diff options
author | Alvaro Neira <alvaroneay@gmail.com> | 2014-10-21 16:15:46 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-10-22 12:12:34 +0200 |
commit | 2fe4d077efd9e4801f03848b3ae0aa9925079ac1 (patch) | |
tree | dcebcbc997db865297510bc59a64bdbf82ad4d47 /tests/regression/bridge | |
parent | 17b495957b29e699f59874d1ceca9535921b1a79 (diff) |
test: update and add the reject tests for ip, ip6, bridge and inet.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/regression/bridge')
-rw-r--r-- | tests/regression/bridge/reject.t | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/tests/regression/bridge/reject.t b/tests/regression/bridge/reject.t new file mode 100644 index 00000000..11a0f1c5 --- /dev/null +++ b/tests/regression/bridge/reject.t @@ -0,0 +1,35 @@ +*bridge;test-bridge +:input;type filter hook input priority 0 + +# The output is specific for bridge family +reject with icmp type host-unreachable;ok;ether type ip reject with icmp type host-unreachable +reject with icmp type net-unreachable;ok;ether type ip reject with icmp type net-unreachable +reject with icmp type prot-unreachable;ok;ether type ip reject with icmp type prot-unreachable +reject with icmp type port-unreachable;ok;ether type ip reject +reject with icmp type net-prohibited;ok;ether type ip reject with icmp type net-prohibited +reject with icmp type host-prohibited;ok;ether type ip reject with icmp type host-prohibited +reject with icmp type admin-prohibited;ok;ether type ip reject with icmp type admin-prohibited + +reject with icmpv6 type no-route;ok;ether type ip6 reject with icmpv6 type no-route +reject with icmpv6 type admin-prohibited;ok;ether type ip6 reject with icmpv6 type admin-prohibited +reject with icmpv6 type addr-unreachable;ok;ether type ip6 reject with icmpv6 type addr-unreachable +reject with icmpv6 type port-unreachable;ok;ether type ip6 reject + +ip protocol tcp reject with tcp reset;ok;ip protocol 6 reject with tcp reset + +reject;ok +reject with icmpx type host-unreachable;ok +reject with icmpx type no-route;ok +reject with icmpx type admin-prohibited;ok +reject with icmpx type port-unreachable;ok;reject + +ether type ipv6 reject with icmp type host-unreachable;fail +ether type ip6 reject with icmp type host-unreachable;fail +ether type ip reject with icmpv6 type no-route;fail +ether type vlan reject;fail +ether type arp reject;fail +ether type vlan reject;fail +ether type arp reject;fail +ether type vlan reject with tcp reset;fail +ether type arp reject with tcp reset;fail +ip protocol udp reject with tcp reset;fail |