Hi, On Sun, Mar 03, 2019 at 10:03:02PM +0100, Florian Westphal wrote: > Phil Sutter <phil@xxxxxx> wrote: > > Sorry for being late. No worries, it is not urgent. > > +@cp -f extensions/libxt_connlabel.conf.test extensions/libxt_connlabel.conf.tmp > > -m connlabel --label "bit40";=;OK > > -m connlabel ! --label "bit40";=;OK > > -m connlabel --label "bit41" --set;=;OK > > -m connlabel ! --label "bit41" --set;=;OK > > -m connlabel --label "bit128";;FAIL > > Maybe we should forget about the label names and just tests > -m connlabel --label 127 > > i.e., parse the numeric value instead of providing a fake > one. I agree that temporary replace of hosts one is bad. Fine with me as well. Obviously this would reduce code coverage of tests, although not much since libnetfilter_conntrack is used for label map lookup. Cheers, Phil
