Skip to content

GitLab

You need to sign in or sign up before continuing.
Commit 290749d4 authored by Arturo Borrero Gonzalez's avatar Arturo Borrero Gonzalez
Browse files

New upstream version 1.8.4

parent 89c92f0c
Expand all Hide whitespace changes
Inline Side-by-side
iptables/tests/shell/testcases/ipt-restore/0007-flush-noflush_0 0 → 100755
View file @ 290749d4
#!/bin/bash
# Make sure iptables-restore without --noflush does not flush tables other than
# those contained in the dump it's reading from
set -e
$XT_MULTI iptables-restore <<EOF
*nat
-A POSTROUTING -j ACCEPT
COMMIT
EOF
EXPECT="*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -j ACCEPT
COMMIT"
diff -u -Z <(echo -e "$EXPECT" | sort) <($XT_MULTI iptables-save | grep -v '^#' | sort)
$XT_MULTI iptables-restore <<EOF
*filter
-A FORWARD -j ACCEPT
COMMIT
EOF
EXPECT="*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -j ACCEPT
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -j ACCEPT
COMMIT"
diff -u -Z <(echo -e "$EXPECT" | sort) <($XT_MULTI iptables-save | grep -v '^#' | sort)
iptables/tests/shell/testcases/ipt-restore/0008-restore-counters_0 0 → 100755
View file @ 290749d4
#!/bin/bash
set -e
DUMP="*filter
:foo - [23:42]
[13:37] -A foo -j ACCEPT
COMMIT
"
EXPECT=":foo - [0:0]
[0:0] -A foo -j ACCEPT"
$XT_MULTI iptables-restore <<< "$DUMP"
diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables-save --counters | grep foo)
# iptables-*-restore ignores custom chain counters :(
EXPECT=":foo - [0:0]
[13:37] -A foo -j ACCEPT"
$XT_MULTI iptables-restore --counters <<< "$DUMP"
diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables-save --counters | grep foo)
iptables/tests/shell/testcases/ipt-restore/0009-table-name-comment_0 0 → 100755
View file @ 290749d4
#!/bin/bash
# when restoring a ruleset, *tables-restore prefixes each rule with
# '-t <tablename>' so standard rule parsing routines may be used. This means
# that it has to detect and reject rules which already contain a table option.
families="ip ip6"
[[ $(basename $XT_MULTI) == xtables-nft-multi ]] && families+=" eb"
for fam in $families; do
$XT_MULTI ${fam}tables-restore <<EOF
*filter
-t nat -A FORWARD -j ACCEPT
COMMIT
EOF
[[ $? != 0 ]] || {
echo "${fam}tables-restore did not fail when it should have"
exit 1
}
$XT_MULTI ${fam}tables-restore <<EOF
*filter
-A FORWARD -j ACCEPT
COMMIT
EOF
[[ $? == 0 ]] || {
echo "${fam}tables-restore failed when it should not have"
exit 1
}
done
iptables/tests/shell/testcases/ipt-save/0006iptables-xml_0 0 → 100755
View file @ 290749d4
#!/bin/bash
case "$(basename $XT_MULTI)" in
xtables-legacy-multi)
;;
*)
echo "skip $XT_MULTI"
exit 0
;;
esac
dump=$(dirname $0)/dumps/fedora27-iptables
diff -u -Z <(cat ${dump}.xml) <($XT_MULTI iptables-xml <$dump)
iptables/xshared.c
View file @ 290749d4
This diff is collapsed.
iptables/xshared.h
View file @ 290749d4
This diff is collapsed.
iptables/xtables-arp.c
View file @ 290749d4
This diff is collapsed.
iptables/xtables-config-parser.y deleted 100644 → 0
View file @ 89c92f0c
This diff is collapsed.
iptables/xtables-config-syntax.l deleted 100644 → 0
View file @ 89c92f0c
%{
/*
* (C) 2012 by Pablo Neira Ayuso <pablo@netfilter.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software has been sponsored by Sophos Astaro <http://www.sophos.com>
*/
#include <string.h>
#include "xtables-config-parser.h"
%}
%option yylineno
%option noinput
%option nounput
ws [ \t]+
comment #.*$
nl [\n\r]
is_on [o|O][n|N]
is_off [o|O][f|F][f|F]
integer [\-\+]?[0-9]+
string [a-zA-Z][a-zA-Z0-9\.\-\_]*
%%
"family" { return T_FAMILY; }
"table" { return T_TABLE; }
"chain" { return T_CHAIN; }
"hook" { return T_HOOK; }
"prio" { return T_PRIO; }
{integer} { yylval.val = atoi(yytext); return T_INTEGER; }
{string} { yylval.string = strdup(yytext); return T_STRING; }
{comment} ;
{ws} ;
{nl} ;
<<EOF>> { yyterminate(); }
. { return yytext[0]; }
%%
int
yywrap()
{
return 1;
}
iptables/xtables-eb-standalone.c
View file @ 290749d4
This diff is collapsed.
iptables/xtables-eb.c
View file @ 290749d4
This diff is collapsed.
iptables/xtables-monitor.c
View file @ 290749d4
This diff is collapsed.
iptables/xtables-restore.c
View file @ 290749d4
This diff is collapsed.
iptables/xtables-save.c
View file @ 290749d4
This diff is collapsed.
iptables/xtables-translate.c
View file @ 290749d4
This diff is collapsed.
iptables/xtables.c
View file @ 290749d4
This diff is collapsed.
libipq/Makefile.in
View file @ 290749d4
This diff is collapsed.
libiptc/Makefile.am
View file @ 290749d4
This diff is collapsed.
libiptc/Makefile.in
View file @ 290749d4
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment