summaryrefslogtreecommitdiffstats
path: root/tests/py/inet/sets.t
blob: e0b0ee867f9b7085e7a47fd7f09d8dc6732e602c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
:input;type filter hook input priority 0
:ingress;type filter hook ingress device lo priority 0

*inet;test-inet;input
*bridge;test-inet;input
*netdev;test-netdev;ingress

!set1 type ipv4_addr timeout 60s;ok
?set1 192.168.3.4 timeout 30s, 10.2.1.1;ok

!set2 type ipv6_addr timeout 23d23h59m59s;ok
?set2 dead::beef timeout 5s;ok

ip saddr @set1 drop;ok
ip saddr != @set2 drop;fail

ip6 daddr != @set2 accept;ok
ip6 daddr @set1 drop;fail

!set3 type ipv4_addr . ipv4_addr . inet_service flags interval;ok
?set3 10.0.0.0/8 . 192.168.1.3-192.168.1.9 . 1024-65535;ok

ip saddr . ip daddr . tcp dport @set3 accept;ok
-ip daddr . tcp dport { 10.0.0.0/8 . 10-23, 192.168.1.1-192.168.3.8 . 80-443 } accept;ok