1 files changed, 7 insertions, 70 deletions
diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp
index 97170a1b9..56480251e 100755
--- a/test/network/net_netfilter.exp
+++ b/test/network/net_netfilter.exp
@@ -8,83 +8,20 @@ spawn $env(SHELL)
 match_max 100000
 # check default netfilter on br0
-send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter\r"
+send -- "firejail --name=test --net=br0 --netfilter\r"
 expect {
        timeout {puts "TESTING ERROR 0\n";exit}
-        "Installing firewall"
-}
-expect {
-        timeout {puts "TESTING ERROR 1\n";exit}
-        "Chain INPUT (policy DROP"
-}
-expect {
-        timeout {puts "TESTING ERROR 2\n";exit}
-        "ACCEPT     all  --  any    any     anywhere"
-}
-expect {
-        timeout {puts "TESTING ERROR 3\n";exit}
-        "ACCEPT     icmp --  any    any     anywhere"
-}
-expect {
-        timeout {puts "TESTING ERROR 4\n";exit}
        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
 }
-sleep 1
+sleep 2
-send -- "exit\r"
+spawn $env(SHELL)
-sleep 1
 # check default netfilter no new network
-send -- "firejail --debug --noprofile --netfilter\r"
+send -- "firejail --netfilter.print=test\r"
-expect {
-        timeout {puts "TESTING ERROR 5\n";exit}
-        "Installing network filter" {puts "TESTING ERROR 5.1\n";exit}
-        "Chain INPUT (policy DROP" {puts "TESTING ERROR 5.1\n";exit}
-        "ACCEPT     all  --  any    any     anywhere" {puts "TESTING ERROR 5.1\n";exit}
-        "ACCEPT     icmp --  any    any     anywhere" {puts "TESTING ERROR 5.1\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-send -- "exit\r"
-sleep 1
-# check file filter netfilter on br0
-send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter=netfilter.filter\r"
-expect {
-        timeout {puts "TESTING ERROR 6\n";exit}
-        "Installing firewall"
-}
-expect {
-        timeout {puts "TESTING ERROR 6.1\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 1
-send -- "ping -c 1 -w 3 10.10.20.1\r"
-expect {
-        timeout {puts "TESTING ERROR 6.2\n";exit}
-        "0 received, 100% packet loss"
-}
-send -- "exit\r"
-sleep 1
-# check profile netfilter on br0
-send -- "firejail --debug --net=br0 --ip=10.10.20.5 --profile=netfilter.profile\r"
 expect {
-        timeout {puts "TESTING ERROR 7\n";exit}
+        timeout {puts "TESTING ERROR 1\n";exit}
-        "Installing firewall"
+        "ACCEPT     all  --  any    any     anywhere             anywhere             state RELATED,ESTABLISHED"
-}
-expect {
-        timeout {puts "TESTING ERROR 7.1\n";exit}
-        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
-}
-sleep 2
-send -- "ping -c 1 -w 3 10.10.20.1\r"
-expect {
-        timeout {puts "TESTING ERROR 7.2\n";exit}
-        "0 received, 100% packet loss"
 }
-send -- "exit\r"
+after 500
-after 100
 puts "all done\n"

diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp index 97170a1b9..56480251e 100755 --- a/test/network/net_netfilter.exp +++ b/test/network/net_netfilter.exp
@@ -8,83 +8,20 @@ spawn $env(SHELL)
8	match_max 100000	8	match_max 100000
9		9
10	# check default netfilter on br0	10	# check default netfilter on br0
11	send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter\r"	11	send -- "firejail --name=test --net=br0 --netfilter\r"
12	expect {	12	expect {
13	timeout {puts "TESTING ERROR 0\n";exit}	13	timeout {puts "TESTING ERROR 0\n";exit}
14	"Installing firewall"
15	}
16	expect {
17	timeout {puts "TESTING ERROR 1\n";exit}
18	"Chain INPUT (policy DROP"
19	}
20	expect {
21	timeout {puts "TESTING ERROR 2\n";exit}
22	"ACCEPT all -- any any anywhere"
23	}
24	expect {
25	timeout {puts "TESTING ERROR 3\n";exit}
26	"ACCEPT icmp -- any any anywhere"
27	}
28	expect {
29	timeout {puts "TESTING ERROR 4\n";exit}
30	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"	14	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
31	}	15	}
32	sleep 1	16	sleep 2
33	send -- "exit\r"	17	spawn $env(SHELL)
34	sleep 1
35		18
36	# check default netfilter no new network	19	# check default netfilter no new network
37	send -- "firejail --debug --noprofile --netfilter\r"	20	send -- "firejail --netfilter.print=test\r"
38	expect {
39	timeout {puts "TESTING ERROR 5\n";exit}
40	"Installing network filter" {puts "TESTING ERROR 5.1\n";exit}
41	"Chain INPUT (policy DROP" {puts "TESTING ERROR 5.1\n";exit}
42	"ACCEPT all -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit}
43	"ACCEPT icmp -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit}
44	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
45	}
46	sleep 1
47	send -- "exit\r"
48	sleep 1
49
50	# check file filter netfilter on br0
51	send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter=netfilter.filter\r"
52	expect {
53	timeout {puts "TESTING ERROR 6\n";exit}
54	"Installing firewall"
55	}
56	expect {
57	timeout {puts "TESTING ERROR 6.1\n";exit}
58	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
59	}
60	sleep 1
61	send -- "ping -c 1 -w 3 10.10.20.1\r"
62	expect {
63	timeout {puts "TESTING ERROR 6.2\n";exit}
64	"0 received, 100% packet loss"
65	}
66
67	send -- "exit\r"
68	sleep 1
69
70	# check profile netfilter on br0
71	send -- "firejail --debug --net=br0 --ip=10.10.20.5 --profile=netfilter.profile\r"
72	expect {	21	expect {
73	timeout {puts "TESTING ERROR 7\n";exit}	22	timeout {puts "TESTING ERROR 1\n";exit}
74	"Installing firewall"	23	"ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED"
75	}
76	expect {
77	timeout {puts "TESTING ERROR 7.1\n";exit}
78	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
79	}
80	sleep 2
81	send -- "ping -c 1 -w 3 10.10.20.1\r"
82	expect {
83	timeout {puts "TESTING ERROR 7.2\n";exit}
84	"0 received, 100% packet loss"
85	}	24	}
86		25
87	send -- "exit\r"	26	after 500
88	after 100
89
90	puts "all done\n"	27	puts "all done\n"