8a10f68900
Add address field for expr tproxy ( #231 )
...
* Add address field for expr tproxy
Signed-off-by: black-desk <me@black-desk.cn>
Co-authored-by: MrRedhat <Redhatminzhe@Gmail.com>
2023-07-10 08:38:01 +02:00
971247e1b2
Move setup/teardown of system NFT connection to internal package
...
As we want to reuse it also in other test packages.
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
2023-04-18 08:53:20 +02:00
9aa6fdf5a2
Masq marshal fix ( #214 )
...
Fixes https://github.com/google/nftables/issues/213
2023-01-15 21:51:35 +01:00
1aef2ba20e
Fix: add NFTA_RULE_COMPAT attribute ( #207 )
...
xt_matches or xt_targets like xt_tcpudp may have specific compat policy and
if not set flush rule will error with EINVAL
according to https://elixir.bootlin.com/linux/v3.13/source/net/netfilter/x_tables.c#L563
Signed-off-by: xiaoff <zhaofeng_0019@163.com>
2022-12-08 09:05:15 +01:00
c89a57ce19
Flowtables implementation ( #201 )
...
Added flowtables implementation | Added flow_offload expression | Added tests
2022-11-01 07:48:00 +01:00
3ad45c080c
use “test” as set name in tests
2022-10-29 08:34:19 +02:00
0929dfc8bf
Support set element counters ( #199 )
2022-10-29 08:33:22 +02:00
d007ae63f1
fix queue expression getting skipped when unmarshaling rules ( #197 )
2022-10-15 19:08:15 +02:00
535f5eb8da
Fix incorrect netlink acknowledgement handling ( #194 )
...
fixes https://github.com/google/nftables/issues/175
2022-10-02 16:01:48 +02:00
0aa65c0fdd
Fix Objref expression parsing ( #193 )
...
The Objref expression was not considered when parsing raw expressions
bytes to construct nftables expressions.
Add unit test to check that a rule with an Objref expression is
properly obtained by GetRules().
Signed-off-by: Victor Sandonis Consuegra <vsandonis@ibm.com>
2022-09-28 18:33:16 +02:00
cbeb0fb1ec
added ability to create regular chains without a hook priority ( #183 )
...
See https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains#Adding_regular_chains
for info on regular chains.
Closes #179 .
2022-09-06 17:27:20 +02:00
e4bff45b7f
IsDestRegSet unmarshaling fix ( #178 )
...
Fixes https://github.com/google/nftables/issues/176 | Added test case
2022-08-30 19:03:33 +02:00
ec1e802faf
Added dynset exprs support ( #173 )
...
fixes https://github.com/google/nftables/issues/172
- Rearranged `exprFromMsg` function
- Rearranged limit expr marshaling logic
- Added dynamic flag for sets
- Implemented connlimit
- Added missing constants
- Added tests
2022-07-29 18:32:59 +02:00
2719b9add1
refactor common test code into package nftest
...
Converting more test functions to use it (and then splitting out test
functions into their own files) is left for a follow-up commit.
2022-06-11 23:10:56 +02:00
eeaebcf552
add New constructor (with options functions, such as lasting connection)
...
* Close receiver for lasting netlink connections while defaulting to existing temporary netlink connection usage
* add unit test for New lasting connection, Close and correct default connection handling behavior
* refactor tests to use New constructor
* make Conn mutex un-exported (#159 )
fixes issue #157
2022-05-09 13:25:29 +02:00
85d0f3a0db
add GetRules and deprecate GetRule, update tests ( #160 )
2022-05-08 20:39:12 +02:00
76ed01e300
Support for concat set intervals ( #155 )
...
Fixes https://github.com/google/nftables/issues/154
Added support for intervals in concat sets
Added missing constants, Concatenation flag and KeyEnd field to Set type with marshaling support
Added ConcatSetTypeElements function to derive base types from concatenated types
Changed nftDatatypes list to map
Added tests
2022-04-22 17:12:20 +02:00
2ba518ec5c
Unmarshal Exthdr and support DestRegister/Flags for reads ( #151 ) ( #152 )
...
* Unmarshal Exthdr and support DestRegister/Flags for reads
Some fields in Exthdr are context-sensitive. Mixing unexpected fields
will result in EOPNOTSUPP.
* Fix order in which Exthdr attributes are written
2022-04-05 21:44:27 +02:00
5a9391c12f
Added support for quota expression ( #149 )
2022-03-29 18:00:11 +02:00
211824995d
Log expression refactor ( #147 )
...
