diff options
author | Stéphane Veyret <sveyret@gmail.com> | 2019-07-09 15:02:09 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-07-16 21:26:52 +0200 |
commit | 1dd08fcfa07a4e5bacc14b4e4a27ed64581f2e41 (patch) | |
tree | 71cd776ee6b257d9a0cbefec922165d8c93cbe9b /tests/py | |
parent | 543e7f405e3dc502ef0a69f0b85a745bdbc998ee (diff) |
src: add ct expectations support
This modification allow to directly add/list/delete expectations.
Signed-off-by: Stéphane Veyret <sveyret@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/py')
-rw-r--r-- | tests/py/ip/objects.t | 9 | ||||
-rw-r--r-- | tests/py/ip/objects.t.json | 7 | ||||
-rw-r--r-- | tests/py/ip/objects.t.payload | 4 | ||||
-rwxr-xr-x | tests/py/nft-test.py | 4 |
4 files changed, 24 insertions, 0 deletions
diff --git a/tests/py/ip/objects.t b/tests/py/ip/objects.t index fc2ee266..35d01101 100644 --- a/tests/py/ip/objects.t +++ b/tests/py/ip/objects.t @@ -41,3 +41,12 @@ limit name tcp dport map {443 : "lim1", 80 : "lim2", 22 : "lim1"};ok %cttime5 type ct timeout {protocol tcp; policy = { estalbished:100 } ;};fail ct timeout set "cttime1";ok + +# ct expectation +%ctexpect1 type ct expectation { protocol tcp; dport 1234; timeout 2m; size 12; };ok +%ctexpect2 type ct expectation { protocol udp; };fail +%ctexpect3 type ct expectation { protocol tcp; dport 4321; };fail +%ctexpect4 type ct expectation { protocol tcp; dport 4321; timeout 2m; };fail +%ctexpect5 type ct expectation { protocol udp; dport 9876; timeout 2m; size 12; l3proto ip; };ok + +ct expectation set "ctexpect1";ok diff --git a/tests/py/ip/objects.t.json b/tests/py/ip/objects.t.json index a98d73c5..596ad188 100644 --- a/tests/py/ip/objects.t.json +++ b/tests/py/ip/objects.t.json @@ -193,3 +193,10 @@ } ] +# ct expectation set "ctexpect1" +[ + { + "ct expect": "ctexpect1" + } +] + diff --git a/tests/py/ip/objects.t.payload b/tests/py/ip/objects.t.payload index 719b6c37..ef3e86aa 100644 --- a/tests/py/ip/objects.t.payload +++ b/tests/py/ip/objects.t.payload @@ -63,3 +63,7 @@ ip test-ip4 output # ct timeout set "cttime1" ip test-ip4 output [ objref type 7 name cttime1 ] + +# ct expectation set "ctexpect1" +ip test-ip4 output + [ objref type 9 name ctexpect1 ] diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py index fcbd28ca..7f424cf1 100755 --- a/tests/py/nft-test.py +++ b/tests/py/nft-test.py @@ -1123,6 +1123,10 @@ def obj_process(obj_line, filename, lineno): obj_type = "ct timeout" tokens[3] = "" + if obj_type == "ct" and tokens[3] == "expectation": + obj_type = "ct expectation" + tokens[3] = "" + if len(tokens) > 3: obj_spcf = " ".join(tokens[3:]) |