This tests what kernel commit ae6153b50f9bf ("netfilter: nf_tables:
permit second nat hook if colliding hook is going away") fixed for.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
tests/shell/testcases/transactions/0041nat_restore_0 | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
create mode 100755 tests/shell/testcases/transactions/0041nat_restore_0
diff --git a/tests/shell/testcases/transactions/0041nat_restore_0 b/tests/shell/testcases/transactions/0041nat_restore_0
new file mode 100755
index 0000000000000..62971852dfa13
--- /dev/null
+++ b/tests/shell/testcases/transactions/0041nat_restore_0
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+set -e
+
+RULESET="
+add table ip t
+add chain ip t c { type nat hook postrouting priority 0; }
+"
+
+$NFT -f - <<< $RULESET
+
+RULESET="
+flush ruleset
+$RULESET
+"
+
+$NFT -f - <<< $RULESET
--
2.16.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
