External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-11-05 21:01:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
f341bdee8d
libvirt/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables
Laine Stump f341bdee8d tests: test cases for nftables backend 
Run all the networkxml2firewall tests twice - once with iptables
backend, and once with the nftables backend.

The results files for the existing iptables tests were previously
named *.args. That has been changed to *.iptables, and the results
files for the new nftables tests are named *.nftables.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2024-05-22 23:20:37 -04:00

457 lines
4.1 KiB
Plaintext
Raw Blame History

nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
tcp \
dport \
67 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
udp \
dport \
67 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
tcp \
dport \
68 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
udp \
dport \
68 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
tcp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
udp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
tcp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
udp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWO \
iifname \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWI \
oifname \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWX \
iifname \
virbr0 \
oifname \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_FWO \
iifname \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_FWI \
oifname \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_FWX \
iifname \
virbr0 \
oifname \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
tcp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
udp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
tcp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
udp \
dport \
53 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_INP \
iifname \
virbr0 \
udp \
dport \
547 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_OUT \
oifname \
virbr0 \
udp \
dport \
546 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWO \
ip \
saddr \
192.168.122.0/24 \
iifname \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_FWI \
oifname \
virbr0 \
ip \
daddr \
192.168.122.0/24 \
ct \
state \
related,established \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_PRT \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
'!=' \
192.168.122.0/24 \
counter \
masquerade
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_PRT \
meta \
l4proto \
udp \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
'!=' \
192.168.122.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_PRT \
meta \
l4proto \
tcp \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
'!=' \
192.168.122.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_PRT \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
255.255.255.255/32 \
counter \
return
nft \
-ae insert \
rule \
ip \
libvirt \
LIBVIRT_PRT \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
224.0.0.0/24 \
counter \
return
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_FWO \
ip6 \
saddr \
2001:db8:ca2:2::/64 \
iifname \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_FWI \
oifname \
virbr0 \
ip6 \
daddr \
2001:db8:ca2:2::/64 \
ct \
state \
related,established \
counter \
accept
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_PRT \
ip6 \
saddr \
2001:db8:ca2:2::/64 \
ip6 \
daddr \
'!=' \
2001:db8:ca2:2::/64 \
counter \
masquerade
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_PRT \
meta \
l4proto \
udp \
ip6 \
saddr \
2001:db8:ca2:2::/64 \
ip6 \
daddr \
'!=' \
2001:db8:ca2:2::/64 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_PRT \
meta \
l4proto \
tcp \
ip6 \
saddr \
2001:db8:ca2:2::/64 \
ip6 \
daddr \
'!=' \
2001:db8:ca2:2::/64 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip6 \
libvirt \
LIBVIRT_PRT \
ip6 \
saddr \
2001:db8:ca2:2::/64 \
ip6 \
daddr \
ff02::/16 \
counter \
return
Reference in New Issue View Git Blame Copy Permalink