Tree - source-git/iptables - CentOS Git server

source-git / iptables

Blame iptables/tests/shell/testcases/ebtables/0002-ebtables-save-restore_0

Blob History Raw

Packit Service	d1fe03	`#!/bin/bash`
Packit Service	d1fe03
Packit Service	d1fe03	`set -e`
Packit Service	d1fe03	`#set -x`
Packit Service	d1fe03
Packit Service	d1fe03	`# there is no legacy backend to test`
Packit Service	d1fe03	`[[ $XT_MULTI == */xtables-nft-multi ]] \|\| { echo "skip $XT_MULTI"; exit 0; }`
Packit Service	d1fe03
Packit Service	d1fe03	`# fill ebtables manually`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables --init-table`
Packit Service	d1fe03	`$XT_MULTI ebtables -A INPUT -p IPv4 -i lo -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -P FORWARD DROP`
Packit Service	d1fe03	`$XT_MULTI ebtables -A OUTPUT -s ff:ff:ff:ff:ff:ff/ff:ff:ff:ff:ff:ff -j DROP`
Packit Service	d1fe03	`$XT_MULTI ebtables -N foo`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --802_3-sap 0x23 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --802_3-sap 0xaa --802_3-type 0x1337 -j ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -A foo --among-dst fe:ed:ba:be:00:01,fe:ed:ba:be:00:02,fe:ed:ba:be:00:03 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p ARP --arp-gratuitous -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p ARP --arp-opcode Request -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p ARP --arp-ip-src 10.0.0.1 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p ARP --arp-ip-dst 10.0.0.0/8 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p ARP --arp-mac-src fe:ed:ba:be:00:01 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p ARP --arp-mac-dst fe:ed:ba:be:00:01/ff:ff:ff:00:00:00 -j ACCEPT`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p IPv4 --ip-src 10.0.0.1 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p IPv4 --ip-dst 10.0.0.0/8 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p IPv4 --ip-tos 0x10 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p IPv4 --ip-protocol tcp -j ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -A foo -p IPv4 --ip-sport 23 -j ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -A foo -p IPv4 --ip-dport 1024:4096 -j ACCEPT`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p IPv6 --ip6-src feed:babe::1 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p IPv6 --ip6-dst feed:babe::/64 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo -p IPv6 --ip6-proto tcp -j ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -A foo -p IPv6 --ip6-sport 23 -j ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -A foo -p IPv6 --ip6-dport 1024:4096 -j ACCEPT`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --limit 100 --limit-burst 42 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --log`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --mark-set 0x23 --mark-target ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --nflog`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --pkttype-type multicast -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --stp-type config -j ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -A foo --vlan-id 42 -j ACCEPT`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --802_3-sap 0x23 --limit 100 -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --pkttype-type multicast --log`
Packit Service	d1fe03	`$XT_MULTI ebtables -A foo --pkttype-type multicast --limit 100 -j ACCEPT`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -A FORWARD -j foo`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -N bar`
Packit Service	d1fe03	`$XT_MULTI ebtables -P bar RETURN`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -t nat -A PREROUTING --redirect-target ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -t nat -A PREROUTING --to-src fe:ed:ba:be:00:01`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -t nat -A OUTPUT -j ACCEPT`
