From 81595230a20ebb500763a68dd1969a2a6db5a9de Mon Sep 17 00:00:00 2001
From: Liping Zhang <liping.zhang@spreadtrum.com>
Date: Mon, 22 Aug 2016 23:43:53 +0800
Subject: tests: shell: add testcase for reject expr

Reject expr is only valid in input/forward/output chain,
and if user can add reject expr in prerouting chain, kernel
panic will happen.

So add a simple test case to cover this situation.

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/shell/testcases/chains/0012reject_in_prerouting_1 | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100755 tests/shell/testcases/chains/0012reject_in_prerouting_1

(limited to 'tests/shell')

diff --git a/tests/shell/testcases/chains/0012reject_in_prerouting_1 b/tests/shell/testcases/chains/0012reject_in_prerouting_1
new file mode 100755
index 00000000..81cda0c4
--- /dev/null
+++ b/tests/shell/testcases/chains/0012reject_in_prerouting_1
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -e
+
+$NFT add table t
+$NFT add chain t prerouting {type filter hook prerouting priority 0 \; }
+# wrong hook prerouting, only input/forward/output is valid
+$NFT add rule t prerouting reject 2>/dev/null
+echo "E: accepted reject in prerouting hook" >&2
-- 
cgit v1.2.3