diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-09-12 18:21:53 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-10-07 16:35:48 +0200 |
commit | cb4b82738ec0f45b2df15de0dcb079990ac4cda5 (patch) | |
tree | d5f45046cfcbed6531e18afcb67789ef7be4d714 /extensions/libxt_dccp.t | |
parent | 621ded212fad6cb7c38903b6d1c44dc8e8b3830a (diff) |
extensions: libxt_dccp: add unit test
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libxt_dccp.t')
-rw-r--r-- | extensions/libxt_dccp.t | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/extensions/libxt_dccp.t b/extensions/libxt_dccp.t new file mode 100644 index 00000000..f60b480f --- /dev/null +++ b/extensions/libxt_dccp.t @@ -0,0 +1,30 @@ +:INPUT,FORWARD,OUTPUT +-p dccp -m dccp --sport 1;=;OK +-p dccp -m dccp --sport 65535;=;OK +-p dccp -m dccp --dport 1;=;OK +-p dccp -m dccp --dport 65535;=;OK +-p dccp -m dccp --sport 1:1023;=;OK +-p dccp -m dccp --sport 1024:65535;=;OK +-p dccp -m dccp --sport 1024:;-p dccp -m dccp --sport 1024:65535;OK +-p dccp -m dccp ! --sport 1;=;OK +-p dccp -m dccp ! --sport 65535;=;OK +-p dccp -m dccp ! --dport 1;=;OK +-p dccp -m dccp ! --dport 65535;=;OK +-p dccp -m dccp --sport 1 --dport 65535;=;OK +-p dccp -m dccp --sport 65535 --dport 1;=;OK +-p dccp -m dccp ! --sport 1 --dport 65535;=;OK +-p dccp -m dccp ! --sport 65535 --dport 1;=;OK +# ERROR: should fail: iptables -A INPUT -p dccp -m dccp --sport 65536 +# -p dccp -m dccp --sport 65536;;FAIL +-p dccp -m dccp --sport -1;;FAIL +-p dccp -m dccp --dport -1;;FAIL +-p dccp -m dccp --dccp-types REQUEST,RESPONSE,DATA,ACK,DATAACK,CLOSEREQ,CLOSE,RESET,SYNC,SYNCACK,INVALID;=;OK +-p dccp -m dccp ! --dccp-types REQUEST,RESPONSE,DATA,ACK,DATAACK,CLOSEREQ,CLOSE,RESET,SYNC,SYNCACK,INVALID;=;OK +# DCCP option 0 is valid, see http://tools.ietf.org/html/rfc4340#page-29 +# ERROR: cannot load: iptables -A INPUT -p dccp -m dccp --dccp-option 0 +#-p dccp -m dccp --dccp-option 0;=;OK +-p dccp -m dccp --dccp-option 255;=;OK +-p dccp -m dccp --dccp-option 256;;FAIL +-p dccp -m dccp --dccp-option -1;;FAIL +# should we accept this below? +-p dccp -m dccp;=;OK |