diff options
| author | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2019-05-24 15:06:50 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-05-24 21:56:23 +0200 |
| commit | c64457cff9673fbb41f613a67e158b4d62235c09 (patch) | |
| tree | 7078630dcce460d3c412d541517230895832812c /tests/shell | |
| parent | f1e8a129ee428419a0d5a45a2f410e8e4008d109 (diff) | |
src: Allow goto and jump to a variable
This patch introduces the use of nft input files variables in 'jump' and 'goto'
statements, e.g.
define dest = ber
add table ip foo
add chain ip foo bar {type filter hook input priority 0;}
add chain ip foo ber
add rule ip foo ber counter
add rule ip foo bar jump $dest
table ip foo {
chain bar {
type filter hook input priority filter; policy accept;
jump ber
}
chain ber {
counter packets 71 bytes 6664
}
}
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
| -rwxr-xr-x | tests/shell/testcases/nft-f/0018jump_variable_0 | 19 | ||||
| -rwxr-xr-x | tests/shell/testcases/nft-f/0019jump_variable_1 | 20 | ||||
| -rwxr-xr-x | tests/shell/testcases/nft-f/0020jump_variable_1 | 20 | ||||
| -rw-r--r-- | tests/shell/testcases/nft-f/dumps/0018jump_variable_0.nft | 8 |
4 files changed, 67 insertions, 0 deletions
diff --git a/tests/shell/testcases/nft-f/0018jump_variable_0 b/tests/shell/testcases/nft-f/0018jump_variable_0 new file mode 100755 index 00000000..003a1bdf --- /dev/null +++ b/tests/shell/testcases/nft-f/0018jump_variable_0 @@ -0,0 +1,19 @@ +#!/bin/bash + +# Tests use of variables in jump statements + +set -e + +RULESET=" +define dest = ber + +table ip foo { + chain bar { + jump \$dest + } + + chain ber { + } +}" + +$NFT -f - <<< "$RULESET" diff --git a/tests/shell/testcases/nft-f/0019jump_variable_1 b/tests/shell/testcases/nft-f/0019jump_variable_1 new file mode 100755 index 00000000..bda861c9 --- /dev/null +++ b/tests/shell/testcases/nft-f/0019jump_variable_1 @@ -0,0 +1,20 @@ +#!/bin/bash + +# Tests use of variables in jump statements + +set -e + +RULESET=" +define dest = { 1024 } + +table ip foo { + chain bar { + jump \$dest + } + + chain ber { + } +}" + +$NFT -f - <<< "$RULESET" && exit 1 +exit 0 diff --git a/tests/shell/testcases/nft-f/0020jump_variable_1 b/tests/shell/testcases/nft-f/0020jump_variable_1 new file mode 100755 index 00000000..f753058f --- /dev/null +++ b/tests/shell/testcases/nft-f/0020jump_variable_1 @@ -0,0 +1,20 @@ +#!/bin/bash + +# Tests use of variables in jump statements + +set -e + +RULESET=" +define dest = * + +table ip foo { + chain bar { + jump \$dest + } + + chain ber { + } +}" + +$NFT -f - <<< "$RULESET" && exit 1 +exit 0 diff --git a/tests/shell/testcases/nft-f/dumps/0018jump_variable_0.nft b/tests/shell/testcases/nft-f/dumps/0018jump_variable_0.nft new file mode 100644 index 00000000..0ddaf07f --- /dev/null +++ b/tests/shell/testcases/nft-f/dumps/0018jump_variable_0.nft @@ -0,0 +1,8 @@ +table ip foo { + chain bar { + jump ber + } + + chain ber { + } +} |