summaryrefslogtreecommitdiffstats
path: root/tests/conntrack
diff options
context:
space:
mode:
Diffstat (limited to 'tests/conntrack')
-rw-r--r--tests/conntrack/testsuite/00create6
-rw-r--r--tests/conntrack/testsuite/03nat8
-rw-r--r--tests/conntrack/testsuite/07nat656
3 files changed, 70 insertions, 0 deletions
diff --git a/tests/conntrack/testsuite/00create b/tests/conntrack/testsuite/00create
index 40e2c19..afe4342 100644
--- a/tests/conntrack/testsuite/00create
+++ b/tests/conntrack/testsuite/00create
@@ -18,3 +18,9 @@
-I -r 2.2.2.2 -q 1.1.1.1 -p tcp --reply-port-src 11 --reply-port-dst 21 --state LISTEN -u SEEN_REPLY -t 50 ; OK
# delete reverse
-D -r 2.2.2.2 -q 1.1.1.1 -p tcp --reply-port-src 11 --reply-port-dst 21 ; OK
+# create a v6 conntrack
+-I -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
+# delete v6 conntrack
+-D -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 -p tcp --sport 10 --dport 20 ; OK
+# mismatched address family
+-I -s 2001:DB8::1.1.1.1 -d 2.2.2.2 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
diff --git a/tests/conntrack/testsuite/03nat b/tests/conntrack/testsuite/03nat
index f94e8ff..014feb8 100644
--- a/tests/conntrack/testsuite/03nat
+++ b/tests/conntrack/testsuite/03nat
@@ -36,5 +36,13 @@
-L --dst-nat 3.3.3.3:81 ; OK
# show
-L --dst-nat 1.1.1.1:80 ; OK
+# badport
+-L --dst-nat 1.1.1.1: ; BAD
+# badport
+-L --dst-nat 1.1.1.1::; BAD
+# badport
+-L --dst-nat 1.1.1.1:80:80; BAD
+# badport
+-L --dst-nat 1.1.1.1:65536; BAD
# delete
-D -s 1.1.1.1 ; OK
diff --git a/tests/conntrack/testsuite/07nat6 b/tests/conntrack/testsuite/07nat6
new file mode 100644
index 0000000..8cecd8e
--- /dev/null
+++ b/tests/conntrack/testsuite/07nat6
@@ -0,0 +1,56 @@
+# create dummy
+-I -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 --dst-nat 2001:DB8::3.3.3.3 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
+# show
+-L --dst-nat ; OK
+# show
+-L --dst-nat 2001:DB8::3.3.3.3 ; OK
+# show
+-L --src-nat ; OK
+# delete
+-D -s 2001:DB8::1.1.1.1 ; OK
+# create dummy again
+-I -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 --src-nat 2001:DB8::3.3.3.3 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
+# show
+-L --src-nat ; OK
+# show
+-L --src-nat 2001:DB8::3.3.3.3 ; OK
+# show
+-L --dst-nat ; OK
+# show any-nat
+-L --any-nat ; OK
+# delete
+-D -s 2001:DB8::1.1.1.1 ; OK
+# bad combination
+-L --dst-nat --any-nat ; BAD
+# bad combination
+-L --src-nat --any-nat ; BAD
+# bad combination
+-L --src-nat --dst-nat --any-nat ; BAD
+# create
+-I -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 --dst-nat [2001:DB8::3.3.3.3]:80 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; OK
+# show
+-L --dst-nat [2001:DB8::3.3.3.3]:80 ; OK
+# show
+-L --any-nat [2001:DB8::3.3.3.3]:80 ; OK
+# show
+-L --dst-nat [2001:DB8::3.3.3.3]:81 ; OK
+# show
+-L --dst-nat [2001:DB8::1.1.1.1]:80 ; OK
+# noport
+-L --dst-nat [2001:DB8::1.1.1.1]: ; BAD
+# badport
+-L --dst-nat [2001:DB8::1.1.1.1]:: ; BAD
+# badport
+-L --dst-nat [2001:DB8::1.1.1.1]:80:80 ; BAD
+# badport
+-L --dst-nat [2001:DB8::1.1.1.1]:65536 ; BAD
+# delete
+-D -s 2001:DB8::1.1.1.1 ; OK
+# mismatched address family
+-I -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 --dst-nat 3.3.3.3 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
+# mismatched address family
+-I -s 1.1.1.1 -d 2.2.2.2 --dst-nat 2001:DB8::3.3.3.3 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
+# create - brackets only for ports in nat
+-I -s 2001:DB8::1.1.1.1 -d 2001:DB8::2.2.2.2 --dst-nat [2001:DB8::3.3.3.3] -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD
+# create - brackets rejected elsewhere
+-I -s [2001:DB8::1.1.1.1] -d 2001:DB8::2.2.2.2 --dst-nat 2001:DB8::3.3.3.3 -p tcp --sport 10 --dport 20 --state LISTEN -u SEEN_REPLY -t 50 ; BAD