tests: enable flow offloading in tests

As flow offloading is a popular feature, it makes sense to cover it in
the tests. This would have caught the issue fixed in b68cf6701945
("main.uc: fix device gathering").

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Reviewed-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/tests/01_configuration/01_ruleset b/tests/01_configuration/01_ruleset
index 313b46a782c060c48ab8c7f8ba6314528295b976..b3e41fa32544ea2090f408140a719417402590ee 100644 (file)
--- a/tests/01_configuration/01_ruleset
+++ b/tests/01_configuration/01_ruleset
@@ -20,6 +20,16 @@ table inet fw4
 flush table inet fw4
 
 table inet fw4 {
+       #
+       # Flowtable
+       #
+
+       flowtable ft {
+               hook ingress priority 0;
+               devices = { "br-lan", "wan" };
+               flags offload;
+       }
+
        #
        # Set definitions
        #
@@ -59,6 +69,7 @@ table inet fw4 {
        chain forward {
                type filter hook forward priority filter; policy drop;
 
+               meta l4proto { tcp, udp } flow offload @ft;
                ct state established,related accept comment "!fw4: Allow forwarded established and related flows"
                iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
                iifname "wan" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"

diff --git a/tests/mocks/uci/firewall.json b/tests/mocks/uci/firewall.json
index 3a203b604356b9f2744a2a6e8dbf459bec8c79a8..93afb699489cf02b0917631e4fa3d659b830f76e 100644 (file)
--- a/tests/mocks/uci/firewall.json
+++ b/tests/mocks/uci/firewall.json
@@ -1,5 +1,7 @@
 {
        "defaults": {
+               "flow_offloading": "1",
+               "flow_offloading_hw": "1",
                "forward": "REJECT",
                "input": "ACCEPT",
                "output": "ACCEPT",