]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d8f2124)
tests: shell: Pretty-print all *.json-nft dumps
authorPhil Sutter <phil@nwl.cc>
Thu, 8 Feb 2024 13:30:17 +0000 (14:30 +0100)
committerPhil Sutter <phil@nwl.cc>
Thu, 8 Feb 2024 17:28:01 +0000 (18:28 +0100)
The problem with single line output as produced by 'nft -j list ruleset'
is its incompatibility to unified diff format as any change in this
single line will produce a diff which contains the old and new lines in
total. This is not just unreadable but will blow up patches which may
exceed mailinglists' mail size limits.

Convert them all at once by feeding their contents to
tests/shell/helpers/json-pretty.sh.

Signed-off-by: Phil Sutter <phil@nwl.cc>
340 files changed:
tests/shell/testcases/bitwise/dumps/0040mark_binop_0.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_1.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_2.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_3.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_4.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_5.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_6.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_7.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_8.json-nft patch | blob | blame | history
tests/shell/testcases/bitwise/dumps/0040mark_binop_9.json-nft patch | blob | blame | history
tests/shell/testcases/bogons/dumps/assert_failures.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0001_cache_handling_0.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0002_interval_0.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0003_cache_update_0.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0004_cache_update_0.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0005_cache_chain_flush.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0006_cache_table_flush.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0007_echo_cache_init_0.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0008_delete_by_handle_0.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0009_delete_by_handle_incorrect_0.json-nft patch | blob | blame | history
tests/shell/testcases/cache/dumps/0011_index_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0001jumps_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0002jumps_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0003jump_loop_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0004busy_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0005busy_map_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0006masquerade_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0007masquerade_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0008masquerade_jump_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0009masquerade_jump_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0013rename_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0014rename_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0015check_jump_loop_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0016delete_handle_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0017masquerade_jump_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0018check_jump_loop_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0019masquerade_jump_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0020depth_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0021prio_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0022prio_dummy_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0025prio_arp_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0026prio_netdev_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0030create_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0031priority_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0032priority_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0033priority_variable_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0034priority_variable_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0035policy_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0036policy_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0037policy_variable_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0038policy_variable_1.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0039negative_priority_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0042chain_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0043chain_ingress_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/0044chain_destroy_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/netdev_chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/chains/dumps/netdev_chain_autoremove.json-nft patch | blob | blame | history
tests/shell/testcases/comments/dumps/comments_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft patch | blob | blame | history
tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0001absolute_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0002relative_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0003includepath_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0004endlessloop_1.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0005glob_empty_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0006glob_single_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0007glob_double_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0008glob_nofile_wildcard_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0009glob_nofile_1.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0010glob_broken_file_1.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0011glob_dependency_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0012glob_dependency_1.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0013glob_dotfile_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0013input_descriptors_included_files_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0014glob_directory_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0015doubleincludepath_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0016maxdepth_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0017glob_more_than_maxdepth_1.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0018include_error_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0019include_error_0.json-nft patch | blob | blame | history
tests/shell/testcases/include/dumps/0020include_chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/json/dumps/0001set_statements_0.json-nft patch | blob | blame | history
tests/shell/testcases/json/dumps/0002table_map_0.json-nft patch | blob | blame | history
tests/shell/testcases/json/dumps/0003json_schema_version_0.json-nft patch | blob | blame | history
tests/shell/testcases/json/dumps/0004json_schema_version_1.json-nft patch | blob | blame | history
tests/shell/testcases/json/dumps/0005secmark_objref_0.json-nft patch | blob | blame | history
tests/shell/testcases/json/dumps/0006obj_comment_0.json-nft patch | blob | blame | history
tests/shell/testcases/json/dumps/netdev.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0001ruleset_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0002ruleset_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0003table_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0004table_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0005ruleset_ip_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0006ruleset_ip6_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0007ruleset_inet_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0008ruleset_arp_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0009ruleset_bridge_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0010sets_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0011sets_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0012sets_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0014objects_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0015dynamic_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0016anonymous_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0017objects_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0018data_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0019set_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0020flowtable_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0021ruleset_json_terse_0.json-nft patch | blob | blame | history
tests/shell/testcases/listing/dumps/0022terse_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0003map_add_many_elements_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0005interval_map_add_many_elements_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0006interval_map_overlap_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0007named_ifname_dtype_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0008interval_map_delete_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0009vmap_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0012map_concat_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0013map_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0014destroy_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0016map_leak_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0017_map_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/0018map_leak_timeout_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/anon_objmap_concat.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/anonymous_snat_map_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/different_map_types_1.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/map_catchall_double_deactivate.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/map_with_flags_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/named_snat_map_0.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/typeof_maps_add_delete.json-nft patch | blob | blame | history
tests/shell/testcases/maps/dumps/typeof_maps_update_0.json-nft patch | blob | blame | history
tests/shell/testcases/netns/dumps/0001nft-f_0.json-nft patch | blob | blame | history
tests/shell/testcases/netns/dumps/0002loosecommands_0.json-nft patch | blob | blame | history
tests/shell/testcases/netns/dumps/0003many_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0001define_slash_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0002rollback_rule_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0003rollback_jump_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0004rollback_set_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0005rollback_map_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0006action_object_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0007action_object_set_segfault_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0008split_tables_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0009variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0010variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0013defines_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0014defines_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0015defines_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0016redefines_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0018ct_expectation_obj_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0018jump_variable_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0019jump_variable_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0020jump_variable_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0021list_ruleset_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0022variables_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0023check_1.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0025empty_dynset_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0026listing_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0027split_chains_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0029split_file_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0030variable_reuse_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0031vmap_string_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft patch | blob | blame | history
tests/shell/testcases/nft-i/dumps/0001define_0.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/dependency_kill.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_nat.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_nat_concat.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_reject.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_stmts.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_stmts_concat.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_stmts_concat_vmap.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_stmts_vmap.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_vmap_raw.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/merge_vmaps.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/not_mergeable.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/ruleset.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/single_anon_set_expr.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/skip_merge.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/skip_non_eq.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/skip_unsupported.json-nft patch | blob | blame | history
tests/shell/testcases/optimizations/dumps/variables.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/comments_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/comments_chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/comments_handles_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/comments_objects_dup_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/comments_table_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/delete_object_handles_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/handles_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/handles_1.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/log_prefix_0.json-nft patch | blob | blame | history
tests/shell/testcases/optionals/dumps/update_object_handles_0.json-nft patch | blob | blame | history
tests/shell/testcases/owner/dumps/0001-flowtable-uaf.json-nft patch | blob | blame | history
tests/shell/testcases/parsing/dumps/describe.json-nft patch | blob | blame | history
tests/shell/testcases/parsing/dumps/large_rule_pipe.json-nft patch | blob | blame | history
tests/shell/testcases/parsing/dumps/log.json-nft patch | blob | blame | history
