diff options
author | Máté Eckl <ecklm94@gmail.com> | 2018-08-24 17:47:15 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-08-30 12:11:45 +0200 |
commit | 34ce4e4a7bb61dbf8ce7b3d018a36ab08fb6faf3 (patch) | |
tree | 60eb5d6fcc8de9ca8c59759a8138f8b3df72a392 /tests/shell/testcases/chains/0021prio_0 | |
parent | a187d26259c63df995f41e5920d5961c93e28bff (diff) |
test: shell: Test cases for standard chain prios
Signed-off-by: Máté Eckl <ecklm94@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases/chains/0021prio_0')
-rwxr-xr-x | tests/shell/testcases/chains/0021prio_0 | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/tests/shell/testcases/chains/0021prio_0 b/tests/shell/testcases/chains/0021prio_0 new file mode 100755 index 00000000..ada1d92a --- /dev/null +++ b/tests/shell/testcases/chains/0021prio_0 @@ -0,0 +1,97 @@ +#!/bin/bash + +set -e + +format_offset () { + i=$1 + if ((i == 0)) + then + echo "" + elif ((i > 0)) + then + echo "+$i" + else + echo "$i" + fi +} + +chainname () { + hook=$1 + prioname=$2 + priooffset=$3 + + echo "${hook}${prioname}${priooffset}" | tr "\-+" "mp" +} + +gen_chains () { + family=$1 + hook=$2 + prioname=$3 + + for i in -11 -10 0 10 11 + do + offset=`format_offset $i` + $NFT add chain $family x `chainname $hook $prioname $offset` "{ type filter hook $hook priority $prioname $offset; }" + done +} + +for family in ip ip6 inet +do + $NFT add table $family x + for hook in prerouting input forward output postrouting + do + for prioname in raw mangle filter security + do + gen_chains $family $hook $prioname + done + done + + hook=prerouting + prioname=dstnat + gen_chains $family $hook $prioname + + hook=postrouting + prioname=srcnat + gen_chains $family $hook $prioname +done + + +family=arp + $NFT add table $family x + for hook in input output + do + prioname=filter + gen_chains $family $hook $prioname + done + + +family=netdev + $NFT add table $family x + hook=ingress + prioname=filter + for i in -11 -10 0 10 11 + do + offset=`format_offset $i` + $NFT add chain $family x `chainname $hook $prioname $offset` "{ type filter hook $hook device lo priority $prioname $offset; }" + done + +family=bridge + $NFT add table $family x + for hook in prerouting input forward output postrouting + do + prioname=filter + gen_chains $family $hook $prioname + done + + hook=prerouting + prioname=dstnat + gen_chains $family $hook $prioname + + hook=output + prioname=out + gen_chains $family $hook $prioname + + hook=postrouting + prioname=srcnat + gen_chains $family $hook $prioname + |