diff options
| author | Jo-Philipp Wich | 2022-10-03 12:26:02 +0000 |
|---|---|---|
| committer | Jo-Philipp Wich | 2022-10-03 12:29:41 +0000 |
| commit | b0a6bff4ee4410cd554811fa0ca3b28fce908473 (patch) | |
| tree | 6afc1e83f1fa5f74aff07b1d9f6de31a6f87f02c | |
| parent | 145e1591a3ca7cc4f92f9f80ef7bdfe393ac0229 (diff) | |
| download | firewall4-b0a6bff4ee4410cd554811fa0ca3b28fce908473.tar.gz | |
tests: fix testcases
Align expected output with the current implementation.
Fixes: a540f6d ("fw4: fix cosmetic issue with per-ruleset and per-table include paths")
Fixes: 145e159 ("fw4: recognize `option log` and `option counter` in `config nat` sections")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
| -rw-r--r-- | tests/01_configuration/01_ruleset | 8 | ||||
| -rw-r--r-- | tests/01_configuration/02_rule_order | 8 | ||||
| -rw-r--r-- | tests/03_rules/08_family_inheritance | 8 |
3 files changed, 12 insertions, 12 deletions
diff --git a/tests/01_configuration/01_ruleset b/tests/01_configuration/01_ruleset index 06249f2..e30ca76 100644 --- a/tests/01_configuration/01_ruleset +++ b/tests/01_configuration/01_ruleset @@ -303,10 +303,10 @@ table inet fw4 { [!] Section @defaults[0] specifies unknown option 'unknown_defaults_option' [!] Section @rule[9] (Test-Deprecated-Rule-Option) option '_name' is deprecated by fw4 [!] Section @rule[9] (Test-Deprecated-Rule-Option) specifies unknown option 'unknown_rule_option' -[call] fs.glob pattern </usr/share/nftables.d/ruleset-pre//*.nft> -[call] fs.glob pattern </usr/share/nftables.d/ruleset-post//*.nft> -[call] fs.glob pattern </usr/share/nftables.d/table-pre//*.nft> -[call] fs.glob pattern </usr/share/nftables.d/table-post//*.nft> +[call] fs.glob pattern </usr/share/nftables.d/ruleset-pre/*.nft> +[call] fs.glob pattern </usr/share/nftables.d/ruleset-post/*.nft> +[call] fs.glob pattern </usr/share/nftables.d/table-pre/*.nft> +[call] fs.glob pattern </usr/share/nftables.d/table-post/*.nft> [call] fs.lsdir path </usr/share/nftables.d/chain-pre> [call] fs.lsdir path </usr/share/nftables.d/chain-post> [call] ctx.call object <network.device> method <status> args <null> diff --git a/tests/01_configuration/02_rule_order b/tests/01_configuration/02_rule_order index 245bb74..93a0f08 100644 --- a/tests/01_configuration/02_rule_order +++ b/tests/01_configuration/02_rule_order @@ -229,10 +229,10 @@ table inet fw4 { [call] ctx.call object <network.interface> method <dump> args <null> [call] ctx.call object <service> method <get_data> args <{ "type": "firewall" }> [call] fs.open path </proc/version> mode <r> -[call] fs.glob pattern </usr/share/nftables.d/ruleset-pre//*.nft> -[call] fs.glob pattern </usr/share/nftables.d/ruleset-post//*.nft> -[call] fs.glob pattern </usr/share/nftables.d/table-pre//*.nft> -[call] fs.glob pattern </usr/share/nftables.d/table-post//*.nft> +[call] fs.glob pattern </usr/share/nftables.d/ruleset-pre/*.nft> +[call] fs.glob pattern </usr/share/nftables.d/ruleset-post/*.nft> +[call] fs.glob pattern </usr/share/nftables.d/table-pre/*.nft> +[call] fs.glob pattern </usr/share/nftables.d/table-post/*.nft> [call] fs.lsdir path </usr/share/nftables.d/chain-pre> [call] fs.lsdir path </usr/share/nftables.d/chain-post> [call] fs.popen cmdline </usr/sbin/nft --terse --json list flowtables inet> mode <r> diff --git a/tests/03_rules/08_family_inheritance b/tests/03_rules/08_family_inheritance index fc489b5..fa02ead 100644 --- a/tests/03_rules/08_family_inheritance +++ b/tests/03_rules/08_family_inheritance @@ -266,9 +266,9 @@ table inet fw4 { chain srcnat { type nat hook postrouting priority srcnat; policy accept; - meta nfproto ipv4 masquerade comment "!fw4: NAT #3" - ip6 saddr fc00::/7 masquerade comment "!fw4: NAT #4" - masquerade comment "!fw4: NAT #6" + meta nfproto ipv4 counter masquerade comment "!fw4: NAT #3" + ip6 saddr fc00::/7 counter masquerade comment "!fw4: NAT #4" + counter masquerade comment "!fw4: NAT #6" meta nfproto ipv4 ip daddr 192.168.1.0/24 jump srcnat_ipv4only comment "!fw4: Handle ipv4only IPv4 srcnat traffic" } @@ -276,7 +276,7 @@ table inet fw4 { } chain srcnat_ipv4only { - meta nfproto ipv4 masquerade comment "!fw4: NAT #5" + meta nfproto ipv4 counter masquerade comment "!fw4: NAT #5" } |