tests/shell/testcases/parsing/dumps/octal.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0001addinsertposition_0.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0002addinsertlocation_1.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0003insert_0.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0004replace_0.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0005replace_1.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0006replace_1.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0007delete_0.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0008delete_1.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0009delete_1.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0010replace_0.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0011reset_0.json-nft patch | blob | blame | history
tests/shell/testcases/rule_management/dumps/0012destroy_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0001named_interval_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0002named_interval_automerging_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0003named_interval_missing_flag_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0004named_interval_shadow_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0005named_interval_shadow_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0006create_set_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0007create_element_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0008comments_interval_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0009comments_timeout_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0010comments_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0012add_delete_many_elements_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0013add_delete_many_elements_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0014malformed_set_is_not_defined_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0015rulesetflush_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0016element_leak_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0017add_after_flush_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0018set_check_size_1.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0019set_check_size_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0020comments_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0021nesting_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0022type_selective_flush_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0023incomplete_add_set_command_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0025anonymous_set_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0026named_limit_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0027ipv6_maps_ipv4_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0028autoselect_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0028delete_handle_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0032restore_set_simple_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0033add_set_simple_flat_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0034get_element_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0035add_set_elements_flat_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0037_set_with_inet_service_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0038meter_list_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0039delete_interval_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0040get_host_endian_elements_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0041interval_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0042update_set_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0043concatenated_ranges_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0043concatenated_ranges_1.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0044interval_overlap_1.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0045concat_ipv4_service.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0046netmap_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0048set_counters_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0049set_define_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0050set_define_1.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0051set_interval_counter_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0052overlap_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0053echo_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0054comments_set_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0055tcpflags_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0056dynamic_limit_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0057set_create_fails_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0058_setupdate_timeout_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0059set_update_multistmt_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0060set_multistmt_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0060set_multistmt_1.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0061anonymous_automerge_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0062set_connlimit_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0063set_catchall_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0064map_catchall_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0065_icmp_postprocessing.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0069interval_merge_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0071unclosed_prefix_interval_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0072destroy_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0073flat_interval_set.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/0074nested_interval_set.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/collapse_elem_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/concat_interval_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/dynset_missing.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/errors_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/exact_overlap_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/inner_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/set_eval_0.json-nft patch | blob | blame | history
tests/shell/testcases/sets/dumps/type_set_symbol.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0001table_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0002table_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0003table_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0010chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0011chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0012chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0013chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0014chain_1.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0015chain_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0020rule_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0021rule_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0022rule_1.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0023rule_1.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0024rule_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0025rule_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0030set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0031set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0032set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0033set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0034set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0035set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0036set_1.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0037set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0038set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0039set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0040set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0041nat_restore_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0042_stateful_expr_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0043set_1.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0044rule_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0045anon-unbind_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0046set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0047set_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0048helpers_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0049huge_0.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/0050rule_1.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/30s-stress.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/anon_chain_loop.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/bad_expression.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/doubled-set.json-nft patch | blob | blame | history
tests/shell/testcases/transactions/dumps/table_onoff.json-nft patch | blob | blame | history

diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_0.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_0.json-nft
index 2111fe13ab115ac9332338e095520e4a9d37b8e2..8973de85801f2df3da2076074dd7004178e313c3 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_0.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_0.json-nft
@@ -1 +1,75 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oif"}}, "right": "lo"}}, {"mangle": {"key": {"ct": {"key": "mark"}}, "value": {"<<": [{"|": [{"meta": {"key": "mark"}}, 16]}, 8]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oif"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "ct": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "<<": [
+                  {
+                    "|": [
+                      {
+                        "meta": {
+                          "key": "mark"
+                        }
+                      },
+                      16
+                    ]
+                  },
+                  8
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_1.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_1.json-nft
index 538a02b7888ab5f2c41225f8b67a8dbd6dcbbfd6..ed8e1a0d660b20b857bc0af586765e603f5900a0 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_1.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_1.json-nft
@@ -1 +1,86 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iif"}}, "right": "lo"}}, {"match": {"op": "==", "left": {"&": [{"ct": {"key": "mark"}}, 255]}, "right": 16}}, {"mangle": {"key": {"meta": {"key": "mark"}}, "value": {">>": [{"ct": {"key": "mark"}}, 8]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iif"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "&": [
+                  {
+                    "ct": {
+                      "key": "mark"
+                    }
+                  },
+                  255
+                ]
+              },
+              "right": 16
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                ">>": [
+                  {
+                    "ct": {
+                      "key": "mark"
+                    }
+                  },
+                  8
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_2.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_2.json-nft
index 2dfe2beee439e0e96b79c20ed62a3de01df96e81..3cd9a8310405be6887394896cff28cd873622d9d 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_2.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_2.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"ct": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip", "field": "dscp"}}, 2]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "ct": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "dscp"
+                        }
+                      },
+                      2
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_3.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_3.json-nft
index 6666017576055cd401cfe4ba4105dd7dafdfca5b..00c5b78ac46b3b9e472279bed3019f71cccec72d 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_3.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_3.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip", "field": "dscp"}}, 2]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "dscp"
+                        }
+                      },
+                      2
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_4.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_4.json-nft
index 32dad902eccdcabd7cafd748aac00f196be257ec..3aa816059712f1ec9b764c4c2a52299c72b1e3ba 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_4.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_4.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"ct": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip", "field": "dscp"}}, 26]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "ct": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "dscp"
+                        }
+                      },
+                      26
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_5.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_5.json-nft
index 587a71c04ad03ca2c90e27aafd3c4db93a179f10..a32149739bc03f099c5ab3fe8adbcff18a9a5c85 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_5.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_5.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip", "field": "dscp"}}, 26]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "dscp"
+                        }
+                      },
+                      26
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_6.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_6.json-nft
index b42e62199299b1d36a288556bc5858d4a2cc8754..2de0323ddd288b664e95152a3ee1f3f3bbe01f34 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_6.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_6.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip6", "name": "t", "handle": 0}}, {"chain": {"family": "ip6", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip6", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"ct": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip6", "field": "dscp"}}, 2]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "ct": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip6",
+                          "field": "dscp"
+                        }
+                      },
+                      2
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_7.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_7.json-nft
