diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-06-02 17:14:59 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-06-02 18:08:42 +0200 |
commit | 575cc4519aa177c573481f683e07c2789a2f870a (patch) | |
tree | 46909685c0940c50db60fa3a75fa753d4cbcb2aa /tests/regression/ip | |
parent | 99632dd169d7db6c66abc06df017de83feec2d38 (diff) |
tests: regression: fix NAT tests
snat can be only used from prerouting and input, and dnat from output and
postrouting.
ip/nat.t: ERROR: line 12: nft add rule ip test-ip4 output iifname eth0 tcp sport 23-34 snat 192.168.3.2: This rule should not have failed.
Split the test file as they require different chain configuration.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/regression/ip')
-rw-r--r-- | tests/regression/ip/dnat.t (renamed from tests/regression/ip/nat.t) | 8 | ||||
-rw-r--r-- | tests/regression/ip/snat.t | 12 |
2 files changed, 13 insertions, 7 deletions
diff --git a/tests/regression/ip/nat.t b/tests/regression/ip/dnat.t index 26c8cbf7..78fc454d 100644 --- a/tests/regression/ip/nat.t +++ b/tests/regression/ip/dnat.t @@ -1,16 +1,10 @@ *ip;test-ip4 -# bug: Nat tables is not supported yet in inet table. --*inet;test-inet - -:output;type nat hook output priority 0 +:prerouting;type nat hook prerouting priority 0 iifname "eth0" tcp dport 80-90 dnat 192.168.3.2;ok iifname "eth0" tcp dport != 80-90 dnat 192.168.3.2;ok iifname "eth0" tcp dport {80, 90, 23} dnat 192.168.3.2;ok - iifname "eth0" tcp dport != {80, 90, 23} dnat 192.168.3.2;ok - -iifname eth0 tcp sport 23-34 snat 192.168.3.2;ok - - iifname "eth0" tcp dport != {80, 90, 23} dnat 192.168.3.2;ok # BUG: invalid expression type set # nft: src/evaluate.c:975: expr_evaluate_relational: Assertion '0' failed. diff --git a/tests/regression/ip/snat.t b/tests/regression/ip/snat.t new file mode 100644 index 00000000..1caf7c76 --- /dev/null +++ b/tests/regression/ip/snat.t @@ -0,0 +1,12 @@ +*ip;test-ip4 +:postrouting;type nat hook postrouting priority 0 + +iifname "eth0" tcp dport 80-90 snat 192.168.3.2;ok +iifname "eth0" tcp dport != 80-90 snat 192.168.3.2;ok +iifname "eth0" tcp dport {80, 90, 23} snat 192.168.3.2;ok +- iifname "eth0" tcp dport != {80, 90, 23} snat 192.168.3.2;ok +- iifname "eth0" tcp dport != {80, 90, 23} snat 192.168.3.2;ok +# BUG: invalid expression type set +# nft: src/evaluate.c:975: expr_evaluate_relational: Assertion '0' failed. + +iifname "eth0" tcp dport != 23-34 snat 192.168.3.2;ok |