diff options
| author | Alvaro Neira <alvaroneay@gmail.com> | 2014-10-21 16:15:46 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-10-22 12:12:34 +0200 |
| commit | 2fe4d077efd9e4801f03848b3ae0aa9925079ac1 (patch) | |
| tree | dcebcbc997db865297510bc59a64bdbf82ad4d47 /tests/regression/inet/reject.t | |
| parent | 17b495957b29e699f59874d1ceca9535921b1a79 (diff) | |
test: update and add the reject tests for ip, ip6, bridge and inet.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/regression/inet/reject.t')
| -rw-r--r-- | tests/regression/inet/reject.t | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/tests/regression/inet/reject.t b/tests/regression/inet/reject.t new file mode 100644 index 00000000..2f5aef3a --- /dev/null +++ b/tests/regression/inet/reject.t @@ -0,0 +1,32 @@ +*inet;test-inet +:input;type filter hook input priority 0 + +# The output is specific for inet family +reject with icmp type host-unreachable;ok;meta nfproto ipv4 reject with icmp type host-unreachable +reject with icmp type net-unreachable;ok;meta nfproto ipv4 reject with icmp type net-unreachable +reject with icmp type prot-unreachable;ok;meta nfproto ipv4 reject with icmp type prot-unreachable +reject with icmp type port-unreachable;ok;meta nfproto ipv4 reject +reject with icmp type net-prohibited;ok;meta nfproto ipv4 reject with icmp type net-prohibited +reject with icmp type host-prohibited;ok;meta nfproto ipv4 reject with icmp type host-prohibited +reject with icmp type admin-prohibited;ok;meta nfproto ipv4 reject with icmp type admin-prohibited + +reject with icmpv6 type no-route;ok;meta nfproto ipv6 reject with icmpv6 type no-route +reject with icmpv6 type admin-prohibited;ok;meta nfproto ipv6 reject with icmpv6 type admin-prohibited +reject with icmpv6 type addr-unreachable;ok;meta nfproto ipv6 reject with icmpv6 type addr-unreachable +reject with icmpv6 type port-unreachable;ok;meta nfproto ipv6 reject + +reject with tcp reset;ok;meta l4proto 6 reject with tcp reset + +reject;ok +reject with icmpx type host-unreachable;ok +reject with icmpx type no-route;ok +reject with icmpx type admin-prohibited;ok +reject with icmpx type port-unreachable;ok;reject + +meta nfproto ipv4 reject with icmp type host-unreachable;ok +meta nfproto ipv6 reject with icmpv6 type no-route;ok + +meta nfproto ipv6 reject with icmp type host-unreachable;fail +meta nfproto ipv4 ip protocol icmp reject with icmpv6 type no-route;fail +meta nfproto ipv6 ip protocol icmp reject with icmp type host-unreachable;fail +meta l4proto udp reject with tcp reset;fail |