index 9186f47b81df1016eefaffdcb24dca29ed3ad814..72aee701d58c6d17114f4e0abd22ac9df747fd6e 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_7.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_7.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip6", "name": "t", "handle": 0}}, {"chain": {"family": "ip6", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip6", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip6", "field": "dscp"}}, 2]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip6",
+                          "field": "dscp"
+                        }
+                      },
+                      2
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_8.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_8.json-nft
index 50c40ddac80324266fd63e835af819b3d462e9b3..1cf84be574ea271b9449ff89fee35e9211a1f370 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_8.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_8.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip6", "name": "t", "handle": 0}}, {"chain": {"family": "ip6", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip6", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"ct": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip6", "field": "dscp"}}, 26]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "ct": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip6",
+                          "field": "dscp"
+                        }
+                      },
+                      26
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bitwise/dumps/0040mark_binop_9.json-nft b/tests/shell/testcases/bitwise/dumps/0040mark_binop_9.json-nft
index da7025051accd4fc723c593f70a54a263977c66e..6f4494b1ad38bd11f6130e2467f78cfbdf72751f 100644 (file)
--- a/tests/shell/testcases/bitwise/dumps/0040mark_binop_9.json-nft
+++ b/tests/shell/testcases/bitwise/dumps/0040mark_binop_9.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip6", "name": "t", "handle": 0}}, {"chain": {"family": "ip6", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip6", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": {"|": [{"<<": [{"payload": {"protocol": "ip6", "field": "dscp"}}, 26]}, 16]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "|": [
+                  {
+                    "<<": [
+                      {
+                        "payload": {
+                          "protocol": "ip6",
+                          "field": "dscp"
+                        }
+                      },
+                      26
+                    ]
+                  },
+                  16
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/bogons/dumps/assert_failures.json-nft b/tests/shell/testcases/bogons/dumps/assert_failures.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/bogons/dumps/assert_failures.json-nft
+++ b/tests/shell/testcases/bogons/dumps/assert_failures.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0001_cache_handling_0.json-nft b/tests/shell/testcases/cache/dumps/0001_cache_handling_0.json-nft
index 22d7466a485c3f791622c7b454ac0a4b652bf12e..752196624c33f0b2f5b75bfa32795f2e26388803 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0001_cache_handling_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0001_cache_handling_0.json-nft
@@ -1 +1,142 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "test", "handle": 0}}, {"set": {"family": "inet", "name": "test", "table": "test", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1", "3.3.3.3"]}}, {"chain": {"family": "inet", "table": "test", "name": "test", "handle": 0}}, {"rule": {"family": "inet", "table": "test", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": {"set": ["2.2.2.2", "4.4.4.4"]}}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "test", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@test"}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "test", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": {"set": ["2.2.2.2", "4.4.4.4"]}}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "test",
+        "table": "test",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1",
+          "3.3.3.3"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "test",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "2.2.2.2",
+                  "4.4.4.4"
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@test"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "2.2.2.2",
+                  "4.4.4.4"
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0002_interval_0.json-nft b/tests/shell/testcases/cache/dumps/0002_interval_0.json-nft
index 028cf9b54548aded065cd4d20009f0ff5ef3a343..fa15d658dcd5c5a91e3ccc6b759662d39c08b190 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0002_interval_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0002_interval_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "192.168.0.0", "len": 24}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "192.168.0.0",
+              "len": 24
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0003_cache_update_0.json-nft b/tests/shell/testcases/cache/dumps/0003_cache_update_0.json-nft
index 198262b376730f08f7add31fd0036b39d1333a4c..e09a694c2df7bd94613e56fe1c7217f26d91fb5a 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0003_cache_update_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0003_cache_update_0.json-nft
@@ -1 +1,137 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"table": {"family": "ip", "name": "t2", "handle": 0}}, {"chain": {"family": "ip", "table": "t2", "name": "c", "handle": 0}}, {"table": {"family": "ip", "name": "t3", "handle": 0}}, {"table": {"family": "ip", "name": "t4", "handle": 0}}, {"chain": {"family": "ip", "table": "t4", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t4", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "icmp"}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "t4", "chain": "c", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "ip", "table": "t4", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "igmp"}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "t4", "chain": "c", "handle": 0, "expr": [{"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t2",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t3",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t4",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t4",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t4",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "icmp"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t4",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t4",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "igmp"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t4",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0004_cache_update_0.json-nft b/tests/shell/testcases/cache/dumps/0004_cache_update_0.json-nft
index 737906739af523a97bfac4259b204c38d1281125..d1864f007d9898b529b4ec0c8236666c58b5a5b8 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0004_cache_update_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0004_cache_update_0.json-nft
@@ -1 +1,42 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "testfilter", "handle": 0}}, {"chain": {"family": "inet", "table": "testfilter", "name": "test", "handle": 0}}, {"rule": {"family": "inet", "table": "testfilter", "chain": "test", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "testfilter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "testfilter",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "testfilter",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0005_cache_chain_flush.json-nft b/tests/shell/testcases/cache/dumps/0005_cache_chain_flush.json-nft
index 1497151b163be7ca70087005dfa4ce87b763ad48..dbf561175a1b7b57f6824e73385b75f00a39b5b2 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0005_cache_chain_flush.json-nft
+++ b/tests/shell/testcases/cache/dumps/0005_cache_chain_flush.json-nft
@@ -1 +1,77 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "mapping", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "inet_service", "size": 65535, "flags": ["timeout", "dynamic"]}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "z", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"map": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"payload": {"protocol": "tcp", "field": "sport"}}, "map": "@mapping"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "mapping",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "inet_service",
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "z",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "map": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "sport"
+                }
+              },
+              "map": "@mapping"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0006_cache_table_flush.json-nft b/tests/shell/testcases/cache/dumps/0006_cache_table_flush.json-nft
index 1497151b163be7ca70087005dfa4ce87b763ad48..dbf561175a1b7b57f6824e73385b75f00a39b5b2 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0006_cache_table_flush.json-nft
+++ b/tests/shell/testcases/cache/dumps/0006_cache_table_flush.json-nft
@@ -1 +1,77 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "mapping", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "inet_service", "size": 65535, "flags": ["timeout", "dynamic"]}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "z", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"map": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"payload": {"protocol": "tcp", "field": "sport"}}, "map": "@mapping"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "mapping",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "inet_service",
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "z",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "map": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "sport"
+                }
+              },
+              "map": "@mapping"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0007_echo_cache_init_0.json-nft b/tests/shell/testcases/cache/dumps/0007_echo_cache_init_0.json-nft
index c0afdab0dcf9b6e83b769dded32feb921b5dd0c4..0968d8a4a3ebd9d85c0846c002879c75a3776f24 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0007_echo_cache_init_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0007_echo_cache_init_0.json-nft
@@ -1 +1,68 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "comment": "first", "expr": [{"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "comment": "second", "expr": [{"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "comment": "third", "expr": [{"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "comment": "first",
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "comment": "second",
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "comment": "third",
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0008_delete_by_handle_0.json-nft b/tests/shell/testcases/cache/dumps/0008_delete_by_handle_0.json-nft
index 5696ef2835b999a589cfb5b7b73f96cf6d9ac66a..e0e56fec062362ffbabf62d08a46432095331767 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0008_delete_by_handle_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0008_delete_by_handle_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0009_delete_by_handle_incorrect_0.json-nft b/tests/shell/testcases/cache/dumps/0009_delete_by_handle_incorrect_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0009_delete_by_handle_incorrect_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0009_delete_by_handle_incorrect_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/cache/dumps/0011_index_0.json-nft b/tests/shell/testcases/cache/dumps/0011_index_0.json-nft
index b24ffd64adfafe05fa9cdcd2e637c8490b3253b2..46b2909f5a009873def19edd4a767ee49fe96e64 100644 (file)
--- a/tests/shell/testcases/cache/dumps/0011_index_0.json-nft
+++ b/tests/shell/testcases/cache/dumps/0011_index_0.json-nft
@@ -1 +1,93 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 1234}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 4321}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 1234
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 4321
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0001jumps_0.json-nft b/tests/shell/testcases/chains/dumps/0001jumps_0.json-nft
index 5e70dff381f3bb260443a63fdb4e833f31925bb3..ceef32242503b0e076afa48dc61e518b8d37c136 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0001jumps_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0001jumps_0.json-nft
