summaryrefslogtreecommitdiffstats
path: root/tests/py/inet/sets.t.json
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2020-03-07 03:00:10 +0100
committerPhil Sutter <phil@nwl.cc>2020-03-10 16:28:58 +0100
commit64b9aa3803dd1f6ca529a1f3bd7aa0875bdbd9d9 (patch)
treec18dd45ac98e673bc17e6b33fe7549e1ebb565e3 /tests/py/inet/sets.t.json
parent9475ca305a993751b05cf26ef8e785a00de98b94 (diff)
tests/py: Add tests involving concatenated ranges
Very basic testing, just a set definition, a rule which references it and another one with an anonymous set. Sadly this is already enough to expose some pending issues: * Payload dependency killing ignores the concatenated IP header expressions on LHS, so rule output is asymmetric. * Anonymous sets don't accept concatenated ranges yet, so the second rule is manually disabled for now. Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'tests/py/inet/sets.t.json')
-rw-r--r--tests/py/inet/sets.t.json35
1 files changed, 35 insertions, 0 deletions
diff --git a/tests/py/inet/sets.t.json b/tests/py/inet/sets.t.json
index bcb638f2..58e19ef6 100644
--- a/tests/py/inet/sets.t.json
+++ b/tests/py/inet/sets.t.json
@@ -36,3 +36,38 @@
}
]
+# ip saddr . ip daddr . tcp dport @set3 accept
+[
+ {
+ "match": {
+ "left": {
+ "concat": [
+ {
+ "payload": {
+ "field": "saddr",
+ "protocol": "ip"
+ }
+ },
+ {
+ "payload": {
+ "field": "daddr",
+ "protocol": "ip"
+ }
+ },
+ {
+ "payload": {
+ "field": "dport",
+ "protocol": "tcp"
+ }
+ }
+ ]
+ },
+ "op": "==",
+ "right": "@set3"
+ }
+ },
+ {
+ "accept": null
+ }
+]
+