diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2015-03-13 21:18:58 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2015-03-13 21:18:58 +0100 |
commit | 6fa394d59d91e6cfa3c107128ad1f7d6a6d70257 (patch) | |
tree | c1dc228398ac68ba2e7848e360adc00db724dc6e /tests/match_target.t | |
parent | fee333d674a4c697c1f33952bbc060ee810d9307 (diff) |
Fix cidr handling for hash:*net* types
Commit 092d67cda9ad4 broke the cidr handling for the hash:*net* types
when the sets were used by the SET target: entries with invalid cidr
values were added to the sets. Reported by Jonathan Johnson.
Testsuite entry is added to verify the fix.
Diffstat (limited to 'tests/match_target.t')
-rw-r--r-- | tests/match_target.t | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/tests/match_target.t b/tests/match_target.t index 1739fae..02a0ea3 100644 --- a/tests/match_target.t +++ b/tests/match_target.t @@ -88,4 +88,20 @@ 0 ./check_klog.sh 10.255.255.64 udp 1025 mark # Destroy sets and rules 0 ./iptables.sh inet stop +# Create test set and iptables rules +0 ./iptables.sh inet add +# Send probe packet from 10.255.255.64,udp:1025 +0 sendip -p ipv4 -id 127.0.0.1 -is 10.255.255.64 -p udp -ud 80 -us 1025 127.0.0.1 +# Check that 10.255.255.64 is added to the set +0 ipset t test 10.255.255.64 +# Flush set +0 ipset f test +# Add a /24 network to the set +0 ipset a test 1.1.1.0/24 +# Send probe packet from 10.255.255.64,udp:1025 again +0 sendip -p ipv4 -id 127.0.0.1 -is 10.255.255.64 -p udp -ud 80 -us 1025 127.0.0.1 +# Check that 10.255.255.0/24 is added to the set +0 ipset t test 10.255.255.0/24 +# Destroy sets and rules +0 ./iptables.sh inet stop # eof |