extensions: *.t/*.txlate: Test range corner-cases

For every extension option accepting a range, test open and half-open as well as single element and invalid (negative) ranges. The added tests merely reflect the status quo, not the expected outcome. Following patches will fix results and the already existing test cases highlight the fixes' effects. Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2024-01-25 02:12:24 +0100
committer: Phil Sutter <phil@nwl.cc> 2024-02-02 18:26:14 +0100
commit: 285406b1d22e3ed0aec30ea0a534ea76211156a9 (patch)
tree: 95607347977110481518de17fac9e6f7e0631aa6 /extensions/libxt_tcp.txlate
parent: 11c77ed471f2d8a6dc60c17aef1e1a3b52ff3591 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/extensions/libxt_tcp.txlate b/extensions/libxt_tcp.txlate
index 9802ddfe..a7e921bf 100644
--- a/extensions/libxt_tcp.txlate
+++ b/extensions/libxt_tcp.txlate
@@ -30,3 +30,9 @@ nft 'add rule ip filter INPUT tcp option 23 exists counter'
 
 iptables-translate -A INPUT -p tcp ! --tcp-option 23
 nft 'add rule ip filter INPUT tcp option 23 missing counter'
+
+iptables-translate -I OUTPUT -p tcp --sport 0:65535 -j ACCEPT
+nft 'insert rule ip filter OUTPUT counter accept'
+
+iptables-translate -I OUTPUT -p tcp ! --sport 0:65535 -j ACCEPT
+nft 'insert rule ip filter OUTPUT counter accept'
author	Phil Sutter <phil@nwl.cc>	2024-01-25 02:12:24 +0100
committer	Phil Sutter <phil@nwl.cc>	2024-02-02 18:26:14 +0100
commit	285406b1d22e3ed0aec30ea0a534ea76211156a9 (patch)
tree	95607347977110481518de17fac9e6f7e0631aa6 /extensions/libxt_tcp.txlate
parent	11c77ed471f2d8a6dc60c17aef1e1a3b52ff3591 (diff)