From 4121175cc243a15bdb8c226a335f67cedd98680e Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Thu, 11 Jan 2024 18:14:16 +0100 Subject: evaluate: add missing range checks for dup,fwd and payload statements Else we assert with: BUG: unknown expression type range nft: src/netlink_linearize.c:912: netlink_gen_expr: Assertion `0' failed. While at it, condense meta and exthdr to reuse the same helper. Signed-off-by: Florian Westphal --- tests/shell/testcases/bogons/nft-f/dup_fwd_ranges | 14 ++++++++++++++ .../testcases/bogons/nft-f/unknown_expr_type_range_assert | 8 +++++--- 2 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 tests/shell/testcases/bogons/nft-f/dup_fwd_ranges (limited to 'tests/shell/testcases/bogons') diff --git a/tests/shell/testcases/bogons/nft-f/dup_fwd_ranges b/tests/shell/testcases/bogons/nft-f/dup_fwd_ranges new file mode 100644 index 00000000..efaff9e5 --- /dev/null +++ b/tests/shell/testcases/bogons/nft-f/dup_fwd_ranges @@ -0,0 +1,14 @@ +define dev = "1"-"2" + +table netdev t { + chain c { + fwd to 1-2 + dup to 1-2 + } +} + +table ip t { + chain c { + dup to 1-2 device $dev + } +} diff --git a/tests/shell/testcases/bogons/nft-f/unknown_expr_type_range_assert b/tests/shell/testcases/bogons/nft-f/unknown_expr_type_range_assert index 234dd623..e6206736 100644 --- a/tests/shell/testcases/bogons/nft-f/unknown_expr_type_range_assert +++ b/tests/shell/testcases/bogons/nft-f/unknown_expr_type_range_assert @@ -1,5 +1,7 @@ table ip x { - chain k { - meta mark set 0x001-3434 - } + chain k { + meta mark set 0x001-3434 + ct mark set 0x001-3434 + tcp dport set 1-3 + } } -- cgit v1.2.3