json: Fix tproxy support regarding latest changes

Family may be specified also if no address is given at the same time, make parser/printer tolerant to that. Also fix for missing/incorrect JSON equivalents in tests/py. While being at it, fix two issues in non-JSON tests: * Ruleset is printed in numeric mode, so use 'l4proto 6' instead of 'l4proto tcp' in rules to avoid having to specify expected output for that unrelated bit. * In ip and ip6 family tables, family parameter is not deserialized on output. Fixes: 3edb96200690b ("parser_bison: missing tproxy syntax with port only for inet family") Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2019-05-09 13:35:41 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-05-09 17:19:50 +0200
commit: 1b8953e75c20437b5c563d86c3ba11d1b24e3ec4 (patch)
tree: 6d71a2ffbede3d03f74d350a0a9feb81551f7b7d /tests/py/inet/tproxy.t.json
parent: 43cb4f27da74184da350c62cad8dd573590b09c6 (diff)
1 files changed, 80 insertions, 0 deletions
diff --git a/tests/py/inet/tproxy.t.json b/tests/py/inet/tproxy.t.json
index 2897d200..7b3b11c4 100644
--- a/tests/py/inet/tproxy.t.json
+++ b/tests/py/inet/tproxy.t.json
@@ -84,6 +84,48 @@
     }
 ]
 
+# meta l4proto 17 tproxy ip to :50080
+[
+    {
+        "match": {
+            "left": {
+                "meta": {
+                    "key": "l4proto"
+                }
+            },
+            "op": "==",
+            "right": 17
+        }
+    },
+    {
+        "tproxy": {
+            "family": "ip",
+            "port": 50080
+        }
+    }
+]
+
+# meta l4proto 17 tproxy ip6 to :50080
+[
+    {
+        "match": {
+            "left": {
+                "meta": {
+                    "key": "l4proto"
+                }
+            },
+            "op": "==",
+            "right": 17
+        }
+    },
+    {
+        "tproxy": {
+            "family": "ip6",
+            "port": 50080
+        }
+    }
+]
+
 # meta l4proto 17 tproxy to :50080
 [
     {
@@ -103,3 +145,41 @@
         }
     }
 ]
+
+# ip daddr 0.0.0.0/0 meta l4proto 6 tproxy ip to :2000
+[
+    {
+        "match": {
+            "left": {
+                "payload": {
+                    "field": "daddr",
+                    "protocol": "ip"
+                }
+            },
+            "op": "==",
+            "right": {
+                "prefix": {
+			"addr": "0.0.0.0",
+			"len": 0
+		}
+	    }
+        }
+    },
+    {
+        "match": {
+            "left": {
+                "meta": {
+                    "key": "l4proto"
+                }
+            },
+            "op": "==",
+            "right": 6
+        }
+    },
+    {
+        "tproxy": {
+	    "family": "ip",
+            "port": 2000
+        }
+    }
+]
author	Phil Sutter <phil@nwl.cc>	2019-05-09 13:35:41 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-05-09 17:19:50 +0200
commit	1b8953e75c20437b5c563d86c3ba11d1b24e3ec4 (patch)
tree	6d71a2ffbede3d03f74d350a0a9feb81551f7b7d /tests/py/inet/tproxy.t.json
parent	43cb4f27da74184da350c62cad8dd573590b09c6 (diff)