summaryrefslogtreecommitdiffstats
path: root/extensions/libxt_NFLOG.t
Commit message (Collapse)AuthorAgeFilesLines
* tests: NFLOG: enable `--nflog-range` testsJeremy Sowden2022-02-131-6/+6
| | | | | | | | | iptables-legacy and iptable-nft have different results for these tests. Now that it is possible to specify the expected results correctly, we can enable the tests. Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Signed-off-by: Florian Westphal <fw@strlen.de>
* extensions: libxt_NFLOG: remove extra space when saving targets with prefixesJeremy Sowden2022-01-181-2/+2
| | | | | | | | | | | | | When printing out NFLOG targets an extra space was inserted between `--nflog-prefix` and the prefix itself: $ sudo /usr/sbin/iptables -A INPUT -j NFLOG --nflog-prefix test $ sudo /usr/sbin/iptables-save | grep NFLOG -A INPUT -j NFLOG --nflog-prefix test ^^ Fixes: 73866357e4a7 ("iptables: do not print trailing whitespaces") Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Signed-off-by: Florian Westphal <fw@strlen.de>
* extensions: libxt_NFLOG: fix `--nflog-prefix` Python test-casesJeremy Sowden2022-01-181-4/+2
| | | | | | | | | | | | The `iptables-save` includes an extra space between `--nflog-prefix` and the prefix. The maximum length of prefixes includes the trailing NUL character. NFLOG silently truncates prefixes which exceed the maximum length. Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Signed-off-by: Florian Westphal <fw@strlen.de>
* extensions: libxt_NFLOG: disable `--nflog-range` Python test-casesKyle Bowman2022-01-181-4/+6
| | | | | | | | | | | | nft has no equivalent to `--nflog-range`, so we cannot emulate it and the Python unit-tests for it fail. However, since `--nflog-range` is broken and doesn't do anything, the tests are not testing anything useful. Signed-off-by: Kyle Bowman <kbowman@cloudflare.com> Signed-off-by: Alex Forster <aforster@cloudflare.com> Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Signed-off-by: Florian Westphal <fw@strlen.de>
* extensions: libxt_NFLOG: add unit test to cover nflog-size with zeroLiping Zhang2016-07-201-0/+1
| | | | | | | | "--nflog-size 0" is valid and we must display it appropriately. Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: libxt_NFLOG: nflog-range does not truncate packetsVishwanath Pai2016-07-011-0/+4
| | | | | | | | | | | | | | | | | | | | The option --nflog-range has never worked, but we cannot just fix this because users might be using this feature option and their behavior would change. Instead add a new option --nflog-size. This option works the same way nflog-range should have, and both of them are mutually exclusive. When someone uses --nflog-range we print a warning message informing them that this feature has no effect. To indicate the kernel that the user has set --nflog-size we have to pass a new flag XT_NFLOG_F_COPY_LEN. Also updated the man page to reflect the new option and added tests to extensions/libxt_NFLOG.t Reported-by: Joe Dollard <jdollard@akamai.com> Reviewed-by: Josh Hunt <johunt@akamai.com> Signed-off-by: Vishwanath Pai <vpai@akamai.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: libxt_NFLOG: add unit testPablo Neira Ayuso2013-10-071-0/+19
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
generated by cgit v1.2.3 (git 2.25.0) at 2024-11-16 14:26:47 +0000