summaryrefslogtreecommitdiffstats
path: root/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft
diff options
context:
space:
mode:
Diffstat (limited to 'tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft')
-rw-r--r--tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft1
1 files changed, 1 insertions, 0 deletions
diff --git a/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft b/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft
new file mode 100644
index 00000000..7c0867ad
--- /dev/null
+++ b/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft
@@ -0,0 +1 @@
+{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "portknock", "handle": 1}}, {"set": {"family": "inet", "name": "clients_ipv4", "table": "portknock", "type": "ipv4_addr", "handle": 2, "size": 65535, "flags": ["timeout", "dynamic"]}}, {"set": {"family": "inet", "name": "candidates_ipv4", "table": "portknock", "type": ["ipv4_addr", "inet_service"], "handle": 3, "size": 65535, "flags": ["timeout", "dynamic"]}}, {"chain": {"family": "inet", "table": "portknock", "name": "input", "handle": 1, "type": "filter", "hook": "input", "prio": -10, "policy": "accept"}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 4, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10001}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10002]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 5, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10002}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10003]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 6, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10003}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10004]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 7, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10004}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10005]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 8, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10005}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"payload": {"protocol": "ip", "field": "saddr"}}, "timeout": 600}}, "set": "@clients_ipv4"}}, {"log": {"prefix": "Successful portknock: "}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 9, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@clients_ipv4"}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 10, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["established", "related"]}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 11, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"reject": {"type": "tcp reset"}}]}}]}