ruleset: reorder declarations & output tweaks

[project/firewall4.git] / tests / 02_zones / 03_masq_src_dest_restrictions

diff --git a/tests/02_zones/03_masq_src_dest_restrictions b/tests/02_zones/03_masq_src_dest_restrictions
index 8e2fcce3cefc39d33e7f502e571fa1da489dc13c..2cb0ce459f6365c949c6a58947d75ad4f5772832 100644 (file)
--- a/tests/02_zones/03_masq_src_dest_restrictions
+++ b/tests/02_zones/03_masq_src_dest_restrictions
@@ -95,17 +95,16 @@ table inet fw4
 flush table inet fw4
 
 table inet fw4 {
-       #
-       # Set definitions
-       #
-
-
        #
        # Defines
        #
 
        define test1_devices = { "zone1" }
+       define test1_subnets = {  }
+
        define test2_devices = { "zone2" }
+       define test2_subnets = {  }
+
 
        #
        # User includes
@@ -146,6 +145,10 @@ table inet fw4 {
                oifname "zone2" jump output_test2 comment "!fw4: Handle test2 IPv4/IPv6 output traffic"
        }
 
+       chain prerouting {
+               type filter hook prerouting priority filter; policy accept;
+       }
+
        chain handle_reject {
                meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic"
                reject with icmpx type port-unreachable comment "!fw4: Reject any other traffic"
@@ -216,7 +219,7 @@ table inet fw4 {
 
 
        #
-       # Raw rules (notrack & helper)
+       # Raw rules (notrack)
        #
 
        chain raw_prerouting {