diff options
author | Liping Zhang <liping.zhang@spreadtrum.com> | 2016-06-13 20:53:55 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-06-15 14:01:32 +0200 |
commit | fe0d7490cb292a10ddba4b7f3389da9889df91fb (patch) | |
tree | 0816248943511a59b8f9e86ecbe7bacf57a9136f /tests/shell/testcases/chains | |
parent | 67ea3f3c1b14731d93618c426dd8a5d28aa314a1 (diff) |
tests: shell: add endless jump loop tests
Add some tests for endless jump loop validation.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases/chains')
-rwxr-xr-x | tests/shell/testcases/chains/0010endless_jump_loop_1 | 9 | ||||
-rwxr-xr-x | tests/shell/testcases/chains/0011endless_jump_loop_1 | 14 |
2 files changed, 23 insertions, 0 deletions
diff --git a/tests/shell/testcases/chains/0010endless_jump_loop_1 b/tests/shell/testcases/chains/0010endless_jump_loop_1 new file mode 100755 index 00000000..dba70e14 --- /dev/null +++ b/tests/shell/testcases/chains/0010endless_jump_loop_1 @@ -0,0 +1,9 @@ +#!/bin/bash + +set -e + +$NFT add table t +$NFT add chain t c +# kernel should return ELOOP +$NFT add rule t c tcp dport vmap {1 : jump c} 2>/dev/null +echo "E: accepted endless jump loop in a vmap" >&2 diff --git a/tests/shell/testcases/chains/0011endless_jump_loop_1 b/tests/shell/testcases/chains/0011endless_jump_loop_1 new file mode 100755 index 00000000..adbff8d4 --- /dev/null +++ b/tests/shell/testcases/chains/0011endless_jump_loop_1 @@ -0,0 +1,14 @@ +#!/bin/bash + +set -e + +$NFT add table t +$NFT add chain t c1 +$NFT add chain t c2 +$NFT add map t m {type inet_service : verdict \;} +$NFT add element t m {2 : jump c2} +$NFT add rule t c1 tcp dport vmap @m + +# kernel should return ELOOP +$NFT add element t m {1 : jump c1} 2>/dev/null +echo "E: accepted endless jump loop in a vmap" >&2 |