Fixes https://github.com/google/nftables/issues/113
Log expression implementation changed to better support different log options
Added uint16 support to the binaryutil package
Changed old log expression tests that were failing after change
Added a new test to check the implementation for multiple log options
2022-02-21 22:42:39 +01:00
8aa05f01ea
Log prefix expression support ( #146 )
...
Fixes https://github.com/google/nftables/issues/115
Added expr.Log to EXPR_DATA switch
Added test for expr.Log parsing
2022-02-19 20:57:22 +01:00
91d3b4571d
Fix for ListChains policy bug ( #144 )
...
Fixes https://github.com/google/nftables/issues/130 | Added a test case for ListChains func
2022-02-06 18:44:06 +01:00
5573dab9cc
Add CtStateBit constants and related usage test #121 ( #122 )
...
fixes #121
2021-05-14 16:05:40 +02:00
64aca752d1
Remove Object API ( #100 )
...
Co-authored-by: Alexis PIRES <alexis.pires@atos.net>
2020-03-09 08:43:47 +01:00
1c56a1906f
Add Dynset expression and unit test ( #97 )
...
* Add dynset expression and unit test
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-02-10 11:14:20 +01:00
fdd795dea1
Add GetObject/GetObjects, ResetObject/ResetObjects ( #92 )
...
GetObj/GetObjReset accidentally returns all objects, GetObject returns only the specified one.
2020-01-21 08:36:27 +01:00
45c777dde0
added a test adding elements to a set in an IPv6 table
2020-01-14 11:07:36 +01:00
c4896ab7c6
Add insert/replace ( #86 )
2020-01-01 16:50:27 +01:00
9a6c96795b
Stateless NAT and notrack support ( #82 )
2019-12-17 21:54:26 +01:00
e2e83d0ff5
Add dup expr support ( #81 )
2019-12-13 23:35:06 +01:00
9dee196925
Add expression and tests for numgen ( #77 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-11-28 09:43:38 +01:00
9083117872
[test] Add Travis skip for succesful local/Ubuntu 14.04 VM tests that somehow fail on Travis CI.
2019-10-28 14:24:28 +01:00
4fed02b227
[test] Add FlushTable case.
2019-10-23 16:02:45 +02:00
90c5e7d6f1
[test] Add FlushChain case.
2019-10-23 15:45:01 +02:00
606a10c098
[test] Add FlushSet case.
2019-10-23 15:44:09 +02:00
35de0a609f
Hash expr implementation ( #68 )
...
* [expr] Implement Hash expr.
* [test] Add Hash test case.
2019-10-19 08:53:53 +02:00
8541ced569
Merge pull request #64 from Minaru/set_ct_values
...
Set ct values
2019-10-19 08:50:26 +02:00
e9d8d59ec2
[test] Add Ct set test.
2019-10-17 18:20:30 +02:00
65889cb04c
[test] Make changes in test file to reflect Chain Policy field changes.
2019-10-16 11:44:15 +02:00
2d823533fe
Add Vmap support ( #56 )
2019-08-28 08:51:13 +02:00
1ad7112fd7
Add support for maps ( #55 )
2019-08-27 17:52:20 +02:00
85a78b5285
Adding Fib expression and unit tests ( #54 )
2019-08-27 08:49:06 +02:00
d514535a0c
Reject expression and Unit tests ( #53 )
2019-08-26 09:57:52 +02:00
ec0390b058
Extend Masq support and add unit testing ( #52 )
2019-08-25 23:43:47 +02:00
0b3d8b56f6
Implementation of UserData struct encode/decode ( #49 )
2019-08-15 08:25:30 +02:00
9907ca3831
Add log expression and test ( #42 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-01 12:41:37 -07:00
c123f7dc7d
nftables_test: add test for issue #26
2019-07-20 18:35:32 +02:00
7895e345f5
Add Connection tracking expression and test ( #38 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-07-20 13:20:42 +02:00
635111f591
Adding DelRule and unit tests ( #36 )
...
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-07-14 14:49:03 +02:00
d6b2000800
Add func to Delete a chain ( #35 )
2019-07-11 14:30:38 +02:00
black-desk
Steffen Vogel
turekt
xiaoff
Michael Stapelberg
Joe Williams
Andrew LeFevre
vsandonis
Andrew LeFevre
TheDiveO
Ben de Graaff
Gustavo Iñiguez Goia
pengyuan.dai
Alexis PIRES
Serguei Bezverkhi
Leon Vack
Maxime Demode
Minaru
Michael Stapelberg