[netfilter-cvslog] r3302 - trunk/nfsim-testsuite/03NAT

rusty at netfilter.org rusty at netfilter.org
Thu Nov 25 06:26:48 CET 2004 

Author: rusty at netfilter.org
Date: 2004-11-25 06:26:47 +0100 (Thu, 25 Nov 2004)
New Revision: 3302

Modified:
   trunk/nfsim-testsuite/03NAT/13ip_nat_fill.sim
   trunk/nfsim-testsuite/03NAT/61ftpdata-epsv.sim
   trunk/nfsim-testsuite/03NAT/65-ftp-ack-adjust.sim
Log:
More NAT testsuite fixes.


Modified: trunk/nfsim-testsuite/03NAT/13ip_nat_fill.sim
===================================================================
--- trunk/nfsim-testsuite/03NAT/13ip_nat_fill.sim	2004-11-25 05:25:56 UTC (rev 3301)
+++ trunk/nfsim-testsuite/03NAT/13ip_nat_fill.sim	2004-11-25 05:26:47 UTC (rev 3302)
@@ -24,7 +24,7 @@
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 100 17 109 1
 
 # Shouldn't receive 11th packet.
-expect gen_ip *NF_DROP {IPv4 192.168.0.4 192.168.1.2 100 17 10 1}
+expect gen_ip *NF_DROP {IPv4 192.168.0.4 192.168.1.2 100 17 * 1}
 gen_ip IF=eth0 192.168.0.2 192.168.1.2 100 17 110 1
 
 iptables -t nat -D POSTROUTING -p udp -s 192.168.0.2 -d 192.168.1.2 -j SNAT --to-source 192.168.0.4:1-10

Modified: trunk/nfsim-testsuite/03NAT/61ftpdata-epsv.sim
===================================================================
--- trunk/nfsim-testsuite/03NAT/61ftpdata-epsv.sim	2004-11-25 05:25:56 UTC (rev 3301)
+++ trunk/nfsim-testsuite/03NAT/61ftpdata-epsv.sim	2004-11-25 05:26:47 UTC (rev 3302)
@@ -8,10 +8,11 @@
 # Need \n on the end of previous packet for this to work.
 gen_ip IF=eth1 192.168.1.13 192.168.0.2 10 6 21 1024 ACK SEQ=2001 ACK=1001 DATA Hi Marc!\r\n
 
-expect gen_ip send:eth0 {IPv4 192.168.1.2 192.168.0.2 100 6 31 1024 ACK SEQ=2011 ACK=1001 DATA 229 Some text here (???2028?)\r\n}
+# NAT code changes delimiters to |.
+expect gen_ip send:eth0 {IPv4 192.168.1.2 192.168.0.2 31 6 21 1024 ACK SEQ=2011 ACK=1001 DATA 229 Some text here (|||2028|)\r\n}
 gen_ip IF=eth1 192.168.1.13 192.168.0.2 31 6 21 1024 ACK SEQ=2011 ACK=1001 DATA 229 Some text here (???2028?)\r\n
 
-expect gen_ip send:eth1 {IPv4 192.168.0.2 192.168.1.13 100 6 1025 2028 SYN}
-gen_ip IF=eth0 192.168.0.2 192.168.1.2 100 6 1025 2028 SYN
+expect gen_ip send:eth1 {IPv4 192.168.0.2 192.168.1.13 0 6 1025 2028 SYN}
+gen_ip IF=eth0 192.168.0.2 192.168.1.2 0 6 1025 2028 SYN
 
 iptables -t nat -D PREROUTING -d 192.168.1.2 -p tcp --dport 21 -j DNAT --to-dest 192.168.1.13

Modified: trunk/nfsim-testsuite/03NAT/65-ftp-ack-adjust.sim
===================================================================
--- trunk/nfsim-testsuite/03NAT/65-ftp-ack-adjust.sim	2004-11-25 05:25:56 UTC (rev 3301)
+++ trunk/nfsim-testsuite/03NAT/65-ftp-ack-adjust.sim	2004-11-25 05:26:47 UTC (rev 3302)
@@ -2,8 +2,8 @@
 # (Byron Stanoszek's bug, finally resolved (I hope!)).
 
 # Make string SHORTER.
-
 iptables -t nat -A POSTROUTING -s 192.168.0.10 -p tcp --dport 21 -j SNAT --to-source 192.168.0.1
+iptables -A FORWARD -m state ! --state NEW,ESTABLISHED,RELATED -j DROP
 
 # Generate initial packets: handshake, then FTP PORT command.
 gen_ip IF=eth0 192.168.0.10 192.168.1.2 0 6 1024 21 SYN SEQ=1000 WIN=512

More information about the netfilter-cvslog mailing list