@@ -1 +1,371 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c3", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c4", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c5", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c6", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c7", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c8", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c9", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c10", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c11", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c12", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c13", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c14", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c15", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c16", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"jump": {"target": "c2"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c2", "handle": 0, "expr": [{"jump": {"target": "c3"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c3", "handle": 0, "expr": [{"jump": {"target": "c4"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c4", "handle": 0, "expr": [{"jump": {"target": "c5"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c5", "handle": 0, "expr": [{"jump": {"target": "c6"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c6", "handle": 0, "expr": [{"jump": {"target": "c7"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c7", "handle": 0, "expr": [{"jump": {"target": "c8"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c8", "handle": 0, "expr": [{"jump": {"target": "c9"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c9", "handle": 0, "expr": [{"jump": {"target": "c10"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c10", "handle": 0, "expr": [{"jump": {"target": "c11"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c11", "handle": 0, "expr": [{"jump": {"target": "c12"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c12", "handle": 0, "expr": [{"jump": {"target": "c13"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c13", "handle": 0, "expr": [{"jump": {"target": "c14"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c14", "handle": 0, "expr": [{"jump": {"target": "c15"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c15", "handle": 0, "expr": [{"jump": {"target": "c16"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c3",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c4",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c5",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c6",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c7",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c8",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c9",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c10",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c11",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c12",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c13",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c14",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c15",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c16",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c2"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c3"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c3",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c4",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c5"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c5",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c6"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c6",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c7"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c7",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c8"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c8",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c9"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c9",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c10"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c10",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c11"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c11",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c12"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c12",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c13"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c13",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c14"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c14",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c15"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c15",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c16"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0002jumps_1.json-nft b/tests/shell/testcases/chains/dumps/0002jumps_1.json-nft
index 5ac08d7388ee49513527aeb5395b53c203d8f393..66f921a0b6c2558b65cd666d9d9275688cddae3a 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0002jumps_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0002jumps_1.json-nft
@@ -1 +1,383 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c3", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c4", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c5", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c6", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c7", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c8", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c9", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c10", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c11", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c12", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c13", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c14", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c15", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c16", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c17", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"jump": {"target": "c2"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c2", "handle": 0, "expr": [{"jump": {"target": "c3"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c3", "handle": 0, "expr": [{"jump": {"target": "c4"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c4", "handle": 0, "expr": [{"jump": {"target": "c5"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c5", "handle": 0, "expr": [{"jump": {"target": "c6"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c6", "handle": 0, "expr": [{"jump": {"target": "c7"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c7", "handle": 0, "expr": [{"jump": {"target": "c8"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c8", "handle": 0, "expr": [{"jump": {"target": "c9"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c9", "handle": 0, "expr": [{"jump": {"target": "c10"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c10", "handle": 0, "expr": [{"jump": {"target": "c11"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c11", "handle": 0, "expr": [{"jump": {"target": "c12"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c12", "handle": 0, "expr": [{"jump": {"target": "c13"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c13", "handle": 0, "expr": [{"jump": {"target": "c14"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c14", "handle": 0, "expr": [{"jump": {"target": "c15"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c15", "handle": 0, "expr": [{"jump": {"target": "c16"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c3",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c4",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c5",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c6",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c7",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c8",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c9",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c10",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c11",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c12",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c13",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c14",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c15",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c16",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c17",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c2"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c3"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c3",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c4",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c5"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c5",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c6"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c6",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c7"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c7",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c8"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c8",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c9"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c9",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c10"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c10",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c11"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c11",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c12"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c12",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c13"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c13",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c14"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c14",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c15"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c15",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c16"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0003jump_loop_1.json-nft b/tests/shell/testcases/chains/dumps/0003jump_loop_1.json-nft
index 5e70dff381f3bb260443a63fdb4e833f31925bb3..ceef32242503b0e076afa48dc61e518b8d37c136 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0003jump_loop_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0003jump_loop_1.json-nft
@@ -1 +1,371 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c3", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c4", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c5", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c6", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c7", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c8", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c9", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c10", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c11", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c12", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c13", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c14", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c15", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c16", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"jump": {"target": "c2"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c2", "handle": 0, "expr": [{"jump": {"target": "c3"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c3", "handle": 0, "expr": [{"jump": {"target": "c4"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c4", "handle": 0, "expr": [{"jump": {"target": "c5"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c5", "handle": 0, "expr": [{"jump": {"target": "c6"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c6", "handle": 0, "expr": [{"jump": {"target": "c7"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c7", "handle": 0, "expr": [{"jump": {"target": "c8"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c8", "handle": 0, "expr": [{"jump": {"target": "c9"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c9", "handle": 0, "expr": [{"jump": {"target": "c10"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c10", "handle": 0, "expr": [{"jump": {"target": "c11"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c11", "handle": 0, "expr": [{"jump": {"target": "c12"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c12", "handle": 0, "expr": [{"jump": {"target": "c13"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c13", "handle": 0, "expr": [{"jump": {"target": "c14"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c14", "handle": 0, "expr": [{"jump": {"target": "c15"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c15", "handle": 0, "expr": [{"jump": {"target": "c16"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c3",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c4",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c5",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c6",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c7",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c8",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c9",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c10",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c11",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c12",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c13",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c14",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c15",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c16",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c2"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c3"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c3",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c4",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c5"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c5",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c6"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c6",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c7"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c7",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c8"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c8",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c9"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c9",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c10"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c10",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c11"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c11",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c12"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c12",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c13"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c13",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c14"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c14",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c15"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c15",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c16"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0004busy_1.json-nft b/tests/shell/testcases/chains/dumps/0004busy_1.json-nft
index 4b6d774b5575b4f9527a10e9d1baa0a0b77c7529..314245ffd157539f4bfb0bd31aad401557d0d114 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0004busy_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0004busy_1.json-nft
@@ -1 +1,49 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"jump": {"target": "c2"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c2"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0005busy_map_1.json-nft b/tests/shell/testcases/chains/dumps/0005busy_map_1.json-nft
index cb281d6a6fb4c57276ab37e6d13bed6dd3990931..ce776822749c3e889902971c2293dbee5556db5a 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0005busy_map_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0005busy_map_1.json-nft
@@ -1 +1,66 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "tcp", "field": "dport"}}, "data": {"set": [[1, {"jump": {"target": "c2"}}]]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    1,
+                    {
+                      "jump": {
+                        "target": "c2"
+                      }
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0006masquerade_0.json-nft b/tests/shell/testcases/chains/dumps/0006masquerade_0.json-nft
