From 18765f235857f5c4e11f5e39fcdc13b5c76759fa Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Thu, 9 Mar 2023 09:21:35 -0500
Subject: testing

---
 test/network/netfilter-template.exp | 41 +++++++++++++++++++++++++++++++++++++
 test/network/network.sh             | 13 ++++++++++--
 2 files changed, 52 insertions(+), 2 deletions(-)
 create mode 100755 test/network/netfilter-template.exp

(limited to 'test/network')

diff --git a/test/network/netfilter-template.exp b/test/network/netfilter-template.exp
new file mode 100755
index 000000000..2dc50cef7
--- /dev/null
+++ b/test/network/netfilter-template.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2023 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+
+send -- "firejail --net=br0 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/blablabla\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"invalid network filter file"
+}
+after 500
+
+send -- "firejail --net=br0 --ip=10.10.20.10 --name=test1 --netfilter=/etc/firejail/tcpserver.net,5678\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+sleep 2
+
+spawn $env(SHELL)
+send -- "firejail --netfilter.print=test1\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"Chain INPUT"
+}
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"ACCEPT"
+}
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"tcp dpt:5678 state NEW,ESTABLISHED"
+}
+sleep 1
+
+puts "\nall done\n"
diff --git a/test/network/network.sh b/test/network/network.sh
index e029722ba..6d26e967f 100755
--- a/test/network/network.sh
+++ b/test/network/network.sh
@@ -42,8 +42,14 @@ echo "TESTING: ipv6 (ip6.exp)"
 echo "TESTING: ipv6 netfilter (ip6_netfilter.exp)"
 ./ip6_netfilter.exp
 
-echo "TESTING: netstats (netstats.exp)"
-./netstats.exp
+# this test will fail on github!
+USER=`whoami`
+if [[ $USER == "runner" ]]; then
+	echo "TESTING: skip over netstats test"
+else
+	echo "TESTING: netstats (netstats.exp)"
+	./netstats.exp
+fi
 
 echo "TESTING: firemon arp (firemon-arp.exp)"
 ./firemon-arp.exp
@@ -51,5 +57,8 @@ echo "TESTING: firemon arp (firemon-arp.exp)"
 echo "TESTING: firemon route (firemon-route.exp)"
 ./firemon-route.exp
 
+echo "TESTING: netfilter-template (netfilter-template.exp)"
+./netfilter-template.exp
+
 sudo ip link set br0 down
 sudo brctl delbr br0
-- 
cgit v1.2.3-70-g09d2