interesting
/
nftables
mirror of https://github.com/google/nftables.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
151 Commits 1 Branch 2 Tags 2.1 MiB
Commit Graph

56 Commits

Author SHA1 Message Date
TheDiveO eeaebcf552
add New constructor (with options functions, such as lasting connection) 
* Close receiver for lasting netlink connections while defaulting to existing temporary netlink connection usage
* add unit test for New lasting connection, Close and correct default connection handling behavior
* refactor tests to use New constructor
* make Conn mutex un-exported (#159)

fixes issue #157
 2022-05-09 13:25:29 +02:00
TheDiveO 85d0f3a0db
add GetRules and deprecate GetRule, update tests (#160) 2022-05-08 20:39:12 +02:00
turekt 76ed01e300
Support for concat set intervals (#155) 
Fixes https://github.com/google/nftables/issues/154

Added support for intervals in concat sets 
Added missing constants, Concatenation flag and KeyEnd field to Set type with marshaling support
Added ConcatSetTypeElements function to derive base types from concatenated types
Changed nftDatatypes list to map 
Added tests
 2022-04-22 17:12:20 +02:00
Ben de Graaff 2ba518ec5c
Unmarshal Exthdr and support DestRegister/Flags for reads (#151) (#152) 
* Unmarshal Exthdr and support DestRegister/Flags for reads

Some fields in Exthdr are context-sensitive. Mixing unexpected fields
will result in EOPNOTSUPP.

* Fix order in which Exthdr attributes are written
 2022-04-05 21:44:27 +02:00
Gustavo Iñiguez Goia 5a9391c12f
Added support for quota expression (#149) 2022-03-29 18:00:11 +02:00
turekt 211824995d
Log expression refactor (#147) 
Fixes https://github.com/google/nftables/issues/113

Log expression implementation changed to better support different log options
Added uint16 support to the binaryutil package
Changed old log expression tests that were failing after change
Added a new test to check the implementation for multiple log options
 2022-02-21 22:42:39 +01:00
turekt 8aa05f01ea
Log prefix expression support (#146) 
Fixes https://github.com/google/nftables/issues/115
Added expr.Log to EXPR_DATA switch
Added test for expr.Log parsing
 2022-02-19 20:57:22 +01:00
turekt 91d3b4571d
Fix for ListChains policy bug (#144) 
Fixes https://github.com/google/nftables/issues/130 | Added a test case for ListChains func
 2022-02-06 18:44:06 +01:00
pengyuan.dai 5573dab9cc
Add CtStateBit constants and related usage test #121 (#122) 
fixes #121
 2021-05-14 16:05:40 +02:00
Alexis PIRES 64aca752d1
Remove Object API (#100) 
Co-authored-by: Alexis PIRES <alexis.pires@atos.net>
 2020-03-09 08:43:47 +01:00
Serguei Bezverkhi 1c56a1906f Add Dynset expression and unit test (#97) 
* Add dynset expression and unit test

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2020-02-10 11:14:20 +01:00
Alexis PIRES fdd795dea1 Add GetObject/GetObjects, ResetObject/ResetObjects (#92) 
GetObj/GetObjReset accidentally returns all objects, GetObject returns only the specified one.
 2020-01-21 08:36:27 +01:00
Leon Vack 45c777dde0
added a test adding elements to a set in an IPv6 table 2020-01-14 11:07:36 +01:00
Alexis PIRES c4896ab7c6 Add insert/replace (#86) 2020-01-01 16:50:27 +01:00
Alexis PIRES 9a6c96795b Stateless NAT and notrack support (#82) 2019-12-17 21:54:26 +01:00
Alexis PIRES e2e83d0ff5 Add dup expr support (#81) 2019-12-13 23:35:06 +01:00
Serguei Bezverkhi 9dee196925 Add expression and tests for numgen (#77) 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-11-28 09:43:38 +01:00
Maxime Demode 9083117872 [test] Add Travis skip for succesful local/Ubuntu 14.04 VM tests that somehow fail on Travis CI. 2019-10-28 14:24:28 +01:00
Maxime Demode 4fed02b227 [test] Add FlushTable case. 2019-10-23 16:02:45 +02:00
Maxime Demode 90c5e7d6f1 [test] Add FlushChain case. 2019-10-23 15:45:01 +02:00
Maxime Demode 606a10c098 [test] Add FlushSet case. 2019-10-23 15:44:09 +02:00
Minaru 35de0a609f Hash expr implementation (#68) 
* [expr] Implement Hash expr.

* [test] Add Hash test case.
 2019-10-19 08:53:53 +02:00
Michael Stapelberg 8541ced569
Merge pull request #64 from Minaru/set_ct_values 
Set ct values
 2019-10-19 08:50:26 +02:00
Maxime Demode e9d8d59ec2 [test] Add Ct set test. 2019-10-17 18:20:30 +02:00
Maxime Demode 65889cb04c [test] Make changes in test file to reflect Chain Policy field changes. 2019-10-16 11:44:15 +02:00
Serguei Bezverkhi 2d823533fe Add Vmap support (#56) 2019-08-28 08:51:13 +02:00
Serguei Bezverkhi 1ad7112fd7 Add support for maps (#55) 2019-08-27 17:52:20 +02:00
Serguei Bezverkhi 85a78b5285 Adding Fib expression and unit tests (#54) 2019-08-27 08:49:06 +02:00
Serguei Bezverkhi d514535a0c Reject expression and Unit tests (#53) 2019-08-26 09:57:52 +02:00
Serguei Bezverkhi ec0390b058 Extend Masq support and add unit testing (#52) 2019-08-25 23:43:47 +02:00
Serguei Bezverkhi 0b3d8b56f6 Implementation of UserData struct encode/decode (#49) 2019-08-15 08:25:30 +02:00
Serguei Bezverkhi 9907ca3831 Add log expression and test (#42) 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-08-01 12:41:37 -07:00
Michael Stapelberg c123f7dc7d nftables_test: add test for issue #26 2019-07-20 18:35:32 +02:00
Serguei Bezverkhi 7895e345f5 Add Connection tracking expression and test (#38) 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-07-20 13:20:42 +02:00
Serguei Bezverkhi 635111f591 Adding DelRule and unit tests (#36) 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-07-14 14:49:03 +02:00
Serguei Bezverkhi d6b2000800 Add func to Delete a chain (#35) 2019-07-11 14:30:38 +02:00
Serguei Bezverkhi 7c0b8e78d4 Add support for rule's handle, position and id (#33) 2019-07-08 18:01:35 +02:00
Serguei Bezverkhi 7a68526274 tproxy expression support and test (#32) 
Add support for tproxy expression

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-06-30 01:06:32 +02:00
Serguei Bezverkhi d22d8d0641 Adding unit test for chain add (#29) 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
 2019-06-26 16:53:43 +02:00
Serguei Bezverkhi 8d26daf060 Implement range expression (#22) 
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>

fixes #19
 2019-06-05 13:15:05 +02:00
Michael Stapelberg 8cccfeed7c add return verdict test 
fixes #18
 2019-05-24 03:00:57 +02:00
Michael Stapelberg 70f367a546 verdict: add Chain (+test) 
related to #18
 2019-05-24 02:56:43 +02:00
Michael Stapelberg c5bb71b2cf implement redir expression (+test) 
fixes #17
 2019-05-17 13:57:31 +02:00
Tom D b8b6574812 Implement GetRule for Immediate, Verdict, and Lookup expressions (#11) 2019-02-18 13:01:32 +01:00
Tom 2bb2b66f95 Implement support for anonymous & named sets. 2019-02-11 16:11:27 -08:00
Tom 3a9b1b0cab Implement verdict expression. 2019-01-16 16:23:05 -08:00
Michael Stapelberg fedef31bd8 nftables_test: add ConfigureNATSourceAddress for illustration 
related to #5
 2019-01-04 08:46:40 +01:00
Michael Stapelberg 9ac63cb282 add exprs and test for TCP MSS clamping 2018-10-22 09:22:02 +02:00
Florian Lehner efc2089755 res_id is big endian (#3) 
Signed-off-by: Lehner Florian <dev@der-flo.net>
 2018-10-05 17:58:05 +02:00
Michael Stapelberg 695079ebff objFromMsg: correctly set Table.Family 
This fixes an issue in router7 where firewall rules would fail to be installed
on all but the first tries (the first try had no counter values, so the
passed-in Table would be returned as-is, with correct family).
 2018-10-03 18:23:26 +02:00