On Tue, May 26, 2020 at 3:30 PM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > On Thu, May 21, 2020 at 1:48 PM Richard Haines > <richard_c_haines@xxxxxxxxxxxxxx> wrote: > > Support secmark tests that require nftables version 9.3 or greater and > > kernel 4.20 or greater. > > > > Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx> > > --- > > V2 Change: > > Use common tests for iptables/nftables > > V3 Change: > > Use function > > V4 Changes: > > Add nftables to README for Debian > > Use nft -c to determine if SECMARK supported > > V5 Change: > > Remove kernel check > > > > README.md | 7 ++- > > tests/inet_socket/nftables-flush | 2 + > > tests/inet_socket/nftables-load | 74 +++++++++++++++++++++++++ > > tests/inet_socket/test | 95 +++++++++++++++++++------------- > > tests/sctp/nftables-flush | 2 + > > tests/sctp/nftables-load | 68 +++++++++++++++++++++++ > > tests/sctp/test | 88 +++++++++++++++++------------ > > 7 files changed, 263 insertions(+), 73 deletions(-) > > create mode 100644 tests/inet_socket/nftables-flush > > create mode 100644 tests/inet_socket/nftables-load > > create mode 100644 tests/sctp/nftables-flush > > create mode 100644 tests/sctp/nftables-load > > Acked-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> Now applied, thanks! -- Ondrej Mosnacek Software Engineer, Platform Security - SELinux kernel, Red Hat, Inc.
