smartproxy/test/test.nftables-integration.simple.ts

import { SmartProxy } from '../ts/proxies/smart-proxy/index.js';
import { createNfTablesRoute, createNfTablesTerminateRoute } from '../ts/proxies/smart-proxy/utils/route-helpers.js';
import { expect, tap } from '@push.rocks/tapbundle';
import * as child_process from 'child_process';
import { promisify } from 'util';

const exec = promisify(child_process.exec);

// Check if we have root privileges to run NFTables tests
async function checkRootPrivileges(): Promise<boolean> {
  try {
    // Check if we're running as root
    const { stdout } = await exec('id -u');
    return stdout.trim() === '0';
  } catch (err) {
    return false;
  }
}

// Check if tests should run
const isRoot = await checkRootPrivileges();

if (!isRoot) {
  console.log('');
  console.log('========================================');
  console.log('NFTables tests require root privileges');
  console.log('Skipping NFTables integration tests');
  console.log('========================================');
  console.log('');
  process.exit(0);
}

tap.test('NFTables integration tests', async () => {
  
  console.log('Running NFTables tests with root privileges');
  
  // Create test routes
  const routes = [
    createNfTablesRoute('tcp-forward', {
      host: 'localhost',
      port: 8080
    }, {
      ports: 9080,
      protocol: 'tcp'
    }),
    
    createNfTablesRoute('udp-forward', {
      host: 'localhost',
      port: 5353
    }, {
      ports: 5354,
      protocol: 'udp'
    }),
    
    createNfTablesRoute('port-range', {
      host: 'localhost',
      port: 8080
    }, {
      ports: { from: 9000, to: 9100 },
      protocol: 'tcp'
    })
  ];
  
  const smartProxy = new SmartProxy({
    enableDetailedLogging: true,
    routes
  });
  
  // Start the proxy
  await smartProxy.start();
  console.log('SmartProxy started with NFTables routes');
  
  // Get NFTables status
  const status = await smartProxy.getNfTablesStatus();
  console.log('NFTables status:', JSON.stringify(status, null, 2));
  
  // Verify all routes are provisioned
  expect(Object.keys(status).length).toEqual(routes.length);
  
  for (const routeStatus of Object.values(status)) {
    expect(routeStatus.active).toBeTrue();
    expect(routeStatus.ruleCount.total).toBeGreaterThan(0);
  }
  
  // Stop the proxy
  await smartProxy.stop();
  console.log('SmartProxy stopped');
  
  // Verify all rules are cleaned up
  const finalStatus = await smartProxy.getNfTablesStatus();
  expect(Object.keys(finalStatus).length).toEqual(0);
});

export default tap.start();
feat(nftables):add nftables support for nftables 2025-05-15 14:35:01 +00:00			`import { SmartProxy } from '../ts/proxies/smart-proxy/index.js';`
			`import { createNfTablesRoute, createNfTablesTerminateRoute } from '../ts/proxies/smart-proxy/utils/route-helpers.js';`
			`import { expect, tap } from '@push.rocks/tapbundle';`
			`import * as child_process from 'child_process';`
			`import { promisify } from 'util';`

			`const exec = promisify(child_process.exec);`

			`// Check if we have root privileges to run NFTables tests`
			`async function checkRootPrivileges(): Promise<boolean> {`
			`try {`
			`// Check if we're running as root`
			`const { stdout } = await exec('id -u');`
			`return stdout.trim() === '0';`
			`} catch (err) {`
			`return false;`
			`}`
			`}`

			`// Check if tests should run`
			`const isRoot = await checkRootPrivileges();`

			`if (!isRoot) {`
			`console.log('');`
			`console.log('========================================');`
			`console.log('NFTables tests require root privileges');`
			`console.log('Skipping NFTables integration tests');`
			`console.log('========================================');`
			`console.log('');`
			`process.exit(0);`
			`}`

			`tap.test('NFTables integration tests', async () => {`

			`console.log('Running NFTables tests with root privileges');`

			`// Create test routes`
			`const routes = [`
			`createNfTablesRoute('tcp-forward', {`
			`host: 'localhost',`
			`port: 8080`
			`}, {`
			`ports: 9080,`
			`protocol: 'tcp'`
			`}),`

			`createNfTablesRoute('udp-forward', {`
			`host: 'localhost',`
			`port: 5353`
			`}, {`
			`ports: 5354,`
			`protocol: 'udp'`
			`}),`

			`createNfTablesRoute('port-range', {`
			`host: 'localhost',`
			`port: 8080`
			`}, {`
			`ports: { from: 9000, to: 9100 },`
			`protocol: 'tcp'`
			`})`
			`];`

			`const smartProxy = new SmartProxy({`
			`enableDetailedLogging: true,`
			`routes`
			`});`

			`// Start the proxy`
			`await smartProxy.start();`
			`console.log('SmartProxy started with NFTables routes');`

			`// Get NFTables status`
			`const status = await smartProxy.getNfTablesStatus();`
			`console.log('NFTables status:', JSON.stringify(status, null, 2));`

			`// Verify all routes are provisioned`
			`expect(Object.keys(status).length).toEqual(routes.length);`

			`for (const routeStatus of Object.values(status)) {`
			`expect(routeStatus.active).toBeTrue();`
			`expect(routeStatus.ruleCount.total).toBeGreaterThan(0);`
			`}`

			`// Stop the proxy`
			`await smartProxy.stop();`
			`console.log('SmartProxy stopped');`

			`// Verify all rules are cleaned up`
			`const finalStatus = await smartProxy.getNfTablesStatus();`
			`expect(Object.keys(finalStatus).length).toEqual(0);`
			`});`

			`export default tap.start();`