fix for entrypoint, added entrypoint-test job

superstes · superstes · commit a08a12d1cd0d · 2025-09-06T12:57:05.000+02:00
diff --git a/.github/workflows/entrypoints.yml b/.github/workflows/entrypoints.yml
@@ -0,0 +1,62 @@
+---
+
+name: Test Entrypoints
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [latest]
+    paths:
+      - '**.py'
+      - '.github/workflows/entrypoints.yml'
+      - 'requirements.txt'
+      - 'requirements_build.txt'
+  pull_request:
+    branches: [latest]
+    paths:
+      - '**.py'
+      - '.github/workflows/entrypoints.yml'
+      - 'requirements.txt'
+      - 'requirements_build.txt'
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 2
+    defaults:
+      run:
+        shell: bash
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.ref }}
+
+      - name: Install python
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.11'
+
+      - name: Install dependencies
+        run: |
+          pip install -r requirements_build.txt >/dev/null
+          pip install -r requirements.txt >/dev/null
+
+      - name: Testing to install as PIP-Module
+        run: |
+          PATH_REPO="$(pwd)"
+          PATH_VENV="/tmp/ftf_venv"
+          python3 -m virtualenv "$PATH_VENV" > /dev/null
+          cd /tmp
+          PYTHONPATH=''
+          source "${PATH_VENV}/bin/activate"
+          python3 -m pip install -e "$PATH_REPO" > /dev/null
+
+      - name: Testing to execute entrypoints
+        run: |
+          PATH_VENV="/tmp/ftf_venv"
+          source "${PATH_VENV}/bin/activate"
+
+          ftf-ci --help >/dev/null
+          ftf-cli --help >/dev/null
+          ftf-shell --help >/dev/null
diff --git a/README.md b/README.md
@@ -2,6 +2,7 @@
 
 [![Lint](https://github.com/O-X-L/firewall-testing-framework/actions/workflows/lint.yml/badge.svg?branch=latest)](https://github.com/O-X-L/firewall-testing-framework/actions/workflows/lint.yml)
 [![Test](https://github.com/O-X-L/firewall-testing-framework/actions/workflows/test.yml/badge.svg?branch=latest)](https://github.com/O-X-L/firewall-testing-framework/actions/workflows/test.yml)
+[![Test Entrypoints](https://github.com/O-X-L/firewall-testing-framework/actions/workflows/entrypoints.yml/badge.svg?branch=latest)](https://github.com/O-X-L/firewall-testing-framework/actions/workflows/entrypoints.yml)
 
 A framework for **testing and troubleshooting firewall rulesets**.
 
