp"}]
(services)
Service smtp {"port":25,"proto":"tcp"}
(services)
Service snmp {"port":161,"proto":"udp"}
(services)
Service snmp-trap {"port":162,"proto":"udp"}
(services)
Service ssh {"port":22,"proto":"tcp"}
(services)
Service submission {"port":587,"proto":"tcp"}
(services)
Service syslog {"port":514,"proto":"udp"}
(services)
Service telnet {"port":23,"proto":"tcp"}
(services)
Service teredo {"port":3544,"proto":"udp"}
(services)
Service tftp {"port":69,"proto":"udp"}
(services)
Service vnc {"port":5900,"proto":"tcp"}
(services)
Variable awall_tproxy_mark 1
(defaults)
# ipset awall-masquerade
hash:net family inet
# rules-save generated by awall
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
:OUTPUT DROP [0:0]
:icmp-routing - [0:0]
-A FORWARD -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A FORWARD -p icmp -j icmp-routing
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j icmp-routing
-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -j icmp-routing
-A icmp-routing -p icmp --icmp-type 3 -j ACCEPT
-A icmp-routing -p icmp --icmp-type 11 -j ACCEPT
-A icmp-routing -p icmp --icmp-type 12 -j ACCEPT
COMMIT
*nat
:POSTROUTING ACCEPT [0:0]
:awall-masquerade - [0:0]
-A POSTROUTING -m set --match-set awall-masquerade src -j awall-masquerade
-A awall-masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
# rules6-save generated by awall
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
:OUTPUT DROP [0:0]
:icmp-routing - [0:0]
-A FORWARD -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A FORWARD -p icmpv6 -j icmp-routing
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmpv6 -j ACCEPT
-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmpv6 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 1 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 2 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 3 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 4 -j ACCEPT
COMMIT
# ipset awall-masquerade
hash:net family inet
# rules-save generated by awall
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
:OUTPUT DROP [0:0]
:icmp-routing - [0:0]
-A FORWARD -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A FORWARD -p icmp -j icmp-routing
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j icmp-routing
-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -j icmp-routing
-A icmp-routing -p icmp --icmp-type 3 -j ACCEPT
-A icmp-routing -p icmp --icmp-type 11 -j ACCEPT
-A icmp-routing -p icmp --icmp-type 12 -j ACCEPT
COMMIT
*nat
:POSTROUTING ACCEPT [0:0]
:awall-masquerade - [0:0]
-A POSTROUTING -m set --match-set awall-masquerade src -j awall-masquerade
-A awall-masquerade -m set ! --match-set awall-masquerade dst -j MASQUERADE
COMMIT
# rules6-save generated by awall
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
:OUTPUT DROP [0:0]
:icmp-routing - [0:0]
-A FORWARD -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A FORWARD -p icmpv6 -j icmp-routing
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmpv6 -j ACCEPT
-A OUTPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmpv6 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 1 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 2 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 3 -j ACCEPT
-A icmp-routing -p icmpv6 --icmpv6-type 4 -j ACCEPT
COMMIT
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment