diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-09-28 14:09:54 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-09-29 18:59:44 +0200 |
commit | 82f3b6171d0f79d27662266ddd9876d416879dc8 (patch) | |
tree | 6697148d86e3763ee1b283e01917bb41eb5bc101 /tests/shell | |
parent | d2fb4a860351a9fe77cdab37494328be3268d39b (diff) |
evaluate: check for concatenation in set data datatype
When adding this rule with an existing map:
add rule nat x y meta l4proto { tcp, udp } dnat ip to ip daddr . th dport map @fwdtoip_th
reports a bogus:
Error: datatype mismatch: expected IPv4 address, expression has type
concatenation of (IPv4 address, internet network service)
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/testcases/sets/0067nat_concat_interval_0 | 11 | ||||
-rw-r--r-- | tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft | 7 |
2 files changed, 18 insertions, 0 deletions
diff --git a/tests/shell/testcases/sets/0067nat_concat_interval_0 b/tests/shell/testcases/sets/0067nat_concat_interval_0 index 3d1b62d6..530771b0 100755 --- a/tests/shell/testcases/sets/0067nat_concat_interval_0 +++ b/tests/shell/testcases/sets/0067nat_concat_interval_0 @@ -31,3 +31,14 @@ EXPECTED="table ip nat { }" $NFT -f - <<< $EXPECTED + +EXPECTED="table ip nat { + map fwdtoip_th { + type ipv4_addr . inet_service : interval ipv4_addr . inet_service + flags interval + elements = { 1.2.3.4 . 10000-20000 : 192.168.3.4 . 30000-40000 } + } +}" + +$NFT -f - <<< $EXPECTED +$NFT add rule ip nat prerouting meta l4proto { tcp, udp } dnat to ip daddr . th dport map @fwdtoip_th diff --git a/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft b/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft index c565d21f..3226da15 100644 --- a/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft +++ b/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft @@ -11,9 +11,16 @@ table ip nat { elements = { 192.168.1.2 . 192.168.2.2 : 127.0.0.0/8 . 42-43 } } + map fwdtoip_th { + type ipv4_addr . inet_service : interval ipv4_addr . inet_service + flags interval + elements = { 1.2.3.4 . 10000-20000 : 192.168.3.4 . 30000-40000 } + } + chain prerouting { type nat hook prerouting priority dstnat; policy accept; ip protocol tcp dnat ip to ip saddr map @ipportmap ip protocol tcp dnat ip to ip saddr . ip daddr map @ipportmap2 + meta l4proto { tcp, udp } dnat ip to ip daddr . th dport map @fwdtoip_th } } |