diff options
| author | Florian Westphal <fw@strlen.de> | 2024-07-10 02:33:37 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2024-07-11 17:05:32 +0200 |
| commit | 1fc78397e9a1fb5e41841b8b4e92a9eb9536c6f1 (patch) | |
| tree | 0a42c261dec9a533cefa80b1bd48098313fa35f2 /tests/shell/testcases/transactions | |
| parent | eddd1c779c712e2103dfb5d201faf1c956d3734a (diff) | |
tests: shell: connect chains to hook point
These tests should fail because they contain a loop or exceed the jump stack.
But this depends on the kernel validating chains that are not bound to any
basechain/hook point.
Wire up the initial chain to filter type.
Without this tests will start to fail when kernel stops validating
chains that are not reachable by any base chain.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell/testcases/transactions')
| -rwxr-xr-x | tests/shell/testcases/transactions/0023rule_1 | 2 | ||||
| -rwxr-xr-x | tests/shell/testcases/transactions/anon_chain_loop | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/tests/shell/testcases/transactions/0023rule_1 b/tests/shell/testcases/transactions/0023rule_1 index e58c088c..863bcde4 100755 --- a/tests/shell/testcases/transactions/0023rule_1 +++ b/tests/shell/testcases/transactions/0023rule_1 @@ -1,7 +1,7 @@ #!/bin/bash RULESET="add table x -add chain x y +add chain x y { type filter hook input priority 0; } add rule x y jump y" # kernel must return ELOOP diff --git a/tests/shell/testcases/transactions/anon_chain_loop b/tests/shell/testcases/transactions/anon_chain_loop index 2fd61810..3053d166 100755 --- a/tests/shell/testcases/transactions/anon_chain_loop +++ b/tests/shell/testcases/transactions/anon_chain_loop @@ -3,7 +3,7 @@ # anon chains with c1 -> c2 recursive jump, expect failure $NFT -f - <<EOF table ip t { - chain c2 { } + chain c2 { type filter hook input priority 0; } chain c1 { } } |