source-git / nftables

Clone
Source Code
GIT

Blame tests/py/inet/reject.t.payload.inet

c8 c8s master
  1.   1227cde042e6591910a945b5d8b21a1576a371f7
  2.   tests
  3.   py
  4.   inet
  5.   reject.t.payload.inet
Blob History Raw
Packit c5a612 
# reject with icmp type host-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 1 ]
Packit c5a612
Packit c5a612 
# reject with icmp type net-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 0 ]
Packit c5a612
Packit c5a612 
# reject with icmp type prot-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 2 ]
Packit c5a612
Packit c5a612 
# reject with icmp type port-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 3 ]
Packit c5a612
Packit c5a612 
# reject with icmp type net-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 9 ]
Packit c5a612
Packit c5a612 
# reject with icmp type host-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 10 ]
Packit c5a612
Packit c5a612 
# reject with icmp type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 13 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type no-route
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 0 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 1 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type addr-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 3 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type port-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 4 ]
Packit c5a612
Packit c5a612 
# mark 12345 reject with tcp reset
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load l4proto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000006 ]
Packit c5a612 
  [ meta load mark => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00003039 ]
Packit c5a612 
  [ reject type 1 code 0 ]
Packit c5a612
Packit c5a612 
# reject
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 1 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv4 reject
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 3 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv6 reject
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 4 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type host-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 2 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type no-route
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 0 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 3 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type port-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 1 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv4 reject with icmp type host-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 1 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv6 reject with icmpv6 type no-route
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 0 ]
Packit c5a612
Packit c5a612 
# reject with icmp type prot-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 2 ]
Packit c5a612
Packit c5a612 
# reject with icmp type port-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 3 ]
Packit c5a612
Packit c5a612 
# reject with icmp type net-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 9 ]
Packit c5a612
Packit c5a612 
# reject with icmp type host-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 10 ]
Packit c5a612
Packit c5a612 
# reject with icmp type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 13 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type no-route
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 0 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 1 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type addr-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 3 ]
Packit c5a612
Packit c5a612 
# reject with icmpv6 type port-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 4 ]
Packit c5a612
Packit c5a612 
# reject with tcp reset
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load l4proto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000006 ]
Packit c5a612 
  [ reject type 1 code 0 ]
Packit c5a612
Packit c5a612 
# reject
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 1 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv4 reject
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 3 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv6 reject
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 4 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type host-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 2 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type no-route
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 0 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 3 ]
Packit c5a612
Packit c5a612 
# reject with icmpx type port-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ reject type 2 code 1 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv4 reject with icmp type host-unreachable
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 0 code 1 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv6 reject with icmpv6 type no-route
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 0 code 0 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv4 reject with icmpx type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x00000002 ]
Packit c5a612 
  [ reject type 2 code 3 ]
Packit c5a612
Packit c5a612 
# meta nfproto ipv6 reject with icmpx type admin-prohibited
Packit c5a612 
inet test-inet input
Packit c5a612 
  [ meta load nfproto => reg 1 ]
Packit c5a612 
  [ cmp eq reg 1 0x0000000a ]
Packit c5a612 
  [ reject type 2 code 3 ]
Packit c5a612

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation