diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-09-10 12:36:55 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-10-07 16:35:48 +0200 |
| commit | fcf9f6f25db11fa1abccb759c202159a56f301e7 (patch) | |
| tree | f70ce8dd8d36caa8872a2408a15f572274323f1f /extensions | |
| parent | 42807456f7621cd883dc18647deafcadda934334 (diff) | |
extensions: libxt_hashlimit: add unit test
based on tests/options-most.rules
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions')
| -rw-r--r-- | extensions/libxt_hashlimit.t | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/extensions/libxt_hashlimit.t b/extensions/libxt_hashlimit.t new file mode 100644 index 00000000..59d66135 --- /dev/null +++ b/extensions/libxt_hashlimit.t @@ -0,0 +1,26 @@ +:INPUT,FORWARD,OUTPUT +-m hashlimit --hashlimit-above 1/sec --hashlimit-burst 5 --hashlimit-name mini1;=;OK +-m hashlimit --hashlimit-above 1/min --hashlimit-burst 5 --hashlimit-name mini1;=;OK +-m hashlimit --hashlimit-above 1/hour --hashlimit-burst 5 --hashlimit-name mini1;=;OK +# kernel says "xt_hashlimit: overflow, try lower: 864000000/5" +-m hashlimit --hashlimit-above 1/day --hashlimit-burst 5 --hashlimit-name mini1;;FAIL +-m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 5 --hashlimit-name mini1;=;OK +-m hashlimit --hashlimit-upto 1/min --hashlimit-burst 5 --hashlimit-name mini1;=;OK +-m hashlimit --hashlimit-upto 1/hour --hashlimit-burst 5 --hashlimit-name mini1;=;OK +# kernel says "xt_hashlimit: overflow, try lower: 864000000/5" +-m hashlimit --hashlimit-upto 1/day --hashlimit-burst 5 --hashlimit-name mini1;;FAIL +-m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 1 --hashlimit-name mini1 --hashlimit-htable-expire 2000;=;OK +-m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 1 --hashlimit-mode srcip --hashlimit-name mini1 --hashlimit-htable-expire 2000;=;OK +-m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 1 --hashlimit-mode dstip --hashlimit-name mini1 --hashlimit-htable-expire 2000;=;OK +-m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 1 --hashlimit-mode dstip --hashlimit-name mini1 --hashlimit-htable-max 2000 --hashlimit-htable-expire 2000;=;OK +-m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 1 --hashlimit-mode dstip --hashlimit-name mini1 --hashlimit-htable-max 2000 --hashlimit-htable-gcinterval 60000 --hashlimit-htable-expire 2000;=;OK +-m hashlimit --hashlimit-upto 1/sec --hashlimit-name mini1;-m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 5 --hashlimit-name mini1;OK +-m hashlimit --hashlimit-upto 4kb/s --hashlimit-burst 400kb --hashlimit-name mini5;=;OK +-m hashlimit --hashlimit-upto 10mb/s --hashlimit-name mini6;=;OK +-m hashlimit --hashlimit-upto 123456b/s --hashlimit-burst 1mb --hashlimit-name mini7;=;OK +# should work, it says "iptables v1.4.15: burst cannot be smaller than 96b" +# ERROR: cannot load: iptables -A INPUT -m hashlimit --hashlimit-upto 96b/s --hashlimit-burst 5 --hashlimit-name mini1 +# -m hashlimit --hashlimit-upto 96b/s --hashlimit-burst 5 --hashlimit-name mini1;=;OK +-m hashlimit --hashlimit-name mini1;;FAIL +-m hashlimit --hashlimit-upto 1/sec;;FAIL +-m hashlimit;;FAIL |