diff options
author | Phil Sutter <phil@nwl.cc> | 2019-03-09 11:56:05 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-11 13:34:51 +0100 |
commit | 9c0ed46f68cada9f3455be91adb553d020012596 (patch) | |
tree | 249499eb5b3b977a29088b4bff905a82ce546a14 /tests/ct_mark_filter.sh | |
parent | e0d8a7cec8ba5ca8fed95eacb5c9f1166f386490 (diff) |
Rename 'qa' directory to 'tests'
When searching for library tests, 'qa' is easily overlooked. Use a more
common name instead.
Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/ct_mark_filter.sh')
-rwxr-xr-x | tests/ct_mark_filter.sh | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/tests/ct_mark_filter.sh b/tests/ct_mark_filter.sh new file mode 100755 index 0000000..a2c7fed --- /dev/null +++ b/tests/ct_mark_filter.sh @@ -0,0 +1,36 @@ +#!/bin/sh + +. `dirname $0`/nssocket_env.sh + +echo "---- TCP echo with ctmark 0/0 [filter_mark_zero]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- iptables CONNMARK settings - ctmark tcp 2/2, tcp fin 1/1" +ip netns exec $NETNS sh <<EOF + iptables -t mangle -I PREROUTING -p tcp -m tcp -j CONNMARK --set-mark 2/2 + iptables -t mangle -I PREROUTING -p tcp -m tcp --tcp-flags FIN FIN -j CONNMARK --set-mark 1/1 +EOF + +echo "---- TCP echo with mark filter 1/1 [filter_mark_1_1]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- TCP echo with mark filter ! 1/1 [filter_mark_neg_1_1]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- TCP echo with mark filter !0/fffffffd [filter_mark_neg_0_fffffffd]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +echo "---- max mark filter entry [filter_mark_max]" +pre_sync +echo | nc -q 0 $VETH_CHILD_ADDR $DSTPORT +post_sync + +fin |