[PATCH] extensions: add tests for comp match options

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch adds test for ipcomp flow match specified by its SPI value
and move tests for ipcomp protocol to libxt_policy.t

Signed-off-by: Harsha Sharma <harshasharmaiitr@xxxxxxxxx>
---
 extensions/libxt_ipcomp.t | 8 +++-----
 extensions/libxt_policy.t | 3 +++
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/extensions/libxt_ipcomp.t b/extensions/libxt_ipcomp.t
index ce111142..4b989d4c 100644
--- a/extensions/libxt_ipcomp.t
+++ b/extensions/libxt_ipcomp.t
@@ -1,5 +1,3 @@
-:INPUT,FORWARD
--m policy --dir in --pol ipsec --proto ipcomp;=;OK
--m policy --dir in --pol none --proto ipcomp;;FAIL
--m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp;=;OK
--m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp --mode tunnel --tunnel-dst 10.0.0.0/8 --tunnel-src 10.0.0.0/8 --next --reqid 2;=;OK
+:INPUT,OUTPUT
+-p 108 -m ipcomp --ipcompspi 0x12 -j DROP;=;OK
+-p 108 -m ipcomp ! --ipcompspi 0x12 -j ACCEPT;=;OK
diff --git a/extensions/libxt_policy.t b/extensions/libxt_policy.t
index 24a3e2f4..6524122b 100644
--- a/extensions/libxt_policy.t
+++ b/extensions/libxt_policy.t
@@ -1,5 +1,8 @@
 :INPUT,FORWARD
 -m policy --dir in --pol ipsec;=;OK
+-m policy --dir in --pol ipsec --proto ipcomp;=;OK
 -m policy --dir in --pol ipsec --strict;;FAIL
+-m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp;=;OK
 -m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto esp --mode tunnel --tunnel-dst 10.0.0.0/8 --tunnel-src 10.0.0.0/8 --next --reqid 2;=;OK
 -m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto esp --tunnel-dst 10.0.0.0/8;;FAIL
+-m policy --dir in --pol ipsec --strict --reqid 1 --spi 0x1 --proto ipcomp --mode tunnel --tunnel-dst 10.0.0.0/8 --tunnel-src 10.0.0.0/8 --next --reqid 2;=;OK
-- 
2.14.1

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux