blob: f4e1f01215ec95c12987b52297bb0a7286fd512e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
#!/bin/bash
# NFT_TEST_REQUIRES(NFT_TEST_HAVE_pipapo)
set -e
RULESET="table ip filter {
map ipsec_in {
typeof ipsec in reqid . iif : verdict
flags interval
}
chain INPUT {
type filter hook input priority 0; policy drop
ipsec in reqid . iif vmap @ipsec_in
}
}"
$NFT -f - <<< $RULESET
|