diff options
author | Phil Sutter <phil@nwl.cc> | 2019-10-22 12:25:28 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2019-10-23 10:58:09 +0200 |
commit | 4e470fa34761085144640fb561a9ad26b2cde382 (patch) | |
tree | 70722e0e5e003fa2a764c8e8a251112bc41f02e4 /iptables/tests | |
parent | 3dc433b55bbfaf9df3ee408aaa6282742f377864 (diff) |
xtables-restore: Unbreak *tables-restore
Commit 3dc433b55bbfa ("xtables-restore: Fix --table parameter check")
installed an error check which evaluated true in all cases as all
callers of do_command callbacks pass a pointer to a table name already.
Attached test case passed as it tested error condition only.
Fix the whole mess by introducing a boolean to indicate whether a table
parameter was seen already. Extend the test case to cover positive as
well as negative behaviour and to test ebtables-restore and
ip6tables-restore as well. Also add the required checking code to the
latter since the original commit missed it.
Fixes: 3dc433b55bbfa ("xtables-restore: Fix --table parameter check")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/tests')
-rwxr-xr-x | iptables/tests/shell/testcases/ipt-restore/0009-table-name-comment_0 | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/iptables/tests/shell/testcases/ipt-restore/0009-table-name-comment_0 b/iptables/tests/shell/testcases/ipt-restore/0009-table-name-comment_0 index 4e2202df..e9614075 100755 --- a/iptables/tests/shell/testcases/ipt-restore/0009-table-name-comment_0 +++ b/iptables/tests/shell/testcases/ipt-restore/0009-table-name-comment_0 @@ -4,10 +4,27 @@ # '-t <tablename>' so standard rule parsing routines may be used. This means # that it has to detect and reject rules which already contain a table option. -$XT_MULTI iptables-restore <<EOF +families="ip ip6" +[[ $(basename $XT_MULTI) == xtables-nft-multi ]] && families+=" eb" + +for fam in $families; do + $XT_MULTI ${fam}tables-restore <<EOF *filter -t nat -A FORWARD -j ACCEPT COMMIT EOF + [[ $? != 0 ]] || { + echo "${fam}tables-restore did not fail when it should have" + exit 1 + } -[[ $? != 0 ]] || exit 1 + $XT_MULTI ${fam}tables-restore <<EOF +*filter +-A FORWARD -j ACCEPT +COMMIT +EOF + [[ $? == 0 ]] || { + echo "${fam}tables-restore failed when it should not have" + exit 1 + } +done |