tests: shell: Prevent lockout in nft-f/0008split_tables_0

Since packets traverse both tables, the accept rule in the first one is ineffective due to the second table's drop policy. To prevent lockouts when running the testsuite via SSH connection, set the second chain's policy to accept as well. Fixes: 337c7e0de3d9d ("tests: shell: make sure split table definition works via nft -f") Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2017-11-21 23:13:39 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2017-11-22 13:18:34 +0100
commit: cd43e516d3a4301be9e993cce94a48624650bb37 (patch)
tree: cff905ecaf7928bca8888c4e8916300e945a2661 /tests/shell/testcases
parent: 1be5e6f808e3908ecd13ab68b3fea0739794f02d (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/shell/testcases/nft-f/0008split_tables_0 b/tests/shell/testcases/nft-f/0008split_tables_0
index 2bc6e46c..dd03545b 100755
--- a/tests/shell/testcases/nft-f/0008split_tables_0
+++ b/tests/shell/testcases/nft-f/0008split_tables_0
@@ -19,7 +19,7 @@ RULESET="table inet filter {
 
 table inet filter {
 	chain input {
-		type filter hook input priority 1; policy drop;
+		type filter hook input priority 1; policy accept;
 	}
 }"
 
@@ -37,7 +37,7 @@ EXPECTED="table inet filter {
 	}
 
 	chain input {
-		type filter hook input priority 1; policy drop;
+		type filter hook input priority 1; policy accept;
 	}
 }"
author	Phil Sutter <phil@nwl.cc>	2017-11-21 23:13:39 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2017-11-22 13:18:34 +0100
commit	cd43e516d3a4301be9e993cce94a48624650bb37 (patch)
tree	cff905ecaf7928bca8888c4e8916300e945a2661 /tests/shell/testcases
parent	1be5e6f808e3908ecd13ab68b3fea0739794f02d (diff)