proxy/iptables: add packet-flow-based tests of iptables rules

Browse Source

Add a new framework for testing out how particular packets would be
handled by a given set of iptables rules. (eg, "assert that a packet
from 10.180.0.2 to 172.30.0.41:80 gets NATted to 10.180.0.1:80 without
being masqueraded"). Add tests using this to all of the existing unit
tests.

This makes it easier to tell whether a given code change has any
effect on behavior, without having to carefully examine the diffs to
the generated iptables rules.

...

This commit is contained in:

Dan Winship 2022-03-10 12:08:04 -05:00

parent cd55f35306

commit f4261283ac

1 changed files with 1257 additions and 15 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1272

pkg/proxy/iptables/proxier_test.go

View File

File diff suppressed because it is too large Load Diff