diff options
author | Phil Sutter <phil@nwl.cc> | 2019-08-21 00:42:13 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2019-11-25 23:31:14 +0100 |
commit | 26753888720d8e7eb422ae4311348347f5a05cb4 (patch) | |
tree | dd3b4041e08e0eaac8d08fdac1045a4f103c7303 /extensions/libebt_among.t | |
parent | 6d19208caf8325649b9c7888fa8b3db796807c20 (diff) |
nft: bridge: Rudimental among extension support
Support among match as far as possible given the limitations of nftables
sets, namely limited to homogeneous MAC address only or MAC and IP
address only matches.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libebt_among.t')
-rw-r--r-- | extensions/libebt_among.t | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/extensions/libebt_among.t b/extensions/libebt_among.t new file mode 100644 index 00000000..56b29916 --- /dev/null +++ b/extensions/libebt_among.t @@ -0,0 +1,16 @@ +:INPUT,FORWARD,OUTPUT +--among-dst de:ad:0:be:ee:ff,c0:ff:ee:0:ba:be;--among-dst c0:ff:ee:0:ba:be,de:ad:0:be:ee:ff;OK +--among-dst ! c0:ff:ee:0:ba:be,de:ad:0:be:ee:ff;=;OK +--among-src be:ef:0:c0:ff:ee,c0:ff:ee:0:ba:be,de:ad:0:be:ee:ff;=;OK +--among-src de:ad:0:be:ee:ff=10.0.0.1,c0:ff:ee:0:ba:be=192.168.1.1;--among-src c0:ff:ee:0:ba:be=192.168.1.1,de:ad:0:be:ee:ff=10.0.0.1;OK +--among-src ! c0:ff:ee:0:ba:be=192.168.1.1,de:ad:0:be:ee:ff=10.0.0.1;=;OK +--among-src de:ad:0:be:ee:ff --among-dst c0:ff:ee:0:ba:be;=;OK +--among-src de:ad:0:be:ee:ff=10.0.0.1 --among-dst c0:ff:ee:0:ba:be=192.168.1.1;=;OK +--among-src ! de:ad:0:be:ee:ff --among-dst c0:ff:ee:0:ba:be;=;OK +--among-src de:ad:0:be:ee:ff=10.0.0.1 --among-dst ! c0:ff:ee:0:ba:be=192.168.1.1;=;OK +--among-src ! de:ad:0:be:ee:ff --among-dst c0:ff:ee:0:ba:be=192.168.1.1;=;OK +--among-src de:ad:0:be:ee:ff=10.0.0.1 --among-dst ! c0:ff:ee:0:ba:be=192.168.1.1;=;OK +--among-src;=;FAIL +--among-src 00:11=10.0.0.1;=;FAIL +--among-src de:ad:0:be:ee:ff=10.256.0.1;=;FAIL +--among-src de:ad:0:be:ee:ff,c0:ff:ee:0:ba:be=192.168.1.1;=;FAIL |