diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-12-22 12:49:59 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-12-22 13:05:15 +0100 |
commit | f470e181d8c6280ca031cfd9ee1ab52a2b21c93a (patch) | |
tree | 3bc4af10807015a4dd8a4f35f543d959a42b3042 /tests | |
parent | 0fe79458cb5ae36d838f0e5a5dc5cc6f332cac03 (diff) |
ct: use inet_service_type for proto-src and proto-dst
Instead of using the invalid type.
Problem was uncovered by this ruleset:
table ip foo {
map pinned {
typeof ip daddr . ct original proto-dst : ip daddr . tcp dport
size 65535
flags dynamic,timeout
timeout 6m
}
chain pr {
meta l4proto tcp update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport }
}
}
resulting in the following misleading error:
map-broken.nft:10:51-82: Error: datatype mismatch: expected concatenation of (IPv4 address), expression has type concatenation of (IPv4 address, internet network service)
meta l4proto tcp update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport }
~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft | 1 | ||||
-rwxr-xr-x | tests/shell/testcases/maps/typeof_maps_concat_update_0 | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft b/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft index a2c3c139..f8b574f4 100644 --- a/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft +++ b/tests/shell/testcases/maps/dumps/typeof_maps_concat_update_0.nft @@ -8,5 +8,6 @@ table ip foo { chain pr { update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport } + update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport } } } diff --git a/tests/shell/testcases/maps/typeof_maps_concat_update_0 b/tests/shell/testcases/maps/typeof_maps_concat_update_0 index e996f14e..2a52ea0e 100755 --- a/tests/shell/testcases/maps/typeof_maps_concat_update_0 +++ b/tests/shell/testcases/maps/typeof_maps_concat_update_0 @@ -11,6 +11,7 @@ EXPECTED="table ip foo { } chain pr { update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport } + meta l4proto tcp update @pinned { ip saddr . ct original proto-dst timeout 1m30s : ip daddr . tcp dport } } }" |