aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>2017-11-02 01:04:49 +0200
committerKaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>2017-11-02 01:05:28 +0200
commiteabe4a9aeaa1191a7e84265b355eb378522e0dcf (patch)
tree390287110080c4317f19186ab7328758837f12ce
parent0f8a97fde425967c58341ed0dc0cd4f63afb9e80 (diff)
downloadawall-eabe4a9aeaa1191a7e84265b355eb378522e0dcf.tar.bz2
awall-eabe4a9aeaa1191a7e84265b355eb378522e0dcf.tar.xz
test: update-limit: make conn and flow limit outputs differ
Diffstat
-rw-r--r--test/optional/filter-limit.lua7
-rw-r--r--test/output/filter-limit/dump52
-rw-r--r--test/output/filter-limit/rules-save12
-rw-r--r--test/output/filter-limit/rules6-save12
4 files changed, 43 insertions, 40 deletions
diff --git a/test/optional/filter-limit.lua b/test/optional/filter-limit.lua
index f980b78..ceb8b71 100644
--- a/test/optional/filter-limit.lua
+++ b/test/optional/filter-limit.lua
@@ -75,12 +75,15 @@ for _, name in ipairs{'A', 'B', 'C', 'D'} do
table.insert(res, {['update-limit']=name})
end
-for _, measure in ipairs{'conn', 'flow'} do
+function add_update_limit(name, measure)
for _, addr in ipairs{'src', 'dest'} do
table.insert(
- res, {['update-limit']={name='A', measure=measure, addr=addr}}
+ res, {['update-limit']={name=name, measure=measure, addr=addr}}
)
end
end
+add_update_limit('A', 'conn')
+add_update_limit('B', 'flow')
+
print(json.encode{filter=res})
diff --git a/test/output/filter-limit/dump b/test/output/filter-limit/dump
index 5806041..7679757 100644
--- a/test/output/filter-limit/dump
+++ b/test/output/filter-limit/dump
@@ -35442,23 +35442,23 @@ Filter 2522 {"update-limit":{"addr":"dest","measure":"co
inet6/filter/INPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
inet6/filter/OUTPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-Filter 2523 {"update-limit":{"addr":"src","measure":"flow","name":"A"}}
+Filter 2523 {"update-limit":{"addr":"src","measure":"flow","name":"B"}}
(filter-limit)
- inet/filter/FORWARD -m recent --name user:A --rsource --mask 255.255.255.255 --set
- inet/filter/INPUT -m recent --name user:A --rsource --mask 255.255.255.255 --set
- inet/filter/OUTPUT -m recent --name user:A --rsource --mask 255.255.255.255 --set
- inet6/filter/FORWARD -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
- inet6/filter/INPUT -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
- inet6/filter/OUTPUT -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+ inet/filter/FORWARD -m recent --name user:B --rsource --mask 255.255.255.255 --set
+ inet/filter/INPUT -m recent --name user:B --rsource --mask 255.255.255.255 --set
+ inet/filter/OUTPUT -m recent --name user:B --rsource --mask 255.255.255.255 --set
+ inet6/filter/FORWARD -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+ inet6/filter/INPUT -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+ inet6/filter/OUTPUT -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-Filter 2524 {"update-limit":{"addr":"dest","measure":"flow","name":"A"}}
+Filter 2524 {"update-limit":{"addr":"dest","measure":"flow","name":"B"}}
(filter-limit)
- inet/filter/FORWARD -m recent --name user:A --rdest --mask 255.255.255.255 --set
- inet/filter/INPUT -m recent --name user:A --rdest --mask 255.255.255.255 --set
- inet/filter/OUTPUT -m recent --name user:A --rdest --mask 255.255.255.255 --set
- inet6/filter/FORWARD -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
- inet6/filter/INPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
- inet6/filter/OUTPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+ inet/filter/FORWARD -m recent --name user:B --rdest --mask 255.255.255.255 --set
+ inet/filter/INPUT -m recent --name user:B --rdest --mask 255.255.255.255 --set
+ inet/filter/OUTPUT -m recent --name user:B --rdest --mask 255.255.255.255 --set
+ inet6/filter/FORWARD -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+ inet6/filter/INPUT -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+ inet6/filter/OUTPUT -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
Filter 2525 {}
(log)
@@ -39785,8 +39785,8 @@ hash:net family inet
:logdrop-999 - [0:0]
:logpass-0 - [0:0]
:logpass-1 - [0:0]
--A FORWARD -m recent --name user:A --rdest --mask 255.255.255.255 --set
--A FORWARD -m recent --name user:A --rsource --mask 255.255.255.255 --set
+-A FORWARD -m recent --name user:B --rdest --mask 255.255.255.255 --set
+-A FORWARD -m recent --name user:B --rsource --mask 255.255.255.255 --set
-A FORWARD -j limit-1886
-A FORWARD -j limit-1885
-A FORWARD -j limit-1884
@@ -41445,8 +41445,8 @@ hash:net family inet
-A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT
-A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT
-A FORWARD -p icmp -j icmp-routing
--A INPUT -m recent --name user:A --rdest --mask 255.255.255.255 --set
--A INPUT -m recent --name user:A --rsource --mask 255.255.255.255 --set
+-A INPUT -m recent --name user:B --rdest --mask 255.255.255.255 --set
+-A INPUT -m recent --name user:B --rsource --mask 255.255.255.255 --set
-A INPUT -j limit-1886
-A INPUT -j limit-1885
-A INPUT -j limit-1884
@@ -43059,8 +43059,8 @@ hash:net family inet
-A INPUT -i eth0 -j ACCEPT
