| #!/bin/bash |
| |
| # test rule replacement |
| |
| set -e |
| |
| # show rules, drop uninteresting policy settings |
| ipt_show() { |
| $XT_MULTI iptables -S | grep -v '^-P' |
| } |
| |
| $XT_MULTI iptables -A FORWARD -m comment --comment "rule 1" -j ACCEPT |
| $XT_MULTI iptables -A FORWARD -m comment --comment "rule 2" -j ACCEPT |
| $XT_MULTI iptables -A FORWARD -m comment --comment "rule 3" -j ACCEPT |
| |
| $XT_MULTI iptables -R FORWARD 2 -m comment --comment "replaced 2" -j ACCEPT |
| |
| EXPECT='-A FORWARD -m comment --comment "rule 1" -j ACCEPT |
| -A FORWARD -m comment --comment "replaced 2" -j ACCEPT |
| -A FORWARD -m comment --comment "rule 3" -j ACCEPT' |
| |
| diff -u -Z <(echo -e "$EXPECT") <(ipt_show) |
| |
| $XT_MULTI iptables -R FORWARD 1 -m comment --comment "replaced 1" -j ACCEPT |
| |
| EXPECT='-A FORWARD -m comment --comment "replaced 1" -j ACCEPT |
| -A FORWARD -m comment --comment "replaced 2" -j ACCEPT |
| -A FORWARD -m comment --comment "rule 3" -j ACCEPT' |
| |
| diff -u -Z <(echo -e "$EXPECT") <(ipt_show) |
| |
| $XT_MULTI iptables -R FORWARD 3 -m comment --comment "replaced 3" -j ACCEPT |
| |
| EXPECT='-A FORWARD -m comment --comment "replaced 1" -j ACCEPT |
| -A FORWARD -m comment --comment "replaced 2" -j ACCEPT |
| -A FORWARD -m comment --comment "replaced 3" -j ACCEPT' |
| |
| diff -u -Z <(echo -e "$EXPECT") <(ipt_show) |