On Mon, Mar 04, 2019 at 01:43:11PM +0100, Phil Sutter wrote: > Hi, > > On Sun, Mar 03, 2019 at 10:03:02PM +0100, Florian Westphal wrote: > > Phil Sutter <phil@xxxxxx> wrote: > > > > Sorry for being late. > > No worries, it is not urgent. > > > > +@cp -f extensions/libxt_connlabel.conf.test extensions/libxt_connlabel.conf.tmp > > > -m connlabel --label "bit40";=;OK > > > -m connlabel ! --label "bit40";=;OK > > > -m connlabel --label "bit41" --set;=;OK > > > -m connlabel ! --label "bit41" --set;=;OK > > > -m connlabel --label "bit128";;FAIL > > > > Maybe we should forget about the label names and just tests > > -m connlabel --label 127 > > > > i.e., parse the numeric value instead of providing a fake > > one. I agree that temporary replace of hosts one is bad. > > Fine with me as well. Obviously this would reduce code coverage of > tests, although not much since libnetfilter_conntrack is used for label > map lookup. We can probably place some mapping lookup tests for this in libnetfilter_conntrack.
