diff options
author | Lukas Wunner <lukas@wunner.de> | 2020-03-11 13:20:06 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-10-28 02:01:25 +0200 |
commit | 510c4fad7e78f9350f492463d68899a6154807d3 (patch) | |
tree | 42057f190379a7a2c2501977957f1cb6bb501e90 /tests/shell | |
parent | 1e30a3a49a5eaf2a1e0e4b2d8f4949db9db565e7 (diff) |
src: Support netdev egress hook
Add userspace support for the netdev egress hook which is queued up for
v5.16-rc1, complete with documentation and tests. Usage is identical to
the ingress hook.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/testcases/chains/0021prio_0 | 1 | ||||
-rwxr-xr-x | tests/shell/testcases/chains/0026prio_netdev_1 | 4 | ||||
-rw-r--r-- | tests/shell/testcases/chains/dumps/0021prio_0.nft | 20 |
3 files changed, 24 insertions, 1 deletions
diff --git a/tests/shell/testcases/chains/0021prio_0 b/tests/shell/testcases/chains/0021prio_0 index e7612974..d450dc0b 100755 --- a/tests/shell/testcases/chains/0021prio_0 +++ b/tests/shell/testcases/chains/0021prio_0 @@ -69,6 +69,7 @@ done family=netdev echo "add table $family x" gen_chains $family ingress filter lo +gen_chains $family egress filter lo family=bridge echo "add table $family x" diff --git a/tests/shell/testcases/chains/0026prio_netdev_1 b/tests/shell/testcases/chains/0026prio_netdev_1 index aa902e9b..b6fa3db5 100755 --- a/tests/shell/testcases/chains/0026prio_netdev_1 +++ b/tests/shell/testcases/chains/0026prio_netdev_1 @@ -1,7 +1,8 @@ #!/bin/bash family=netdev - hook=ingress + for hook in ingress egress + do for prioname in raw mangle dstnat security srcnat do $NFT add table $family x || exit 1 @@ -12,4 +13,5 @@ family=netdev exit 1 fi done + done exit 0 diff --git a/tests/shell/testcases/chains/dumps/0021prio_0.nft b/tests/shell/testcases/chains/dumps/0021prio_0.nft index ca94d441..4297d246 100644 --- a/tests/shell/testcases/chains/dumps/0021prio_0.nft +++ b/tests/shell/testcases/chains/dumps/0021prio_0.nft @@ -1382,6 +1382,26 @@ table netdev x { chain ingressfilterp11 { type filter hook ingress device "lo" priority 11; policy accept; } + + chain egressfilterm11 { + type filter hook egress device "lo" priority -11; policy accept; + } + + chain egressfilterm10 { + type filter hook egress device "lo" priority filter - 10; policy accept; + } + + chain egressfilter { + type filter hook egress device "lo" priority filter; policy accept; + } + + chain egressfilterp10 { + type filter hook egress device "lo" priority filter + 10; policy accept; + } + + chain egressfilterp11 { + type filter hook egress device "lo" priority 11; policy accept; + } } table bridge x { chain preroutingfilterm11 { |