[PATCH 1/1] iptables_lib.sh: Fix for iptables-translate >= v1.8.9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



iptables-translate <= v1.8.8 didn't use quotes:
$ iptables-translate -A INPUT -s 127.0.0.1 -p icmp -j DROP
nft add rule ip filter INPUT ip protocol icmp ip saddr 127.0.0.1 counter drop

iptables-translate since v1.8.9 started to add quotes:
$ iptables-translate -A INPUT -s 127.0.0.1 -p icmp -j DROP
nft 'add rule ip filter INPUT ip protocol icmp ip saddr 127.0.0.1 counter drop'

That broke nft01.sh test:

Error: syntax error, unexpected junk
'add rule ip filter INPUT ip protocol icmp ip saddr 127.0.0.1 counter drop'
^
nft01 1 TFAIL: nft command failed to append new rule

Therefore filter out also quotes (to existing backslash).

Signed-off-by: Petr Vorel <pvorel@xxxxxxx>
---
 testcases/network/iptables/iptables_lib.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testcases/network/iptables/iptables_lib.sh b/testcases/network/iptables/iptables_lib.sh
index ab76cbd416..7e138ea33b 100755
--- a/testcases/network/iptables/iptables_lib.sh
+++ b/testcases/network/iptables/iptables_lib.sh
@@ -22,7 +22,7 @@ NFRUN()
 	if [ "$use_iptables" = 1 ]; then
 		ip${TST_IPV6}tables $@
 	else
-		$(ip${TST_IPV6}tables-translate $@ | sed 's,\\,,g')
+		$(ip${TST_IPV6}tables-translate $@ | sed "s/[\']//g")
 	fi
 }
 
-- 
2.39.1




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux