diff options
| -rw-r--r-- | extensions/libxt_NFLOG.t | 2 | ||||
| -rw-r--r-- | extensions/libxt_TCPMSS.t | 2 | ||||
| -rwxr-xr-x | iptables-test.py | 6 |
3 files changed, 7 insertions, 3 deletions
diff --git a/extensions/libxt_NFLOG.t b/extensions/libxt_NFLOG.t index 25f332ae..0cd81c64 100644 --- a/extensions/libxt_NFLOG.t +++ b/extensions/libxt_NFLOG.t @@ -15,7 +15,7 @@ -j NFLOG --nflog-size 4294967296;;FAIL -j NFLOG --nflog-size -1;;FAIL -j NFLOG --nflog-prefix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;=;OK --j NFLOG --nflog-prefix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;-j NFLOG --nflog-prefix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;OK +-j NFLOG --nflog-prefix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;-j NFLOG --nflog-prefix xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;OK;LEGACY;= -j NFLOG --nflog-threshold 1;=;OK # ERROR: line 13 (should fail: iptables -A INPUT -j NFLOG --nflog-threshold 0 # -j NFLOG --nflog-threshold 0;;FAIL diff --git a/extensions/libxt_TCPMSS.t b/extensions/libxt_TCPMSS.t index fbfbfcf8..b3639cc1 100644 --- a/extensions/libxt_TCPMSS.t +++ b/extensions/libxt_TCPMSS.t @@ -1,6 +1,6 @@ :FORWARD,OUTPUT,POSTROUTING *mangle -j TCPMSS;;FAIL --p tcp -j TCPMSS --set-mss 42;;FAIL;LEGACY +-p tcp -j TCPMSS --set-mss 42;=;FAIL;LEGACY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 42;=;OK -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --clamp-mss-to-pmtu;=;OK diff --git a/iptables-test.py b/iptables-test.py index 179e366e..cefe4233 100755 --- a/iptables-test.py +++ b/iptables-test.py @@ -143,7 +143,8 @@ def run_test(iptables, rule, rule_save, res, filename, lineno, netns): return -1 # find the rule - matching = out.find(rule_save.encode('utf-8')) + matching = out.find("\n-A {}\n".format(rule_save).encode('utf-8')) + if matching < 0: if res == "OK": reason = "cannot find: " + iptables + " -I " + rule @@ -470,6 +471,9 @@ def run_test_file(filename, netns): else: rule_save = chain + " " + item[1] + if iptables == EBTABLES and rule_save.find('-j') < 0: + rule_save += " -j CONTINUE" + res = item[2].rstrip() if len(item) > 3: variant = item[3].rstrip() |