diff options
author | Liping Zhang <liping.zhang@spreadtrum.com> | 2016-08-22 23:43:53 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-22 18:27:43 +0200 |
commit | 81595230a20ebb500763a68dd1969a2a6db5a9de (patch) | |
tree | 784f5ec7986ecba387e5465351a41786ffe1614f /tests/shell | |
parent | c12c09041ec55daa4c6562d61be81f4ecdfb7fd8 (diff) |
tests: shell: add testcase for reject expr
Reject expr is only valid in input/forward/output chain,
and if user can add reject expr in prerouting chain, kernel
panic will happen.
So add a simple test case to cover this situation.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/testcases/chains/0012reject_in_prerouting_1 | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/tests/shell/testcases/chains/0012reject_in_prerouting_1 b/tests/shell/testcases/chains/0012reject_in_prerouting_1 new file mode 100755 index 00000000..81cda0c4 --- /dev/null +++ b/tests/shell/testcases/chains/0012reject_in_prerouting_1 @@ -0,0 +1,9 @@ +#!/bin/bash + +set -e + +$NFT add table t +$NFT add chain t prerouting {type filter hook prerouting priority 0 \; } +# wrong hook prerouting, only input/forward/output is valid +$NFT add rule t prerouting reject 2>/dev/null +echo "E: accepted reject in prerouting hook" >&2 |