summaryrefslogtreecommitdiffhomepage
path: root/test/iptables/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'test/iptables/README.md')
-rw-r--r--test/iptables/README.md84
1 files changed, 0 insertions, 84 deletions
diff --git a/test/iptables/README.md b/test/iptables/README.md
deleted file mode 100644
index 1196f8eb5..000000000
--- a/test/iptables/README.md
+++ /dev/null
@@ -1,84 +0,0 @@
-# iptables Tests
-
-iptables tests are run via `make iptables-tests`.
-
-iptables require some extra Docker configuration to work. Enable IPv6 in
-`/etc/docker/daemon.json` (make sure to restart Docker if you change this file):
-
-```json
-{
- "experimental": true,
- "fixed-cidr-v6": "2001:db8:1::/64",
- "ipv6": true,
- // Runtimes and other Docker config...
-}
-```
-
-And if you're running manually (i.e. not using the `make` target), you'll need
-to:
-
-* Enable iptables via `modprobe iptables_filter && modprobe ip6table_filter`.
-* Enable `--net-raw` in your chosen runtime in `/etc/docker/daemon.json` (make
- sure to restart Docker if you change this file).
-
-The resulting runtime should look something like this:
-
-```json
-"runsc": {
- "path": "/tmp/iptables/runsc",
- "runtimeArgs": [
- "--debug-log",
- "/tmp/iptables/logs/runsc.log.%TEST%.%TIMESTAMP%.%COMMAND%",
- "--net-raw"
- ]
-},
-// ...
-```
-
-## Test Structure
-
-Each test implements `TestCase`, providing (1) a function to run inside the
-container and (2) a function to run locally. Those processes are given each
-others' IP addresses. The test succeeds when both functions succeed.
-
-The function inside the container (`ContainerAction`) typically sets some
-iptables rules and then tries to send or receive packets. The local function
-(`LocalAction`) will typically just send or receive packets.
-
-### Adding Tests
-
-1) Add your test to the `iptables` package.
-
-2) Register the test in an `init` function via `RegisterTestCase` (see
-`filter_input.go` as an example).
-
-3) Add it to `iptables_test.go` (see the other tests in that file).
-
-Your test is now runnable with bazel!
-
-## Run individual tests
-
-Build and install `runsc`. Re-run this when you modify gVisor:
-
-```bash
-$ bazel build //runsc && sudo cp bazel-bin/runsc/linux_amd64_pure_stripped/runsc $(which runsc)
-```
-
-Build the testing Docker container. Re-run this when you modify the test code in
-this directory:
-
-```bash
-$ make load-iptables
-```
-
-Run an individual test via:
-
-```bash
-$ bazel test //test/iptables:iptables_test --test_filter=<TESTNAME>
-```
-
-To run an individual test with `runc`:
-
-```bash
-$ bazel test //test/iptables:iptables_test --test_filter=<TESTNAME> --test_arg=--runtime=runc
-```
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 06:41:46 +0000