-A INPUT -j ACCEPT
-A INPUT -p icmp -j icmp-routing
--A OUTPUT -m recent --name user:A --rdest --mask 255.255.255.255 --set
--A OUTPUT -m recent --name user:A --rsource --mask 255.255.255.255 --set
+-A OUTPUT -m recent --name user:B --rdest --mask 255.255.255.255 --set
+-A OUTPUT -m recent --name user:B --rsource --mask 255.255.255.255 --set
-A OUTPUT -j limit-1886
-A OUTPUT -j limit-1885
-A OUTPUT -j limit-1884
@@ -58304,8 +58304,8 @@ COMMIT
:logdrop-998 - [0:0]
:logdrop-999 - [0:0]
:logpass-0 - [0:0]
--A FORWARD -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
--A FORWARD -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A FORWARD -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A FORWARD -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A FORWARD -j limit-1886
-A FORWARD -j limit-1885
-A FORWARD -j limit-1884
@@ -59939,8 +59939,8 @@ COMMIT
-A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT
-A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT
-A FORWARD -p icmpv6 -j icmp-routing
--A INPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
--A INPUT -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A INPUT -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A INPUT -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A INPUT -j limit-1886
-A INPUT -j limit-1885
-A INPUT -j limit-1884
@@ -61552,8 +61552,8 @@ COMMIT
-A INPUT -i eth0 -j ACCEPT
-A INPUT -j ACCEPT
-A INPUT -p icmpv6 -j ACCEPT
--A OUTPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
--A OUTPUT -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A OUTPUT -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A OUTPUT -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A OUTPUT -j limit-1886
-A OUTPUT -j limit-1885
-A OUTPUT -j limit-1884
diff --git a/test/output/filter-limit/rules-save b/test/output/filter-limit/rules-save
index a097832..9741e92 100644
--- a/test/output/filter-limit/rules-save
+++ b/test/output/filter-limit/rules-save
@@ -3801,8 +3801,8 @@
:logdrop-999 - [0:0]
:logpass-0 - [0:0]
:logpass-1 - [0:0]
--A FORWARD -m recent --name user:A --rdest --mask 255.255.255.255 --set
--A FORWARD -m recent --name user:A --rsource --mask 255.255.255.255 --set
+-A FORWARD -m recent --name user:B --rdest --mask 255.255.255.255 --set
+-A FORWARD -m recent --name user:B --rsource --mask 255.255.255.255 --set
-A FORWARD -j limit-1886
-A FORWARD -j limit-1885
-A FORWARD -j limit-1884
@@ -5461,8 +5461,8 @@
-A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT
-A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT
-A FORWARD -p icmp -j icmp-routing
--A INPUT -m recent --name user:A --rdest --mask 255.255.255.255 --set
--A INPUT -m recent --name user:A --rsource --mask 255.255.255.255 --set
+-A INPUT -m recent --name user:B --rdest --mask 255.255.255.255 --set
+-A INPUT -m recent --name user:B --rsource --mask 255.255.255.255 --set
-A INPUT -j limit-1886
-A INPUT -j limit-1885
-A INPUT -j limit-1884
@@ -7075,8 +7075,8 @@
-A INPUT -i eth0 -j ACCEPT
-A INPUT -j ACCEPT
-A INPUT -p icmp -j icmp-routing
--A OUTPUT -m recent --name user:A --rdest --mask 255.255.255.255 --set
--A OUTPUT -m recent --name user:A --rsource --mask 255.255.255.255 --set
+-A OUTPUT -m recent --name user:B --rdest --mask 255.255.255.255 --set
+-A OUTPUT -m recent --name user:B --rsource --mask 255.255.255.255 --set
-A OUTPUT -j limit-1886
-A OUTPUT -j limit-1885
-A OUTPUT -j limit-1884
diff --git a/test/output/filter-limit/rules6-save b/test/output/filter-limit/rules6-save
index b537c47..83fc1ab 100644
--- a/test/output/filter-limit/rules6-save
+++ b/test/output/filter-limit/rules6-save
@@ -3800,8 +3800,8 @@
:logdrop-998 - [0:0]
:logdrop-999 - [0:0]
:logpass-0 - [0:0]
--A FORWARD -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
--A FORWARD -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A FORWARD -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A FORWARD -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A FORWARD -j limit-1886
-A FORWARD -j limit-1885
-A FORWARD -j limit-1884
@@ -5435,8 +5435,8 @@
-A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT
-A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT
-A FORWARD -p icmpv6 -j icmp-routing
--A INPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
--A INPUT -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A INPUT -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A INPUT -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A INPUT -j limit-1886
-A INPUT -j limit-1885
-A INPUT -j limit-1884
@@ -7048,8 +7048,8 @@
-A INPUT -i eth0 -j ACCEPT
-A INPUT -j ACCEPT
-A INPUT -p icmpv6 -j ACCEPT
--A OUTPUT -m recent --name user:A --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
--A OUTPUT -m recent --name user:A --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A OUTPUT -m recent --name user:B --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
+-A OUTPUT -m recent --name user:B --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A OUTPUT -j limit-1886
-A OUTPUT -j limit-1885
-A OUTPUT -j limit-1884
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-12 21:47:13 +0000