diff options
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/libxt_ipcomp.t | 8 | ||||
-rw-r--r-- | extensions/libxt_policy.t | 3 |
2 files changed, 6 insertions, 5 deletions
diff --git a/extensions/libxt_ipcomp.t b/extensions/libxt_ipcomp.t index ce111142..8546ba9c 100644 --- a/extensions/libxt_ipcomp.t +++ b/extensions/libxt_ipcomp.t @@ -1,5 +1,3 @@ -:INPUT,FORWARD --m policy --dir in --pol ipsec --proto ipcomp;=;OK --m policy --dir in --pol none --proto ipcomp;;FAIL --m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp;=;OK --m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp --mode tunnel --tunnel-dst 10.0.0.0/8 --tunnel-src 10.0.0.0/8 --next --reqid 2;=;OK +:INPUT,OUTPUT +-p ipcomp -m ipcomp --ipcompspi 18 -j DROP;=;OK +-p ipcomp -m ipcomp ! --ipcompspi 18 -j ACCEPT;=;OK diff --git a/extensions/libxt_policy.t b/extensions/libxt_policy.t index 24a3e2f4..6524122b 100644 --- a/extensions/libxt_policy.t +++ b/extensions/libxt_policy.t @@ -1,5 +1,8 @@ :INPUT,FORWARD -m policy --dir in --pol ipsec;=;OK +-m policy --dir in --pol ipsec --proto ipcomp;=;OK -m policy --dir in --pol ipsec --strict;;FAIL +-m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp;=;OK -m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto esp --mode tunnel --tunnel-dst 10.0.0.0/8 --tunnel-src 10.0.0.0/8 --next --reqid 2;=;OK -m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto esp --tunnel-dst 10.0.0.0/8;;FAIL +-m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp --mode tunnel --tunnel-dst 10.0.0.0/8 --tunnel-src 10.0.0.0/8 --next --reqid 2;=;OK |