| #!/bin/bash |
| |
| set -e |
| |
| # there is no legacy backend to test |
| [[ $XT_MULTI == *xtables-nft-multi ]] || { echo "skip $XT_MULTI"; exit 0; } |
| |
| # ebtables-restore reuses preloaded targets and matches, make sure defaults |
| # apply to consecutive rules using the same target/match as a previous one |
| |
| DUMP='*filter |
| :FORWARD ACCEPT |
| -A FORWARD --limit 100 --limit-burst 42 -j ACCEPT |
| -A FORWARD --limit 1000 -j ACCEPT |
| -A FORWARD --log --log-prefix "foobar" |
| -A FORWARD --log' |
| |
| # note how limit-burst is 5 in second rule and log-prefix empty in fourth one |
| |
| EXPECT='*filter |
| :INPUT ACCEPT |
| :FORWARD ACCEPT |
| :OUTPUT ACCEPT |
| -A FORWARD --limit 100/sec --limit-burst 42 -j ACCEPT |
| -A FORWARD --limit 1000/sec --limit-burst 5 -j ACCEPT |
| -A FORWARD --log-level notice --log-prefix "foobar" -j CONTINUE |
| -A FORWARD --log-level notice --log-prefix "" -j CONTINUE' |
| |
| $XT_MULTI ebtables --init-table |
| $XT_MULTI ebtables-restore <<<$DUMP |
| diff -u <(echo -e "$EXPECT") <($XT_MULTI ebtables-save | grep -v '^#') |