Revert "ruleset: dispatch ct states using verdict map"

[project/firewall4.git] / tests / 03_rules / 01_direction

diff --git a/tests/03_rules/01_direction b/tests/03_rules/01_direction
index b2079c75dda1155d2bd5787c44834f2c84366144..7751a2328839073ad92245f0268e5a0950341b4e 100644 (file)
--- a/tests/03_rules/01_direction
+++ b/tests/03_rules/01_direction
@@ -50,11 +50,6 @@ table inet fw4
 flush table inet fw4
 
 table inet fw4 {
-       #
-       # Set definitions
-       #
-
-
        #
        # Defines
        #
@@ -97,6 +92,10 @@ table inet fw4 {
                counter comment "!fw4: @rule[2]"
        }
 
+       chain prerouting {
+               type filter hook prerouting priority filter; policy accept;
+       }
+
        chain handle_reject {
                meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic"
                reject with icmpx type port-unreachable comment "!fw4: Reject any other traffic"
@@ -117,7 +116,7 @@ table inet fw4 {
 
 
        #
-       # Raw rules (notrack & helper)
+       # Raw rules (notrack)
        #
 
        chain raw_prerouting {
@@ -137,8 +136,16 @@ table inet fw4 {
                type filter hook prerouting priority mangle; policy accept;
        }
 
+       chain mangle_postrouting {
+               type filter hook postrouting priority mangle; policy accept;
+       }
+
+       chain mangle_input {
+               type filter hook input priority mangle; policy accept;
+       }
+
        chain mangle_output {
-               type filter hook output priority mangle; policy accept;
+               type route hook output priority mangle; policy accept;
        }
 
        chain mangle_forward {