nwfilter: extend schema + add testcase w/ connlimit-above

I am extending the schema with the recently added connlimit-above attribute and adding a test case for it to the test suite.
2024-12-22 05:35:25 +00:00 · 2010-04-23 11:42:39 -04:00 · 2010-04-23 11:42:39 -04:00 · 9db01465e5
commit 9db01465e5
parent 2aed290ee9
4 changed files with 31 additions and 0 deletions
--- a/docs/schemas/nwfilter.rng
+++ b/docs/schemas/nwfilter.rng
@ -387,6 +387,11 @@
          <ref name="sixbitrange"/>
        </attribute>
      </optional>
+      <optional>
+        <attribute name="connlimit-above">
+          <ref name="uint16range"/>
+        </attribute>
+      </optional>
    </interleave>
  </define>

--- a/tests/nwfilterxml2xmlin/conntrack-test.xml
+++ b/tests/nwfilterxml2xmlin/conntrack-test.xml
@ -0,0 +1,12 @@
+<filter name='testcase' chain='root'>
+  <uuid>0a5288ea-612c-834a-6bbf-82a03a1a3244</uuid>
+  <rule action='drop' direction='out' priority='500'>
+    <icmp connlimit-above='1'/>
+  </rule>
+  <rule action='drop' direction='out' priority='500'>
+    <tcp connlimit-above='2'/>
+  </rule>
+  <rule action='accept' direction='out' priority='500'>
+    <all/>
+  </rule>
+</filter>
--- a/tests/nwfilterxml2xmlout/conntrack-test.xml
+++ b/tests/nwfilterxml2xmlout/conntrack-test.xml
@ -0,0 +1,12 @@
+<filter name='testcase' chain='root'>
+  <uuid>0a5288ea-612c-834a-6bbf-82a03a1a3244</uuid>
+  <rule action='drop' direction='out' priority='500'>
+    <icmp connlimit-above='1'/>
+  </rule>
+  <rule action='drop' direction='out' priority='500'>
+    <tcp connlimit-above='2'/>
+  </rule>
+  <rule action='accept' direction='out' priority='500'>
+    <all/>
+  </rule>
+</filter>
--- a/tests/nwfilterxml2xmltest.c
+++ b/tests/nwfilterxml2xmltest.c
@ -119,6 +119,8 @@ mymain(int argc, char **argv)
    DO_TEST("icmp-direction2-test");
    DO_TEST("icmp-direction3-test");

+    DO_TEST("conntrack-test");
+
    return (ret==0 ? EXIT_SUCCESS : EXIT_FAILURE);
 }