diff options
author | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2019-08-02 12:12:08 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-08-08 12:32:48 +0200 |
commit | 627c451b2351310da9ad82dbdb64747b1fada8e5 (patch) | |
tree | a049c393ec78296bd014d807943c573c75695e81 /tests/shell/testcases/nft-f/0023priority_variable_1 | |
parent | 45cb29a2ada4edfc2b547fe023d923ce0299a61d (diff) |
src: allow variables in the chain priority specification
This patch allows you to use variables in chain priority definitions,
e.g.
define prio = filter
define prionum = 10
define prioffset = "filter - 150"
add table ip foo
add chain ip foo bar { type filter hook input priority $prio; }
add chain ip foo ber { type filter hook input priority $prionum; }
add chain ip foo bor { type filter hook input priority $prioffset; }
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases/nft-f/0023priority_variable_1')
-rwxr-xr-x | tests/shell/testcases/nft-f/0023priority_variable_1 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/tests/shell/testcases/nft-f/0023priority_variable_1 b/tests/shell/testcases/nft-f/0023priority_variable_1 new file mode 100755 index 00000000..eddaf5b9 --- /dev/null +++ b/tests/shell/testcases/nft-f/0023priority_variable_1 @@ -0,0 +1,18 @@ +#!/bin/bash + +# Tests use of variables in priority specification + +set -e + +RULESET=" +define pri = * + +table inet global { + chain prerouting { + type filter hook prerouting priority \$pri + policy accept + } +}" + +$NFT -f - <<< "$RULESET" && exit 1 +exit 0 |