tests: add test case that checks icmp6 in-ipv4

nft does not handle this correctly.

This test fails. In:
inet input ip protocol ipv6-icmp meta l4proto ipv6-icmp icmpv6 type 1
Out:
meta l4proto 58 icmpv6 type destination-unreachable

which loses the "ipv4" dependency, i.e. listing should show the rule as-is.

Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/tests/py/inet/icmpX.t b/tests/py/inet/icmpX.t
index aebaf0991d0c111ceea1ee8d9703d311fcc4c956..43ac0909195ff112ab223dc68ec21f88bd4a6db8 100644 (file)
--- a/tests/py/inet/icmpX.t
+++ b/tests/py/inet/icmpX.t
@@ -6,3 +6,5 @@ ip protocol icmp icmp type echo-request;ok;icmp type echo-request
 icmp type echo-request;ok
 ip6 nexthdr icmpv6 icmpv6 type echo-request;ok;ip6 nexthdr 58 icmpv6 type echo-request
 icmpv6 type echo-request;ok
+# must not remove 'ip protocol' dependency, this explicitly matches icmpv6-in-ipv4.
+ip protocol ipv6-icmp meta l4proto ipv6-icmp icmpv6 type 1;ok;ip protocol 58 meta l4proto 58 icmpv6 type destination-unreachable

diff --git a/tests/py/inet/icmpX.t.payload b/tests/py/inet/icmpX.t.payload
index 7c5f6f011d11fd58a967315da271824158d09a9f..9a761eef632edf5a2546b435c014ad7c287878ad 100644 (file)
--- a/tests/py/inet/icmpX.t.payload
+++ b/tests/py/inet/icmpX.t.payload
@@ -34,3 +34,13 @@ inet test-inet input
   [ payload load 1b @ transport header + 0 => reg 1 ]
   [ cmp eq reg 1 0x00000080 ]
 
+# ip protocol ipv6-icmp meta l4proto ipv6-icmp icmpv6 type 1
+inet filter input
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x0000003a ]
+  [ meta load l4proto => reg 1 ]
+  [ cmp eq reg 1 0x0000003a ]
+  [ payload load 1b @ transport header + 0 => reg 1 ]
+  [ cmp eq reg 1 0x00000001 ]