Packit Service	d1fe03	`$XT_MULTI ebtables -t nat -P OUTPUT DROP`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -t nat -A POSTROUTING -j ACCEPT`
Packit Service	d1fe03	`#$XT_MULTI ebtables -t nat -A POSTROUTING --to-dst fe:ed:ba:be:00:01 --dnat-target ACCEPT`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables -t nat -N nat_foo -P DROP`
Packit Service	d1fe03
Packit Service	d1fe03	`# compare against stored ebtables dump`
Packit Service	d1fe03
Packit Service	d1fe03	`DUMP='*filter`
Packit Service	d1fe03	`:INPUT ACCEPT`
Packit Service	d1fe03	`:FORWARD DROP`
Packit Service	d1fe03	`:OUTPUT ACCEPT`
Packit Service	d1fe03	`:foo ACCEPT`
Packit Service	d1fe03	`:bar RETURN`
Packit Service	d1fe03	`-A INPUT -p IPv4 -i lo -j ACCEPT`
Packit Service	d1fe03	`-A FORWARD -j foo`
Packit Service	d1fe03	`-A OUTPUT -s Broadcast -j DROP`
Packit Service	d1fe03	`-A foo --802_3-sap 0x23 -j ACCEPT`
Packit Service	d1fe03	`-A foo --802_3-sap 0xaa --802_3-type 0x1337 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p ARP --arp-gratuitous -j ACCEPT`
Packit Service	d1fe03	`-A foo -p ARP --arp-op Request -j ACCEPT`
Packit Service	d1fe03	`-A foo -p ARP --arp-ip-src 10.0.0.1 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p ARP --arp-ip-dst 10.0.0.0/8 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p ARP --arp-mac-src fe:ed:ba:be:00:01 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p ARP --arp-mac-dst fe:ed:ba:00:00:00/ff:ff:ff:00:00:00 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p IPv4 --ip-src 10.0.0.1 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p IPv4 --ip-dst 10.0.0.0/8 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p IPv4 --ip-tos 0x10 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p IPv4 --ip-proto tcp -j ACCEPT`
Packit Service	d1fe03	`-A foo -p IPv6 --ip6-src feed:babe::1 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p IPv6 --ip6-dst feed:babe::/64 -j ACCEPT`
Packit Service	d1fe03	`-A foo -p IPv6 --ip6-proto tcp -j ACCEPT`
Packit Service	d1fe03	`-A foo --limit 100/sec --limit-burst 42 -j ACCEPT`
Packit Service	d1fe03	`-A foo --log-level notice --log-prefix "" -j CONTINUE`
Packit Service	d1fe03	`-A foo -j mark --mark-set 0x23 --mark-target ACCEPT`
Packit Service	d1fe03	`-A foo --nflog-group 1 -j CONTINUE`
Packit Service	d1fe03	`-A foo --pkttype-type multicast -j ACCEPT`
Packit Service	d1fe03	`-A foo --stp-type config -j ACCEPT`
Packit Service	d1fe03	`-A foo --802_3-sap 0x23 --limit 100/sec --limit-burst 5 -j ACCEPT`
Packit Service	d1fe03	`-A foo --pkttype-type multicast --log-level notice --log-prefix "" -j CONTINUE`
Packit Service	d1fe03	`-A foo --pkttype-type multicast --limit 100/sec --limit-burst 5 -j ACCEPT`
Packit Service	d1fe03	`*nat`
Packit Service	d1fe03	`:PREROUTING ACCEPT`
Packit Service	d1fe03	`:OUTPUT DROP`
Packit Service	d1fe03	`:POSTROUTING ACCEPT`
Packit Service	d1fe03	`:nat_foo DROP`
Packit Service	d1fe03	`-A PREROUTING -j redirect`
Packit Service	d1fe03	`-A OUTPUT -j ACCEPT`
Packit Service	d1fe03	`-A POSTROUTING -j ACCEPT'`
Packit Service	d1fe03
Packit Service	d1fe03	`diff -u <(echo -e "$DUMP") <($XT_MULTI ebtables-save \| grep -v '^#')`
Packit Service	d1fe03
Packit Service	d1fe03	`# make sure dump can be restored and check it didn't change`
Packit Service	d1fe03
Packit Service	d1fe03	`$XT_MULTI ebtables --init-table`
Packit Service	d1fe03	`$XT_MULTI ebtables-restore <<<$DUMP`
Packit Service	d1fe03	`diff -u <(echo -e "$DUMP") <($XT_MULTI ebtables-save \| grep -v '^#')`

source-git / iptables

Source Code

Blame iptables/tests/shell/testcases/ebtables/0002-ebtables-save-restore_0