diff options
author | Ken-ichirou MATSUZAWA <chamaken@gmail.com> | 2015-03-13 07:24:19 +0900 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2015-03-13 14:37:51 +0100 |
commit | 4ef7e4e64b6a5f15f949c678ec096465da202573 (patch) | |
tree | 9a0a8294a80c68e0365c9d89fd3319a2a5ef6c7f /qa/ct_mark_filter.sh | |
parent | c44b4657fa84d66423c19a4e60e5ef9d1633daeb (diff) |
qa: add test for mark event filter
testing mark filter in root by
# ./qa/ct_mark_filter.sh
Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'qa/ct_mark_filter.sh')
-rwxr-xr-x | qa/ct_mark_filter.sh | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/qa/ct_mark_filter.sh b/qa/ct_mark_filter.sh new file mode 100755 index 0000000..a2c7fed --- /dev/null +++ b/qa/ct_mark_filter.sh @@ -0,0 +1,36 @@ +#!/bin/sh + +. `dirname $0`/nssocket_env.sh + +echo "---- TCP echo with ctmark 0/0 [filter_mark_zero]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- iptables CONNMARK settings - ctmark tcp 2/2, tcp fin 1/1" +ip netns exec $NETNS sh <<EOF + iptables -t mangle -I PREROUTING -p tcp -m tcp -j CONNMARK --set-mark 2/2 + iptables -t mangle -I PREROUTING -p tcp -m tcp --tcp-flags FIN FIN -j CONNMARK --set-mark 1/1 +EOF + +echo "---- TCP echo with mark filter 1/1 [filter_mark_1_1]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- TCP echo with mark filter ! 1/1 [filter_mark_neg_1_1]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- TCP echo with mark filter !0/fffffffd [filter_mark_neg_0_fffffffd]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- max mark filter entry [filter_mark_max]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +fin |