diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-11-10 12:06:22 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-11-17 23:46:38 +0100 |
| commit | 255b248f6ae3135c984bf6559d4b75078e837250 (patch) | |
| tree | e1f87fc1cd108c9417ca72cc1d5de8b94cd28578 | |
| parent | eac8b1103f7659e86bd61a7f3bab72f753d82320 (diff) | |
Extend test to support for IPv6:
- Add IPv6 address and route.
- Use inet instead of ip table for masquerading.
- Annotate the IPv6 multicast address for IPv6_address in
conntrackd.conf files.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rwxr-xr-x | tests/conntrackd/netns/conntrackd-netns-test.sh | 10 | ||||
| -rw-r--r-- | tests/conntrackd/netns/conntrackd-nsr1.conf | 1 | ||||
| -rw-r--r-- | tests/conntrackd/netns/conntrackd-nsr2.conf | 1 | ||||
| -rw-r--r-- | tests/conntrackd/netns/ruleset-nsr1.nft | 2 |
4 files changed, 13 insertions, 1 deletions
diff --git a/tests/conntrackd/netns/conntrackd-netns-test.sh b/tests/conntrackd/netns/conntrackd-netns-test.sh index 6f16587..f6b11e2 100755 --- a/tests/conntrackd/netns/conntrackd-netns-test.sh +++ b/tests/conntrackd/netns/conntrackd-netns-test.sh @@ -17,24 +17,34 @@ start () { ip link add veth2 netns nsr1 type veth peer name veth0 netns nsr2 ip -net ns1 addr add 192.168.10.2/24 dev veth0 + ip -6 -net ns1 addr add bbbb::2/64 dev veth0 ip -net ns1 link set up dev veth0 ip -net ns1 ro add 10.0.1.0/24 via 192.168.10.1 dev veth0 + ip -6 -net ns1 ro add aaaa::/64 via bbbb::1 dev veth0 ip -net nsr1 addr add 10.0.1.1/24 dev veth0 ip -net nsr1 addr add 192.168.10.1/24 dev veth1 + ip -6 -net nsr1 addr add aaaa::1/64 dev veth0 + ip -6 -net nsr1 addr add bbbb::1/64 dev veth1 ip -net nsr1 link set up dev veth0 ip -net nsr1 link set up dev veth1 ip -net nsr1 route add default via 192.168.10.2 + ip -6 -net nsr1 route add default via bbbb::2 ip netns exec nsr1 sysctl net.ipv4.ip_forward=1 + ip netns exec nsr1 sysctl net.ipv6.conf.all.forwarding=1 ip -net nsr1 addr add 192.168.100.2/24 dev veth2 + ip -6 -net nsr1 addr add cccc::2/96 dev veth2 ip -net nsr1 link set up dev veth2 ip -net nsr2 addr add 192.168.100.3/24 dev veth0 + ip -6 -net nsr2 addr add cccc::3/96 dev veth0 ip -net nsr2 link set up dev veth0 ip -net ns2 addr add 10.0.1.2/24 dev veth0 + ip -6 -net ns2 addr add aaaa::2/64 dev veth0 ip -net ns2 link set up dev veth0 ip -net ns2 route add default via 10.0.1.1 + ip -6 -net ns2 route add default via aaaa::1 echo 1 > /proc/sys/net/netfilter/nf_log_all_netns diff --git a/tests/conntrackd/netns/conntrackd-nsr1.conf b/tests/conntrackd/netns/conntrackd-nsr1.conf index c79eff5..d37e102 100644 --- a/tests/conntrackd/netns/conntrackd-nsr1.conf +++ b/tests/conntrackd/netns/conntrackd-nsr1.conf @@ -3,6 +3,7 @@ Sync { } Multicast { IPv4_address 225.0.0.50 + #IPv6_address ff08::123 Group 3780 IPv4_interface 192.168.100.2 Interface veth2 diff --git a/tests/conntrackd/netns/conntrackd-nsr2.conf b/tests/conntrackd/netns/conntrackd-nsr2.conf index 65fa0d6..aab6083 100644 --- a/tests/conntrackd/netns/conntrackd-nsr2.conf +++ b/tests/conntrackd/netns/conntrackd-nsr2.conf @@ -3,6 +3,7 @@ Sync { } Multicast { IPv4_address 225.0.0.50 + #IPv6_address ff08::123 Group 3780 IPv4_interface 192.168.100.3 Interface veth0 diff --git a/tests/conntrackd/netns/ruleset-nsr1.nft b/tests/conntrackd/netns/ruleset-nsr1.nft index bd6f1b4..5ba6d6f 100644 --- a/tests/conntrackd/netns/ruleset-nsr1.nft +++ b/tests/conntrackd/netns/ruleset-nsr1.nft @@ -1,4 +1,4 @@ -table ip filter { +table inet filter { chain postrouting { type nat hook postrouting priority srcnat; policy accept; oif veth0 masquerade |