libvirt/tests/networkxml2firewalldata/route-default-linux.nftables

nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
tcp \
dport \
67 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
udp \
dport \
67 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
tcp \
dport \
68 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
udp \
dport \
68 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
tcp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
udp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
tcp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
udp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWO \
iifname \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWI \
oifname \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWX \
iifname \
virbr0 \
oifname \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWO \
ip \
saddr \
192.168.122.0/24 \
iifname \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWI \
ip \
daddr \
192.168.122.0/24 \
oifname \
virbr0 \
counter \
accept
tests: test cases for nftables backend Run all the networkxml2firewall tests twice - once with iptables backend, and once with the nftables backend. The results files for the existing iptables tests were previously named .args. That has been changed to .iptables, and the results files for the new nftables tests are named *.nftables. Signed-off-by: Laine Stump <laine@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> 2024-04-19 22:19:43 -04:00			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_INP \`
			`iifname \`
			`virbr0 \`
			`tcp \`
			`dport \`
			`67 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_INP \`
			`iifname \`
			`virbr0 \`
			`udp \`
			`dport \`
			`67 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_OUT \`
			`oifname \`
			`virbr0 \`
			`tcp \`
			`dport \`
			`68 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_OUT \`
			`oifname \`
			`virbr0 \`
			`udp \`
			`dport \`
			`68 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_INP \`
			`iifname \`
			`virbr0 \`
			`tcp \`
			`dport \`
			`53 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_INP \`
			`iifname \`
			`virbr0 \`
			`udp \`
			`dport \`
			`53 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_OUT \`
			`oifname \`
			`virbr0 \`
			`tcp \`
			`dport \`
			`53 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_OUT \`
			`oifname \`
			`virbr0 \`
			`udp \`
			`dport \`
			`53 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_FWO \`
			`iifname \`
			`virbr0 \`
			`counter \`
			`reject`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_FWI \`
			`oifname \`
			`virbr0 \`
			`counter \`
			`reject`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_FWX \`
			`iifname \`
			`virbr0 \`
			`oifname \`
			`virbr0 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_FWO \`
			`ip \`
			`saddr \`
			`192.168.122.0/24 \`
			`iifname \`
			`virbr0 \`
			`counter \`
			`accept`
			`nft \`
			`-ae insert \`
			`rule \`
			`ip \`
			`libvirt \`
			`LIBVIRT_FWI \`
			`ip \`
			`daddr \`
			`192.168.122.0/24 \`
			`oifname \`
			`virbr0 \`
			`counter \`
			`accept`