]> git.itanic.dy.fi Git - linux-stable/commit
projects / linux-stable / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 90ab512) | patch
selftests: nft_flowtable.sh: check ingress/egress chain too
authorFlorian Westphal <fw@strlen.de>
Tue, 9 May 2023 14:47:24 +0000 (16:47 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 10 May 2023 07:31:07 +0000 (09:31 +0200)
commit3acf8f6c14d0e42b889738d63b6d9cb63348fc94
tree96a9d371b24f32348eeea25d192fd12ac81edbe9tree | snapshot
parent90ab51226d52ad61e5ff175b572e08046b1b0a99commit | diff
selftests: nft_flowtable.sh: check ingress/egress chain too

Make sure flowtable interacts correctly with ingress and egress
chains, i.e. those get handled before and after flow table respectively.

Adds three more tests:
1. repeat flowtable test, but with 'ip dscp set cs3' done in
   inet forward chain.

Expect that some packets have been mangled (before flowtable offload
became effective) while some pass without mangling (after offload
succeeds).

2. repeat flowtable test, but with 'ip dscp set cs3' done in
   veth0:ingress.

Expect that all packets pass with cs3 dscp field.

3. same as 2, but use veth1:egress.  Expect the same outcome.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
tools/testing/selftests/netfilter/nft_flowtable.sh diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.