summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2016-01-13 09:28:07 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2016-01-13 09:28:07 +0100
commit9592763b89d03e988fb46f2fc05c0cdc992534d3 (patch)
tree9c06d11a2caf27716b74c141afddbdcb90a37d79
parent9b0be3d2545bfd0b482883bada1f4f0410b683ef (diff)
Test added to check 0.0.0.0/0,iface to be matched in hash:net,iface type
Diffstat
-rwxr-xr-xtests/iptables.sh6
-rw-r--r--tests/match_target.t8
2 files changed, 14 insertions, 0 deletions
diff --git a/tests/iptables.sh b/tests/iptables.sh
index 7ea90e0..490d42d 100755
--- a/tests/iptables.sh
+++ b/tests/iptables.sh
@@ -111,6 +111,12 @@ mangle)
$cmd -t mangle -A INPUT -m mark --mark 0x1234 -j LOG --log-prefix "in set mark: "
$cmd -t mangle -A INPUT -s 10.255.0.0/16 -j DROP
;;
+netiface)
+ $ipset n test hash:net,iface
+ $ipset a test 0.0.0.0/0,eth0
+ $cmd -A OUTPUT -m set --match-set test dst,dst -j LOG --log-prefix "in set netiface: "
+ $cmd -A OUTPUT -d 10.255.255.254 -j DROP
+ ;;
stop)
$cmd -F
$cmd -X
diff --git a/tests/match_target.t b/tests/match_target.t
index 02a0ea3..59e1643 100644
--- a/tests/match_target.t
+++ b/tests/match_target.t
@@ -104,4 +104,12 @@
0 ipset t test 10.255.255.0/24
# Destroy sets and rules
0 ./iptables.sh inet stop
+# Create set and rules for 0.0.0.0/0 check in hash:net,iface
+0 ./iptables.sh inet netiface
+# Send probe packet
+0 sendip -p ipv4 -id 10.255.255.254 -is 10.255.255.64 -p udp -ud 80 -us 1025 10.255.255.254 >/dev/null 2>&1
+# Check kernel log that the packet matched the set
+0 ./check_klog.sh 10.255.255.64 udp 1025 netiface
+# Destroy sets and rules
+0 ./iptables.sh inet stop
# eof