@@ -31,31 +32,32 @@ ftf-cli --firewall-system 'linux_netfilter' \
 > 🛈 ROUTER: Packet inbound-interface: wan
 > 🛈 ROUTER: Packet inbound-route: 0.0.0.0/0, gw 10.255.255.254, metric 600, scope remote
 > 🛈 FIREWALL: Processing Chain: Table nat ip4 | Chain PREROUTING ip4 nat
-> 🛈 FIREWALL: > Chain PREROUTING | Rule 0
+> 🛈 FIREWALL: > Chain PREROUTING | Rule 0 | Match => jump
 > 🛈 FIREWALL: > Chain PREROUTING | Sub-Chain: DOCKER
 > 🛈 FIREWALL: > Chain DOCKER | Rule 0
 > 🛈 FIREWALL: > Chain DOCKER | Rule 1
 > 🛈 ROUTER: Packet outbound-interface: docker0
 > 🛈 ROUTER: Packet outbound-route: 172.17.0.0/16, scope link
 > 🛈 FIREWALL: Processing Chain: Table filter ip4 | Chain FORWARD ip4 filter
-> 🛈 FIREWALL: > Chain FORWARD | Rule 0
+> 🛈 FIREWALL: > Chain FORWARD | Rule 0 | Match => jump
 > 🛈 FIREWALL: > Chain FORWARD | Sub-Chain: DOCKER-USER
-> 🛈 FIREWALL: > Chain DOCKER-USER | Rule 0
-> 🛈 FIREWALL: > Chain FORWARD | Rule 1
+> 🛈 FIREWALL: > Chain DOCKER-USER | Rule 0 | Match => return
+> 🛈 FIREWALL: > Chain FORWARD | Rule 1 | Match => jump
 > 🛈 FIREWALL: > Chain FORWARD | Sub-Chain: DOCKER-FORWARD
-> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 0
+> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 0 | Match => jump
 > 🛈 FIREWALL: > Chain DOCKER-FORWARD | Sub-Chain: DOCKER-CT
-> 🛈 FIREWALL: > Chain DOCKER-CT | Rule 0
-> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 1
+> 🛈 FIREWALL: > Chain DOCKER-CT | Rule 0 | Match => accept
+> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 1 | Match => jump
 > 🛈 FIREWALL: > Chain DOCKER-FORWARD | Sub-Chain: DOCKER-ISOLATION-STAGE-1
 > 🛈 FIREWALL: > Chain DOCKER-ISOLATION-STAGE-1 | Rule 0
-> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 2
+> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 2 | Match => jump
 > 🛈 FIREWALL: > Chain DOCKER-FORWARD | Sub-Chain: DOCKER-BRIDGE
-> 🛈 FIREWALL: > Chain DOCKER-BRIDGE | Rule 0
+> 🛈 FIREWALL: > Chain DOCKER-BRIDGE | Rule 0 | Match => jump
 > 🛈 FIREWALL: > Chain DOCKER-BRIDGE | Sub-Chain: DOCKER
 > 🛈 FIREWALL: > Chain DOCKER | Rule 0
-> 🛈 FIREWALL: > Chain DOCKER | Rule 1
+> 🛈 FIREWALL: > Chain DOCKER | Rule 1 | Match => drop
 > ✖ FIREWALL: Packet blocked by rule: {'action': 'drop', 'seq': 1, 'raw': Rule: #22 | Matches: [ni_in != ['docker0'], ni_out == ['docker0']]}
+
 ```
 
 ----
diff --git a/pyproject.toml b/pyproject.toml
@@ -3,7 +3,7 @@ requires = ["setuptools >= 61.0"]
 build-backend = "setuptools.build_meta"
 
 [project]
-name = "ftf"
+name = "firewall-test"
 authors = [
     {name = "Rath Pascal", email = "contact@oxl.at"},
 ]
@@ -30,6 +30,7 @@ version = {file = ["VERSION"]}
 
 [tool.setuptools.packages.find]
 where = ["src"]
+exclude = ["*_test.py"]
 
 [tool.setuptools.package-data]
 "*" = ["*.txt"]
diff --git a/scripts/build.sh b/scripts/build.sh
@@ -25,7 +25,9 @@ cd /tmp
 PYTHONPATH=''
 source "${PATH_VENV}/bin/activate"
 python3 -m pip install -e "$PATH_REPO" > /dev/null
-firewall-test-ci --help >/dev/null
+ftf-ci --help >/dev/null
+ftf-cli --help >/dev/null
+ftf-shell --help >/dev/null
 deactivate
 echo ' => OK'
 
diff --git a/src/firewall_test/cli.py b/src/firewall_test/cli.py
@@ -76,11 +76,11 @@ def main():
     environ.setdefault(ENV_VERBOSITY, args.verbosity)
     environ.setdefault(ENV_LOG_COLOR, '0' if args.no_color else '1')
 
-    if args.proto_l4 in ['tcp', 'udp']:
+    if args.proto in ['tcp', 'udp']:
         packet = PacketTCPUDP(
             src=args.src_ip,
             dst=args.dst_ip,
-            proto_l4=args.proto_l4,
+            proto_l4=args.proto,
         )
 
     else:
