0002-arptables-restore-defaults_0 793 Bytes
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
#!/bin/bash

set -e

# there is no legacy backend to test
[[ $XT_MULTI == */xtables-nft-multi ]] || { echo "skip $XT_MULTI"; exit 0; }

# arptables-restore reuses preloaded targets and matches, make sure defaults
# apply to consecutive rules using the same target/match as a previous one

DUMP='*filter
:OUTPUT ACCEPT
-A OUTPUT -j mangle --mangle-ip-s 10.0.0.1
14
-A OUTPUT --h-length 6 --h-type 1 -j mangle --mangle-ip-d 10.0.0.2
15
16
17
18
19
20
21
'

# note how mangle-ip-s is unset in second rule

EXPECT='*filter
:INPUT ACCEPT
:OUTPUT ACCEPT
22
23
-A OUTPUT --h-length 6 --h-type 1 -j mangle --mangle-ip-s 10.0.0.1
-A OUTPUT --h-length 6 --h-type 1 -j mangle --mangle-ip-d 10.0.0.2
24
25
26
27
28
'

$XT_MULTI arptables -F
$XT_MULTI arptables-restore <<<$DUMP
diff -u <(echo -e "$EXPECT") <($XT_MULTI arptables-save | grep -v '^#')