index 9c8e9838cd2794db2572a8cbcf512c223fc72de7..b6fc221f108cfb636b9f980e6884ff5a15d44d3e 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0006masquerade_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0006masquerade_0.json-nft
@@ -1 +1,43 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"masquerade": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "masquerade": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0007masquerade_1.json-nft b/tests/shell/testcases/chains/dumps/0007masquerade_1.json-nft
index 197c7d51db998bcd9aba189bc1b58d8682efcc93..98b51044b6687ab1fca650bf26201e3aafc9f2f3 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0007masquerade_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0007masquerade_1.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0008masquerade_jump_1.json-nft b/tests/shell/testcases/chains/dumps/0008masquerade_jump_1.json-nft
index 300dcfa9057bb4dd37fdb7d2bfb8ea376f46c2d8..3215496f5cc2c4a7b60d877681f966657d8dcd77 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0008masquerade_jump_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0008masquerade_jump_1.json-nft
@@ -1 +1,51 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "output", "handle": 0, "type": "nat", "hook": "output", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"masquerade": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "output",
+        "handle": 0,
+        "type": "nat",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "masquerade": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0009masquerade_jump_1.json-nft b/tests/shell/testcases/chains/dumps/0009masquerade_jump_1.json-nft
index 300dcfa9057bb4dd37fdb7d2bfb8ea376f46c2d8..3215496f5cc2c4a7b60d877681f966657d8dcd77 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0009masquerade_jump_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0009masquerade_jump_1.json-nft
@@ -1 +1,51 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "output", "handle": 0, "type": "nat", "hook": "output", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"masquerade": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "output",
+        "handle": 0,
+        "type": "nat",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "masquerade": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.json-nft b/tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.json-nft
index 7d04e01076e7cce8f6e8b51f7d9fa434a740ef41..db64cdbcc44786a8014af6911c766429da20f544 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0013rename_0.json-nft b/tests/shell/testcases/chains/dumps/0013rename_0.json-nft
index 96b80aca177bbf4061752a492ca777a0d95041ac..f89c455abc9ed8164a158d49ca1a470d20a3922f 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0013rename_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0013rename_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0014rename_0.json-nft b/tests/shell/testcases/chains/dumps/0014rename_0.json-nft
index e0268f5aeb913168c9c10fee42356dc03c4ce253..f4c6855eb8fecdae13b90a6d8f72d0a3b259ad0b 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0014rename_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0014rename_0.json-nft
@@ -1 +1,34 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0015check_jump_loop_1.json-nft b/tests/shell/testcases/chains/dumps/0015check_jump_loop_1.json-nft
index 4b6d774b5575b4f9527a10e9d1baa0a0b77c7529..314245ffd157539f4bfb0bd31aad401557d0d114 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0015check_jump_loop_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0015check_jump_loop_1.json-nft
@@ -1 +1,49 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"jump": {"target": "c2"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c2"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0016delete_handle_0.json-nft b/tests/shell/testcases/chains/dumps/0016delete_handle_0.json-nft
index ea1422fbca107234303a57221728a69db76a7db9..ca1311dbb9d58f57b105ea89d785477dcdc6063f 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0016delete_handle_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0016delete_handle_0.json-nft
@@ -1 +1,57 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test-ip", "handle": 0}}, {"chain": {"family": "ip", "table": "test-ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "test-ip", "name": "z", "handle": 0}}, {"table": {"family": "ip6", "name": "test-ip6", "handle": 0}}, {"chain": {"family": "ip6", "table": "test-ip6", "name": "x", "handle": 0}}, {"chain": {"family": "ip6", "table": "test-ip6", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test-ip",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test-ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test-ip",
+        "name": "z",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test-ip6",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "test-ip6",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "test-ip6",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0017masquerade_jump_1.json-nft b/tests/shell/testcases/chains/dumps/0017masquerade_jump_1.json-nft
index 7c9e5c7e26a9a08e05cd725af5be1b77a6a9d7a1..b368c23a074fcda7a9bbe9c7652f97ad9abc0c44 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0017masquerade_jump_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0017masquerade_jump_1.json-nft
@@ -1 +1,53 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 4, "policy": "accept"}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "input", "handle": 0, "expr": [{"jump": {"target": "c1"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 4,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "c1"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0018check_jump_loop_1.json-nft b/tests/shell/testcases/chains/dumps/0018check_jump_loop_1.json-nft
index b3cc95ea24fdd2718cf1f7eccb3cd13fa93cfd6d..7294c8411b20037361c40188c091f84ff85f03e0 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0018check_jump_loop_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0018check_jump_loop_1.json-nft
@@ -1 +1,49 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "ap1", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "ap2", "handle": 0}}, {"rule": {"family": "ip", "table": "filter", "chain": "ap1", "handle": 0, "expr": [{"jump": {"target": "ap2"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "ap1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "ap2",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "ap1",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "ap2"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0019masquerade_jump_1.json-nft b/tests/shell/testcases/chains/dumps/0019masquerade_jump_1.json-nft
index 6b6c41ebdb480205aa51b7a9a0cb947e81e827c3..c164ffb8ade37ce5ccba47646530d861319e53a5 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0019masquerade_jump_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0019masquerade_jump_1.json-nft
@@ -1 +1,70 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 4, "policy": "accept"}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "input", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [["1.1.1.1", {"jump": {"target": "c1"}}]]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 4,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    "1.1.1.1",
+                    {
+                      "jump": {
+                        "target": "c1"
+                      }
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0020depth_1.json-nft b/tests/shell/testcases/chains/dumps/0020depth_1.json-nft
index 2d40330045bd6d2df3f780d85345df44b5c4198d..31bc2b135788aaf101960a97cf11702d531f4f5c 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0020depth_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0020depth_1.json-nft
@@ -1 +1,475 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "filter", "name": "a0", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a1", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a2", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a3", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a4", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a5", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a6", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a7", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a8", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a9", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a10", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a11", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a12", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a13", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a14", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a15", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a16", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a17", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a18", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "a19", "handle": 0}}, {"rule": {"family": "ip", "table": "filter", "chain": "input", "handle": 0, "expr": [{"jump": {"target": "a1"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a0", "handle": 0, "expr": [{"jump": {"target": "a1"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a1", "handle": 0, "expr": [{"jump": {"target": "a2"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a2", "handle": 0, "expr": [{"jump": {"target": "a3"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a3", "handle": 0, "expr": [{"jump": {"target": "a4"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a4", "handle": 0, "expr": [{"jump": {"target": "a5"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a5", "handle": 0, "expr": [{"jump": {"target": "a6"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a6", "handle": 0, "expr": [{"jump": {"target": "a7"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a7", "handle": 0, "expr": [{"jump": {"target": "a8"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a8", "handle": 0, "expr": [{"jump": {"target": "a9"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a9", "handle": 0, "expr": [{"jump": {"target": "a10"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a11", "handle": 0, "expr": [{"jump": {"target": "a12"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a12", "handle": 0, "expr": [{"jump": {"target": "a13"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a13", "handle": 0, "expr": [{"jump": {"target": "a14"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a14", "handle": 0, "expr": [{"jump": {"target": "a15"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a15", "handle": 0, "expr": [{"jump": {"target": "a16"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a16", "handle": 0, "expr": [{"jump": {"target": "a17"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a17", "handle": 0, "expr": [{"jump": {"target": "a18"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "a18", "handle": 0, "expr": [{"jump": {"target": "a19"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a0",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a3",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a4",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a5",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a6",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a7",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a8",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a9",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a10",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a11",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a12",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a13",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a14",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a15",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a16",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a17",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a18",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "a19",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a1"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a0",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a1"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a1",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a2"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a2",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a3"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a3",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a4",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a5"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a5",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a6"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a6",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a7"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a7",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a8"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a8",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a9"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a9",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a10"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a11",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a12"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a12",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a13"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a13",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a14"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a14",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a15"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a15",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a16"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a16",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a17"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a17",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a18"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "a18",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "a19"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0021prio_0.json-nft b/tests/shell/testcases/chains/dumps/0021prio_0.json-nft
index d55bc213f6ba50dda2498e0ef71fedd35cc9d8d1..1a3e11612a197883436421a3535a2f13628c9105 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0021prio_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0021prio_0.json-nft
