diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-02-06 14:18:10 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-02-06 17:52:39 +0100 |
commit | 299823d46b6d0c49040d81ee3eb0f37b3b0520ea (patch) | |
tree | d1ccb274147f7a9c4554ca390e48781c248b78c6 /tests/shell/testcases/optimizations/dumps | |
parent | e1dfd5cc4c46514a84dd8a2063b45517b596e1ca (diff) |
optimize: select merge criteria based on candidates rules
Select the merge criteria based on the statements that are used
in the candidate rules, instead of using the list of statements
in the given chain.
Update tests to include a rule with a verdict, which triggers
the bug described in the bugzilla ticket.
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1657
Fixes: 0a6dbfce6dc3 ("optimize: merge nat rules with same selectors into map")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases/optimizations/dumps')
-rw-r--r-- | tests/shell/testcases/optimizations/dumps/merge_nat.nft | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/tests/shell/testcases/optimizations/dumps/merge_nat.nft b/tests/shell/testcases/optimizations/dumps/merge_nat.nft index 7a6ecb76..32423b22 100644 --- a/tests/shell/testcases/optimizations/dumps/merge_nat.nft +++ b/tests/shell/testcases/optimizations/dumps/merge_nat.nft @@ -1,20 +1,24 @@ table ip test1 { chain y { + oif "lo" accept dnat to ip saddr map { 4.4.4.4 : 1.1.1.1, 5.5.5.5 : 2.2.2.2 } } } table ip test2 { chain y { + oif "lo" accept dnat ip to tcp dport map { 80 : 1.1.1.1 . 8001, 81 : 2.2.2.2 . 9001 } } } table ip test3 { chain y { + oif "lo" accept snat to ip saddr . tcp sport map { 1.1.1.1 . 1024-65535 : 3.3.3.3, 2.2.2.2 . 1024-65535 : 4.4.4.4 } } } table ip test4 { chain y { + oif "lo" accept dnat ip to ip daddr . tcp dport map { 1.1.1.1 . 80 : 4.4.4.4 . 8000, 2.2.2.2 . 81 : 3.3.3.3 . 9000 } } } |