[netfilter-cvslog] r3457 - trunk/nfsim-testsuite/01iptables
gandalf at netfilter.org
gandalf at netfilter.org
Sun Dec 19 21:01:46 CET 2004
Author: gandalf at netfilter.org
Date: 2004-12-19 21:01:45 +0100 (Sun, 19 Dec 2004)
New Revision: 3457
Modified:
trunk/nfsim-testsuite/01iptables/25ipt_ttl.sim
Log:
expect is only valid for one command of the expected type.
Modified: trunk/nfsim-testsuite/01iptables/25ipt_ttl.sim
===================================================================
--- trunk/nfsim-testsuite/01iptables/25ipt_ttl.sim 2004-12-19 19:52:46 UTC (rev 3456)
+++ trunk/nfsim-testsuite/01iptables/25ipt_ttl.sim 2004-12-19 20:01:45 UTC (rev 3457)
@@ -1,14 +1,16 @@
# Test for match function.
# These should get NF_DROP verdict.
-expect gen_ip hook:NF_IP_PRE_ROUTING iptable_mangle NF_DROP *
iptables -t mangle -I PREROUTING -m ttl --ttl-eq 50 -j DROP
+expect gen_ip hook:NF_IP_PRE_ROUTING iptable_mangle NF_DROP *
gen_ip IF=eth0 TTL=50 192.168.0.2 192.168.0.1 0 tcp 1 2 SYN
iptables -t mangle -I PREROUTING -m ttl --ttl-gt 51 -j DROP
+expect gen_ip hook:NF_IP_PRE_ROUTING iptable_mangle NF_DROP *
gen_ip IF=eth0 TTL=55 192.168.0.2 192.168.0.1 0 tcp 1 2 SYN
iptables -t mangle -I PREROUTING -m ttl --ttl-lt 50 -j DROP
+expect gen_ip hook:NF_IP_PRE_ROUTING iptable_mangle NF_DROP *
gen_ip IF=eth0 TTL=49 192.168.0.2 192.168.0.1 0 tcp 1 2 SYN
# This packet with TTL=51 should be NF_ACCEPT'ed
@@ -20,6 +22,7 @@
# Test inverted equals, --ttl-ne doesn't exist.
# ttl 50 should be accepted
iptables -t mangle -I PREROUTING -m ttl ! --ttl-eq 50 -j DROP
+expect gen_ip hook:NF_IP_PRE_ROUTING iptable_mangle NF_ACCEPT *
gen_ip IF=eth0 TTL=50 192.168.0.2 192.168.0.1 0 tcp 1 2 SYN
# But ttl 51 should be dropped
More information about the netfilter-cvslog
mailing list