@@ -1 +1,4743 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingrawm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingrawm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingraw", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingrawp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingrawp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingmanglem11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingmanglem10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingmangle", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingmanglep10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingmanglep11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingfilterm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingfilterm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingfilter", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingfilterp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingfilterp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingsecuritym11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingsecuritym10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingsecurity", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingsecurityp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingsecurityp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputrawm11", "handle": 0, "type": "filter", "hook": "input", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputrawm10", "handle": 0, "type": "filter", "hook": "input", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputraw", "handle": 0, "type": "filter", "hook": "input", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputrawp10", "handle": 0, "type": "filter", "hook": "input", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputrawp11", "handle": 0, "type": "filter", "hook": "input", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputmanglem11", "handle": 0, "type": "filter", "hook": "input", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputmanglem10", "handle": 0, "type": "filter", "hook": "input", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputmangle", "handle": 0, "type": "filter", "hook": "input", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputmanglep10", "handle": 0, "type": "filter", "hook": "input", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputmanglep11", "handle": 0, "type": "filter", "hook": "input", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputfilterm11", "handle": 0, "type": "filter", "hook": "input", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputfilterm10", "handle": 0, "type": "filter", "hook": "input", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputfilter", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputfilterp10", "handle": 0, "type": "filter", "hook": "input", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputfilterp11", "handle": 0, "type": "filter", "hook": "input", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputsecuritym11", "handle": 0, "type": "filter", "hook": "input", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputsecuritym10", "handle": 0, "type": "filter", "hook": "input", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputsecurity", "handle": 0, "type": "filter", "hook": "input", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputsecurityp10", "handle": 0, "type": "filter", "hook": "input", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "inputsecurityp11", "handle": 0, "type": "filter", "hook": "input", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardrawm11", "handle": 0, "type": "filter", "hook": "forward", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardrawm10", "handle": 0, "type": "filter", "hook": "forward", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardraw", "handle": 0, "type": "filter", "hook": "forward", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardrawp10", "handle": 0, "type": "filter", "hook": "forward", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardrawp11", "handle": 0, "type": "filter", "hook": "forward", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardmanglem11", "handle": 0, "type": "filter", "hook": "forward", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardmanglem10", "handle": 0, "type": "filter", "hook": "forward", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardmangle", "handle": 0, "type": "filter", "hook": "forward", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardmanglep10", "handle": 0, "type": "filter", "hook": "forward", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardmanglep11", "handle": 0, "type": "filter", "hook": "forward", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardfilterm11", "handle": 0, "type": "filter", "hook": "forward", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardfilterm10", "handle": 0, "type": "filter", "hook": "forward", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardfilter", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardfilterp10", "handle": 0, "type": "filter", "hook": "forward", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardfilterp11", "handle": 0, "type": "filter", "hook": "forward", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardsecuritym11", "handle": 0, "type": "filter", "hook": "forward", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardsecuritym10", "handle": 0, "type": "filter", "hook": "forward", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardsecurity", "handle": 0, "type": "filter", "hook": "forward", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardsecurityp10", "handle": 0, "type": "filter", "hook": "forward", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "forwardsecurityp11", "handle": 0, "type": "filter", "hook": "forward", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputrawm11", "handle": 0, "type": "filter", "hook": "output", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputrawm10", "handle": 0, "type": "filter", "hook": "output", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputraw", "handle": 0, "type": "filter", "hook": "output", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputrawp10", "handle": 0, "type": "filter", "hook": "output", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputrawp11", "handle": 0, "type": "filter", "hook": "output", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputmanglem11", "handle": 0, "type": "filter", "hook": "output", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputmanglem10", "handle": 0, "type": "filter", "hook": "output", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputmangle", "handle": 0, "type": "filter", "hook": "output", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputmanglep10", "handle": 0, "type": "filter", "hook": "output", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputmanglep11", "handle": 0, "type": "filter", "hook": "output", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputfilterm11", "handle": 0, "type": "filter", "hook": "output", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputfilterm10", "handle": 0, "type": "filter", "hook": "output", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputfilter", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputfilterp10", "handle": 0, "type": "filter", "hook": "output", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputfilterp11", "handle": 0, "type": "filter", "hook": "output", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputsecuritym11", "handle": 0, "type": "filter", "hook": "output", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputsecuritym10", "handle": 0, "type": "filter", "hook": "output", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputsecurity", "handle": 0, "type": "filter", "hook": "output", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputsecurityp10", "handle": 0, "type": "filter", "hook": "output", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "outputsecurityp11", "handle": 0, "type": "filter", "hook": "output", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingrawm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingrawm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingraw", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingrawp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingrawp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingmanglem11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingmanglem10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingmangle", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingmanglep10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingmanglep11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingfilterm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingfilterm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingfilter", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingfilterp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingfilterp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsecuritym11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsecuritym10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsecurity", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsecurityp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsecurityp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingdstnatm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -111, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingdstnatm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -110, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingdstnat", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -100, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingdstnatp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -90, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "preroutingdstnatp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -89, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsrcnatm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 89, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsrcnatm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 90, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsrcnat", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 100, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsrcnatp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 110, "policy": "accept"}}, {"chain": {"family": "ip", "table": "x", "name": "postroutingsrcnatp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 111, "policy": "accept"}}, {"table": {"family": "ip6", "name": "x", "handle": 0}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingrawm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingrawm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingraw", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingrawp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingrawp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingmanglem11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingmanglem10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingmangle", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingmanglep10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingmanglep11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingfilterm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingfilterm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingfilter", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingfilterp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingfilterp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingsecuritym11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingsecuritym10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingsecurity", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingsecurityp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingsecurityp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputrawm11", "handle": 0, "type": "filter", "hook": "input", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputrawm10", "handle": 0, "type": "filter", "hook": "input", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputraw", "handle": 0, "type": "filter", "hook": "input", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputrawp10", "handle": 0, "type": "filter", "hook": "input", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputrawp11", "handle": 0, "type": "filter", "hook": "input", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputmanglem11", "handle": 0, "type": "filter", "hook": "input", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputmanglem10", "handle": 0, "type": "filter", "hook": "input", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputmangle", "handle": 0, "type": "filter", "hook": "input", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputmanglep10", "handle": 0, "type": "filter", "hook": "input", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputmanglep11", "handle": 0, "type": "filter", "hook": "input", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputfilterm11", "handle": 0, "type": "filter", "hook": "input", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputfilterm10", "handle": 0, "type": "filter", "hook": "input", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputfilter", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputfilterp10", "handle": 0, "type": "filter", "hook": "input", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputfilterp11", "handle": 0, "type": "filter", "hook": "input", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputsecuritym11", "handle": 0, "type": "filter", "hook": "input", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputsecuritym10", "handle": 0, "type": "filter", "hook": "input", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputsecurity", "handle": 0, "type": "filter", "hook": "input", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputsecurityp10", "handle": 0, "type": "filter", "hook": "input", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "inputsecurityp11", "handle": 0, "type": "filter", "hook": "input", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardrawm11", "handle": 0, "type": "filter", "hook": "forward", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardrawm10", "handle": 0, "type": "filter", "hook": "forward", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardraw", "handle": 