blob: cca36fd88d6c78fd01d848bf6eae020c8d3c580c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
#!/bin/bash
[[ $XT_MULTI == *xtables-nft-multi ]] || { echo "skip $XT_MULTI"; exit 0; }
nft -v >/dev/null || exit 0
set -e
nft -f - <<EOF
table ip filter {
chain FORWARD {
type filter hook forward priority filter;
limit rate 10/day counter
udp dport 42 counter
}
}
EOF
EXPECT="*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -m limit --limit 10/day
-A FORWARD -p udp -m udp --dport 42
COMMIT"
diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables-save | grep -v '^#')
|
