|
|
8072fb |
From 162e697cf86947e7ff54a05570146b5b75321e97 Mon Sep 17 00:00:00 2001
|
|
|
8072fb |
From: Eric Garver <eric@garver.life>
|
|
|
8072fb |
Date: Wed, 29 Apr 2020 08:00:35 -0400
|
|
|
8072fb |
Subject: [PATCH 14/45] test(direct): rule in a zone chain
|
|
|
8072fb |
|
|
|
8072fb |
Coverage for rhbz 1829104.
|
|
|
8072fb |
|
|
|
8072fb |
(cherry picked from commit f88617bb205c6891d4f9c1d5231ddf356a3bd59f)
|
|
|
8072fb |
(cherry picked from commit c9f519adea34ec29e262713a543f2b086fb9ffa7)
|
|
|
8072fb |
---
|
|
|
8072fb |
src/tests/regression/regression.at | 1 +
|
|
|
8072fb |
src/tests/regression/rhbz1829104.at | 55 +++++++++++++++++++++++++++++
|
|
|
8072fb |
2 files changed, 56 insertions(+)
|
|
|
8072fb |
create mode 100644 src/tests/regression/rhbz1829104.at
|
|
|
8072fb |
|
|
|
8072fb |
diff --git a/src/tests/regression/regression.at b/src/tests/regression/regression.at
|
|
|
8072fb |
index 2528ddd3fede..c3a5706c6406 100644
|
|
|
8072fb |
--- a/src/tests/regression/regression.at
|
|
|
8072fb |
+++ b/src/tests/regression/regression.at
|
|
|
8072fb |
@@ -28,3 +28,4 @@ m4_include([regression/gh567.at])
|
|
|
8072fb |
m4_include([regression/rhbz1779835.at])
|
|
|
8072fb |
m4_include([regression/gh330.at])
|
|
|
8072fb |
m4_include([regression/gh599.at])
|
|
|
8072fb |
+m4_include([regression/rhbz1829104.at])
|
|
|
8072fb |
diff --git a/src/tests/regression/rhbz1829104.at b/src/tests/regression/rhbz1829104.at
|
|
|
8072fb |
new file mode 100644
|
|
|
8072fb |
index 000000000000..45659eb3c3df
|
|
|
8072fb |
--- /dev/null
|
|
|
8072fb |
+++ b/src/tests/regression/rhbz1829104.at
|
|
|
8072fb |
@@ -0,0 +1,55 @@
|
|
|
8072fb |
+m4_if(iptables, FIREWALL_BACKEND, [
|
|
|
8072fb |
+FWD_START_TEST([direct rule in zone chain])
|
|
|
8072fb |
+AT_KEYWORDS(direct rhbz1829104)
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 raw PRE_public 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 raw PRE_public_pre 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 raw PRE_public_log 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 raw PRE_public_deny 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 raw PRE_public_allow 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 raw PRE_public_post 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 mangle PRE_public 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 mangle PRE_public_pre 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 mangle PRE_public_log 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 mangle PRE_public_deny 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 mangle PRE_public_allow 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 mangle PRE_public_post 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat PRE_public 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat PRE_public_pre 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat PRE_public_log 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat PRE_public_deny 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat PRE_public_allow 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat PRE_public_post 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter IN_public 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter IN_public_pre 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter IN_public_log 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter IN_public_deny 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter IN_public_allow 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter IN_public_post 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDI_public 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDI_public_pre 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDI_public_log 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDI_public_deny 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDI_public_allow 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDI_public_post 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDO_public 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDO_public_pre 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDO_public_log 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDO_public_deny 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDO_public_allow 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 filter FWDO_public_post 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat POST_public 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat POST_public_pre 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat POST_public_log 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat POST_public_deny 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat POST_public_allow 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+FWD_CHECK([-q --direct --add-rule ipv4 nat POST_public_post 0 -s 10.10.10.0/24 ! -d 10.0.0.0/8 -j ACCEPT])
|
|
|
8072fb |
+
|
|
|
8072fb |
+FWD_END_TEST
|
|
|
8072fb |
+])
|
|
|
8072fb |
--
|
|
|
8072fb |
2.27.0
|
|
|
8072fb |
|