0, "type": "filter", "hook": "forward", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardrawp10", "handle": 0, "type": "filter", "hook": "forward", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardrawp11", "handle": 0, "type": "filter", "hook": "forward", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardmanglem11", "handle": 0, "type": "filter", "hook": "forward", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardmanglem10", "handle": 0, "type": "filter", "hook": "forward", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardmangle", "handle": 0, "type": "filter", "hook": "forward", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardmanglep10", "handle": 0, "type": "filter", "hook": "forward", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardmanglep11", "handle": 0, "type": "filter", "hook": "forward", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardfilterm11", "handle": 0, "type": "filter", "hook": "forward", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardfilterm10", "handle": 0, "type": "filter", "hook": "forward", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardfilter", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardfilterp10", "handle": 0, "type": "filter", "hook": "forward", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardfilterp11", "handle": 0, "type": "filter", "hook": "forward", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardsecuritym11", "handle": 0, "type": "filter", "hook": "forward", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardsecuritym10", "handle": 0, "type": "filter", "hook": "forward", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardsecurity", "handle": 0, "type": "filter", "hook": "forward", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardsecurityp10", "handle": 0, "type": "filter", "hook": "forward", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "forwardsecurityp11", "handle": 0, "type": "filter", "hook": "forward", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputrawm11", "handle": 0, "type": "filter", "hook": "output", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputrawm10", "handle": 0, "type": "filter", "hook": "output", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputraw", "handle": 0, "type": "filter", "hook": "output", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputrawp10", "handle": 0, "type": "filter", "hook": "output", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputrawp11", "handle": 0, "type": "filter", "hook": "output", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputmanglem11", "handle": 0, "type": "filter", "hook": "output", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputmanglem10", "handle": 0, "type": "filter", "hook": "output", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputmangle", "handle": 0, "type": "filter", "hook": "output", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputmanglep10", "handle": 0, "type": "filter", "hook": "output", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputmanglep11", "handle": 0, "type": "filter", "hook": "output", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputfilterm11", "handle": 0, "type": "filter", "hook": "output", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputfilterm10", "handle": 0, "type": "filter", "hook": "output", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputfilter", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputfilterp10", "handle": 0, "type": "filter", "hook": "output", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputfilterp11", "handle": 0, "type": "filter", "hook": "output", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputsecuritym11", "handle": 0, "type": "filter", "hook": "output", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputsecuritym10", "handle": 0, "type": "filter", "hook": "output", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputsecurity", "handle": 0, "type": "filter", "hook": "output", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputsecurityp10", "handle": 0, "type": "filter", "hook": "output", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "outputsecurityp11", "handle": 0, "type": "filter", "hook": "output", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingrawm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -311, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingrawm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -310, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingraw", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -300, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingrawp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingrawp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -289, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingmanglem11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -161, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingmanglem10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -160, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingmangle", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -150, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingmanglep10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingmanglep11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -139, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingfilterm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingfilterm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingfilter", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingfilterp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 10, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingfilterp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 11, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsecuritym11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 39, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsecuritym10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 40, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsecurity", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 50, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsecurityp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 60, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsecurityp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 61, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingdstnatm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -111, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingdstnatm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -110, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingdstnat", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -100, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingdstnatp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -90, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "preroutingdstnatp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -89, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsrcnatm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 89, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsrcnatm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 90, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsrcnat", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 100, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsrcnatp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 110, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "x", "name": "postroutingsrcnatp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 111, "policy": "accept"}}, {"table": {"family": "inet", "name": "x", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingrawm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -311, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingrawm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -310, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingraw", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -300, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingrawp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingrawp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -289, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingmanglem11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -161, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingmanglem10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -160, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingmangle", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -150, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingmanglep10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingmanglep11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -139, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingfilterm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingfilterm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingfilter", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingfilterp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingfilterp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingsecuritym11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 39, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingsecuritym10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 40, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingsecurity", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 50, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingsecurityp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 60, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingsecurityp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 61, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputrawm11", "handle": 0, "type": "filter", "hook": "input", "prio": -311, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputrawm10", "handle": 0, "type": "filter", "hook": "input", "prio": -310, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputraw", "handle": 0, "type": "filter", "hook": "input", "prio": -300, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputrawp10", "handle": 0, "type": "filter", "hook": "input", "prio": -290, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputrawp11", "handle": 0, "type": "filter", "hook": "input", "prio": -289, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputmanglem11", "handle": 0, "type": "filter", "hook": "input", "prio": -161, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputmanglem10", "handle": 0, "type": "filter", "hook": "input", "prio": -160, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputmangle", "handle": 0, "type": "filter", "hook": "input", "prio": -150, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputmanglep10", "handle": 0, "type": "filter", "hook": "input", "prio": -140, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputmanglep11", "handle": 0, "type": "filter", "hook": "input", "prio": -139, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputfilterm11", "handle": 0, "type": "filter", "hook": "input", "prio": -11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputfilterm10", "handle": 0, "type": "filter", "hook": "input", "prio": -10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputfilter", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputfilterp10", "handle": 0, "type": "filter", "hook": "input", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputfilterp11", "handle": 0, "type": "filter", "hook": "input", "prio": 11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputsecuritym11", "handle": 0, "type": "filter", "hook": "input", "prio": 39, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputsecuritym10", "handle": 0, "type": "filter", "hook": "input", "prio": 40, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputsecurity", "handle": 0, "type": "filter", "hook": "input", "prio": 50, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputsecurityp10", "handle": 0, "type": "filter", "hook": "input", "prio": 60, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "inputsecurityp11", "handle": 0, "type": "filter", "hook": "input", "prio": 61, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardrawm11", "handle": 0, "type": "filter", "hook": "forward", "prio": -311, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardrawm10", "handle": 0, "type": "filter", "hook": "forward", "prio": -310, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardraw", "handle": 0, "type": "filter", "hook": "forward", "prio": -300, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardrawp10", "handle": 0, "type": "filter", "hook": "forward", "prio": -290, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardrawp11", "handle": 0, "type": "filter", "hook": "forward", "prio": -289, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardmanglem11", "handle": 0, "type": "filter", "hook": "forward", "prio": -161, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardmanglem10", "handle": 0, "type": "filter", "hook": "forward", "prio": -160, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardmangle", "handle": 0, "type": "filter", "hook": "forward", "prio": -150, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardmanglep10", "handle": 0, "type": "filter", "hook": "forward", "prio": -140, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardmanglep11", "handle": 0, "type": "filter", "hook": "forward", "prio": -139, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardfilterm11", "handle": 0, "type": "filter", "hook": "forward", "prio": -11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardfilterm10", "handle": 0, "type": "filter", "hook": "forward", "prio": -10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardfilter", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardfilterp10", "handle": 0, "type": "filter", "hook": "forward", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardfilterp11", "handle": 0, "type": "filter", "hook": "forward", "prio": 11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardsecuritym11", "handle": 0, "type": "filter", "hook": "forward", "prio": 39, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardsecuritym10", "handle": 0, "type": "filter", "hook": "forward", "prio": 40, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardsecurity", "handle": 0, "type": "filter", "hook": "forward", "prio": 50, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardsecurityp10", "handle": 