extensions: libipt_DNAT: tests added for shifted portmap range

I added and verified these tests after applying Florian's fixed wrt.
nf_nat_range2 size for rev2.

Signed-off-by: Thierry Du Tre <thierry@dtsystems.be>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/extensions/libip6t_DNAT.t b/extensions/libip6t_DNAT.t
index 6d8f1dabf26b82a17da17004e2ef7e260ba03f37..ec7d61f418cfe74736d593b268b7de6b6c4c5e33 100644 (file)
--- a/extensions/libip6t_DNAT.t
+++ b/extensions/libip6t_DNAT.t
@@ -8,4 +8,9 @@
 -p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1025-65535;=;OK
 -p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1025-65536;;FAIL
 -p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1025-65535 --to-destination [dead::beef-dead::fee8]:1025-65535;;FAIL
+-p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1000-2000/1000;=;OK
+-p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1000-2000/3000;=;OK
+-p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1000-2000/65535;=;OK
+-p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1000-2000/0;;FAIL
+-p tcp -j DNAT --to-destination [dead::beef-dead::fee7]:1000-2000/65536;;FAIL
 -j DNAT;;FAIL

diff --git a/extensions/libipt_DNAT.t b/extensions/libipt_DNAT.t
index 1959801dd53a9c408302d90ff99a9ee3469eddb2..1c4413b9b3bb5fbbcd9a4385b8ba9d35f2901201 100644 (file)
--- a/extensions/libipt_DNAT.t
+++ b/extensions/libipt_DNAT.t
@@ -8,4 +8,9 @@
 -p tcp -j DNAT --to-destination 1.1.1.1-1.1.1.10:1025-65535;=;OK
 -p tcp -j DNAT --to-destination 1.1.1.1-1.1.1.10:1025-65536;;FAIL
 -p tcp -j DNAT --to-destination 1.1.1.1-1.1.1.10:1025-65535 --to-destination 2.2.2.2-2.2.2.20:1025-65535;;FAIL
+-p tcp -j DNAT --to-destination 1.1.1.1:1000-2000/1000;=;OK
+-p tcp -j DNAT --to-destination 1.1.1.1:1000-2000/3000;=;OK
+-p tcp -j DNAT --to-destination 1.1.1.1:1000-2000/65535;=;OK
+-p tcp -j DNAT --to-destination 1.1.1.1:1000-2000/0;;FAIL
+-p tcp -j DNAT --to-destination 1.1.1.1:1000-2000/65536;;FAIL
 -j DNAT;;FAIL