From a7d2a042442494abae2970db53fa21bbef1a280a Mon Sep 17 00:00:00 2001
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
Date: Sat, 10 Sep 2022 09:59:48 +0200
Subject: json: add secmark object reference support

The secmark object reference requires a json parser function and it was
missing. In addition, extends the shell testcases.

Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1630
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 .../testcases/json/dumps/0005secmark_objref_0.nft      | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 tests/shell/testcases/json/dumps/0005secmark_objref_0.nft

(limited to 'tests/shell/testcases/json/dumps/0005secmark_objref_0.nft')

diff --git a/tests/shell/testcases/json/dumps/0005secmark_objref_0.nft b/tests/shell/testcases/json/dumps/0005secmark_objref_0.nft
new file mode 100644
index 00000000..4c218e93
--- /dev/null
+++ b/tests/shell/testcases/json/dumps/0005secmark_objref_0.nft
@@ -0,0 +1,18 @@
+table inet x {
+	secmark ssh_server {
+		"system_u:object_r:ssh_server_packet_t:s0"
+	}
+
+	chain y {
+		type filter hook input priority -225; policy accept;
+		tcp dport 2222 ct state new meta secmark set "ssh_server"
+		ct state new ct secmark set meta secmark
+		ct state established,related meta secmark set ct secmark
+	}
+
+	chain z {
+		type filter hook output priority 225; policy accept;
+		ct state new ct secmark set meta secmark
+		ct state established,related meta secmark set ct secmark
+	}
+}
-- 
cgit v1.2.3