blob: bff464687a6f8c46bad406598748edc54e82470f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
#!/bin/bash
set -e
RULESET="table inet filter {
chain ingress {
type filter hook ingress device \"lo\" priority filter; policy accept;
}
chain input {
type filter hook input priority filter; policy accept;
}
chain forward {
type filter hook forward priority filter; policy accept;
}
}"
# Test auto-removal of chain hook on netns removal
unshare -n bash -c "ip link add br0 type bridge; \
$NFT add table netdev test; \
$NFT add chain netdev test ingress { type filter hook ingress device \"br0\" priority 0\; policy drop\; } ; \
" || exit 1
$NFT -f - <<< "$RULESET" && exit 0
exit 1
|