From fac10ea799fe9b6158d74f66d6ad46536d38a545 Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Wed, 18 Mar 2009 04:55:00 +0100
Subject: Initial commit

---
 tests/expr-meta | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100755 tests/expr-meta

(limited to 'tests/expr-meta')

diff --git a/tests/expr-meta b/tests/expr-meta
new file mode 100755
index 00000000..122d2895
--- /dev/null
+++ b/tests/expr-meta
@@ -0,0 +1,40 @@
+#! nft -f
+
+table add ip filter
+chain add ip filter output NF_INET_LOCAL_OUT 0
+
+# meta: skb len
+rule add ip filter output meta length 1000 counter
+
+# meta: skb protocol
+rule add ip filter output meta protocol 0x0800 counter
+
+# meta: skb mark
+rule add ip filter output meta mark 0 counter
+
+# meta: skb iif
+rule add ip filter output meta iif 1 counter
+
+# meta: skb iifname
+rule add ip filter output meta iifname "eth0" counter
+
+# meta: skb oif
+rule add ip filter output meta oif 1 counter
+
+# meta: skb oifname
+rule add ip filter output meta oifname "eth0" counter
+
+# meta: skb sk uid
+rule add ip filter output meta skuid 1000 counter
+
+# meta: skb sk gid
+rule add ip filter output meta skgid 1000 counter
+
+# meta: nftrace - broken, probably should be removed to avoid abuse
+#rule add ip filter output meta nftrace 0 counter
+
+# meta: rtclassid
+rule add ip filter output meta rtclassid 1 counter
+
+# meta: secmark
+rule add ip filter output meta secmark 0 counter
-- 
cgit v1.2.3