aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/man/firejail.txt3
-rwxr-xr-xtest/fnetfilter/copy.exp4
-rw-r--r--test/fnetfilter/test1.net4
-rwxr-xr-xtest/utils/cpu-print.exp16
4 files changed, 19 insertions, 8 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 927c5e309..1a769176c 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -416,7 +416,10 @@ Use this option if you don't trust the DNS setup on your network.
416Example: 416Example:
417.br 417.br
418$ firejail \-\-dns=8.8.8.8 \-\-dns=8.8.4.4 firefox 418$ firejail \-\-dns=8.8.8.8 \-\-dns=8.8.4.4 firefox
419.br
419 420
421.br
422Note: this feature is not supported on systemd-resolved setups.
420.TP 423.TP
421\fB\-\-dns.print=name|pid 424\fB\-\-dns.print=name|pid
422Print DNS configuration for a sandbox identified by name or by PID. 425Print DNS configuration for a sandbox identified by name or by PID.
diff --git a/test/fnetfilter/copy.exp b/test/fnetfilter/copy.exp
index 65145ec4b..f619d503a 100755
--- a/test/fnetfilter/copy.exp
+++ b/test/fnetfilter/copy.exp
@@ -16,11 +16,11 @@ after 100
16send -- "cat outfile\r" 16send -- "cat outfile\r"
17expect { 17expect {
18 timeout {puts "TESTING ERROR 1\n";exit} 18 timeout {puts "TESTING ERROR 1\n";exit}
19 "test1" 19 "*filter"
20} 20}
21expect { 21expect {
22 timeout {puts "TESTING ERROR 2\n";exit} 22 timeout {puts "TESTING ERROR 2\n";exit}
23 "*filter" 23 "test1"
24} 24}
25expect { 25expect {
26 timeout {puts "TESTING ERROR 3\n";exit} 26 timeout {puts "TESTING ERROR 3\n";exit}
diff --git a/test/fnetfilter/test1.net b/test/fnetfilter/test1.net
index 59bef1443..e60127373 100644
--- a/test/fnetfilter/test1.net
+++ b/test/fnetfilter/test1.net
@@ -1,5 +1,5 @@
1*filter 1*filter
2# test2 2# test1
3:INPUT DROP [0:0] 3:INPUT DROP [0:0]
4:FORWARD DROP [0:0] 4:FORWARD DROP [0:0]
5:OUTPUT ACCEPT [0:0] 5:OUTPUT ACCEPT [0:0]
@@ -9,7 +9,7 @@
9#-A INPUT -p icmp --icmp-type echo-reply -j ACCEPT 9#-A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
10-A INPUT -p icmp --icmp-type destination-unreachable -j ACCEPT 10-A INPUT -p icmp --icmp-type destination-unreachable -j ACCEPT
11-A INPUT -p icmp --icmp-type time-exceeded -j ACCEPT 11-A INPUT -p icmp --icmp-type time-exceeded -j ACCEPT
12-A INPUT -p icmp --icmp-type echo-request -j ACCEPT 12-A INPUT -p icmp --icmp-type echo-request -j ACCEPT
13# disable STUN 13# disable STUN
14-A OUTPUT -p udp --dport 3478 -j DROP 14-A OUTPUT -p udp --dport 3478 -j DROP
15-A OUTPUT -p udp --dport 3479 -j DROP 15-A OUTPUT -p udp --dport 3479 -j DROP
diff --git a/test/utils/cpu-print.exp b/test/utils/cpu-print.exp
index f639f7c9f..714745106 100755
--- a/test/utils/cpu-print.exp
+++ b/test/utils/cpu-print.exp
@@ -16,7 +16,11 @@ sleep 1
16send -- "cat /proc/self/status | grep Cpus\r" 16send -- "cat /proc/self/status | grep Cpus\r"
17expect { 17expect {
18 timeout {puts "TESTING ERROR 1\n";exit} 18 timeout {puts "TESTING ERROR 1\n";exit}
19 "Cpus_allowed_list: 0" 19 "Cpus"
20}
21expect {
22 timeout {puts "TESTING ERROR 2\n";exit}
23 "_allowed_list: 0"
20} 24}
21after 100 25after 100
22send -- "exit\r" 26send -- "exit\r"
@@ -25,7 +29,7 @@ sleep 1
25 29
26send -- "firejail --name=test --cpu=1\r" 30send -- "firejail --name=test --cpu=1\r"
27expect { 31expect {
28 timeout {puts "TESTING ERROR 1\n";exit} 32 timeout {puts "TESTING ERROR 3\n";exit}
29 "Child process initialized" 33 "Child process initialized"
30} 34}
31sleep 1 35sleep 1
@@ -33,8 +37,12 @@ sleep 1
33spawn $env(SHELL) 37spawn $env(SHELL)
34send -- "firejail --cpu.print=test\r" 38send -- "firejail --cpu.print=test\r"
35expect { 39expect {
36 timeout {puts "TESTING ERROR 2\n";exit} 40 timeout {puts "TESTING ERROR 4\n";exit}
37 "Cpus_allowed_list: 1" 41 "Cpus"
42}
43expect {
44 timeout {puts "TESTING ERROR 5\n";exit}
45 "_allowed_list: 1"
38} 46}
39after 100 47after 100
40puts "\nall done\n" 48puts "\nall done\n"
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-06 00:52:48 +0000