blob: d51510af9073350db90f471eac8730119138a135 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
#!/bin/bash
EXPECTED="table inet t {
map m1 {
typeof udp length . @ih,32,32 : verdict
flags interval
elements = { 20-80 . 0x14 : accept, 1-10 . 0xa : drop }
}
map m2 {
typeof udp length . @ih,32,32 : verdict
elements = { 20 . 0x24 : accept, 30 . 0x1e : drop }
}
chain c {
udp length . @ih,32,32 vmap @m1
udp length . @ih,32,32 vmap @m2
udp length . @th,160,128 vmap { 47-63 . 0xe373135363130333131303735353203 : accept }
}
}"
$NFT add element inet t m1 { 90-100 . 40 : drop }
$NFT delete element inet t m2 { 20 . 20 : accept }
set -e
$NFT -f - <<< $EXPECTED
|