From c265c2639e8855719fc09325c3dc4a69d91a7088 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sat, 20 Apr 2013 12:08:00 +0200
Subject: tests: expr-meta: update examples to use the current syntax

Also enable nftrace, now that nftables kernel-space supports this.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/expr-meta | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'tests/expr-meta')

diff --git a/tests/expr-meta b/tests/expr-meta
index 97582aa1..da16ae41 100644
--- a/tests/expr-meta
+++ b/tests/expr-meta
@@ -1,7 +1,7 @@
 #! nft -f
 
 add table ip filter
-add chain ip filter output NF_INET_LOCAL_OUT 0
+add chain ip filter output { hook NF_INET_LOCAL_OUT 0 ; }
 
 # meta: skb len
 add rule ip filter output meta length 1000 counter
@@ -13,13 +13,13 @@ add rule ip filter output meta protocol 0x0800 counter
 add rule ip filter output meta mark 0 counter
 
 # meta: skb iif
-add rule ip filter output meta iif 1 counter
+add rule ip filter output meta iif lo counter
 
 # meta: skb iifname
 add rule ip filter output meta iifname "eth0" counter
 
 # meta: skb oif
-add rule ip filter output meta oif 1 counter
+add rule ip filter output meta oif lo counter
 
 # meta: skb oifname
 add rule ip filter output meta oifname "eth0" counter
@@ -30,11 +30,11 @@ add rule ip filter output meta skuid 1000 counter
 # meta: skb sk gid
 add rule ip filter output meta skgid 1000 counter
 
-# meta: nftrace - broken, probably should be removed to avoid abuse
-#add rule ip filter output meta nftrace 0 counter
+# meta: nftrace
+add rule ip filter output meta nftrace 1 counter
 
-# meta: rtclassid
-add rule ip filter output meta rtclassid 1 counter
+# meta: rtclassid (see /etc/iproute2/rt_realms)
+add rule ip filter output meta rtclassid cosmos counter
 
 # meta: secmark
 add rule ip filter output meta secmark 0 counter
-- 
cgit v1.2.3