0, "type": "filter", "hook": "forward", "prio": 60, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "forwardsecurityp11", "handle": 0, "type": "filter", "hook": "forward", "prio": 61, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputrawm11", "handle": 0, "type": "filter", "hook": "output", "prio": -311, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputrawm10", "handle": 0, "type": "filter", "hook": "output", "prio": -310, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputraw", "handle": 0, "type": "filter", "hook": "output", "prio": -300, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputrawp10", "handle": 0, "type": "filter", "hook": "output", "prio": -290, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputrawp11", "handle": 0, "type": "filter", "hook": "output", "prio": -289, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputmanglem11", "handle": 0, "type": "filter", "hook": "output", "prio": -161, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputmanglem10", "handle": 0, "type": "filter", "hook": "output", "prio": -160, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputmangle", "handle": 0, "type": "filter", "hook": "output", "prio": -150, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputmanglep10", "handle": 0, "type": "filter", "hook": "output", "prio": -140, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputmanglep11", "handle": 0, "type": "filter", "hook": "output", "prio": -139, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputfilterm11", "handle": 0, "type": "filter", "hook": "output", "prio": -11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputfilterm10", "handle": 0, "type": "filter", "hook": "output", "prio": -10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputfilter", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputfilterp10", "handle": 0, "type": "filter", "hook": "output", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputfilterp11", "handle": 0, "type": "filter", "hook": "output", "prio": 11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputsecuritym11", "handle": 0, "type": "filter", "hook": "output", "prio": 39, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputsecuritym10", "handle": 0, "type": "filter", "hook": "output", "prio": 40, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputsecurity", "handle": 0, "type": "filter", "hook": "output", "prio": 50, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputsecurityp10", "handle": 0, "type": "filter", "hook": "output", "prio": 60, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "outputsecurityp11", "handle": 0, "type": "filter", "hook": "output", "prio": 61, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingrawm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -311, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingrawm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -310, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingraw", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -300, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingrawp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingrawp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -289, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingmanglem11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -161, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingmanglem10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -160, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingmangle", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -150, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingmanglep10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingmanglep11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -139, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingfilterm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingfilterm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingfilter", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingfilterp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingfilterp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 11, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsecuritym11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 39, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsecuritym10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 40, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsecurity", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 50, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsecurityp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 60, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsecurityp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 61, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingdstnatm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -111, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingdstnatm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -110, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingdstnat", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -100, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingdstnatp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -90, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "preroutingdstnatp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -89, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsrcnatm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 89, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsrcnatm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 90, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsrcnat", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 100, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsrcnatp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 110, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "postroutingsrcnatp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 111, "policy": "accept"}}, {"table": {"family": "arp", "name": "x", "handle": 0}}, {"chain": {"family": "arp", "table": "x", "name": "inputfilterm11", "handle": 0, "type": "filter", "hook": "input", "prio": -11, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "inputfilterm10", "handle": 0, "type": "filter", "hook": "input", "prio": -10, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "inputfilter", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "inputfilterp10", "handle": 0, "type": "filter", "hook": "input", "prio": 10, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "inputfilterp11", "handle": 0, "type": "filter", "hook": "input", "prio": 11, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "outputfilterm11", "handle": 0, "type": "filter", "hook": "output", "prio": -11, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "outputfilterm10", "handle": 0, "type": "filter", "hook": "output", "prio": -10, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "outputfilter", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "outputfilterp10", "handle": 0, "type": "filter", "hook": "output", "prio": 10, "policy": "accept"}}, {"chain": {"family": "arp", "table": "x", "name": "outputfilterp11", "handle": 0, "type": "filter", "hook": "output", "prio": 11, "policy": "accept"}}, {"table": {"family": "netdev", "name": "x", "handle": 0}}, {"chain": {"family": "netdev", "table": "x", "name": "ingressfilterm11", "handle": 0, "dev": "lo", "type": "filter", "hook": "ingress", "prio": -11, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "ingressfilterm10", "handle": 0, "dev": "lo", "type": "filter", "hook": "ingress", "prio": -10, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "ingressfilter", "handle": 0, "dev": "lo", "type": "filter", "hook": "ingress", "prio": 0, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "ingressfilterp10", "handle": 0, "dev": "lo", "type": "filter", "hook": "ingress", "prio": 10, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "ingressfilterp11", "handle": 0, "dev": "lo", "type": "filter", "hook": "ingress", "prio": 11, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "egressfilterm11", "handle": 0, "dev": "lo", "type": "filter", "hook": "egress", "prio": -11, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "egressfilterm10", "handle": 0, "dev": "lo", "type": "filter", "hook": "egress", "prio": -10, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "egressfilter", "handle": 0, "dev": "lo", "type": "filter", "hook": "egress", "prio": 0, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "egressfilterp10", "handle": 0, "dev": "lo", "type": "filter", "hook": "egress", "prio": 10, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "x", "name": "egressfilterp11", "handle": 0, "dev": "lo", "type": "filter", "hook": "egress", "prio": 11, "policy": "accept"}}, {"table": {"family": "bridge", "name": "x", "handle": 0}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingfilterm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -211, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingfilterm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -210, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingfilter", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -200, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingfilterp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -190, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingfilterp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -189, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "inputfilterm11", "handle": 0, "type": "filter", "hook": "input", "prio": -211, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "inputfilterm10", "handle": 0, "type": "filter", "hook": "input", "prio": -210, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "inputfilter", "handle": 0, "type": "filter", "hook": "input", "prio": -200, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "inputfilterp10", "handle": 0, "type": "filter", "hook": "input", "prio": -190, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "inputfilterp11", "handle": 0, "type": "filter", "hook": "input", "prio": -189, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "forwardfilterm11", "handle": 0, "type": "filter", "hook": "forward", "prio": -211, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "forwardfilterm10", "handle": 0, "type": "filter", "hook": "forward", "prio": -210, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "forwardfilter", "handle": 0, "type": "filter", "hook": "forward", "prio": -200, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "forwardfilterp10", "handle": 0, "type": "filter", "hook": "forward", "prio": -190, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "forwardfilterp11", "handle": 0, "type": "filter", "hook": "forward", "prio": -189, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputfilterm11", "handle": 0, "type": "filter", "hook": "output", "prio": -211, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputfilterm10", "handle": 0, "type": "filter", "hook": "output", "prio": -210, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputfilter", "handle": 0, "type": "filter", "hook": "output", "prio": -200, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputfilterp10", "handle": 0, "type": "filter", "hook": "output", "prio": -190, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputfilterp11", "handle": 0, "type": "filter", "hook": "output", "prio": -189, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingfilterm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -211, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingfilterm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -210, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingfilter", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -200, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingfilterp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -190, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingfilterp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -189, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingdstnatm11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -311, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingdstnatm10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -310, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingdstnat", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -300, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingdstnatp10", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "preroutingdstnatp11", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -289, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputoutm11", "handle": 0, "type": "filter", "hook": "output", "prio": 89, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputoutm10", "handle": 0, "type": "filter", "hook": "output", "prio": 90, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputout", "handle": 0, "type": "filter", "hook": "output", "prio": 100, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputoutp10", "handle": 0, "type": "filter", "hook": "output", "prio": 110, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "outputoutp11", "handle": 0, "type": "filter", "hook": "output", "prio": 111, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingsrcnatm11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 289, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingsrcnatm10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 290, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingsrcnat", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 300, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingsrcnatp10", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 310, "policy": "accept"}}, {"chain": {"family": "bridge", "table": "x", "name": "postroutingsrcnatp11", "handle": 0, "type": "filter", "hook": "postrouting", "prio": 311, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "inputsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "forwardsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "outputsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingdstnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -111,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingdstnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingdstnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingdstnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "preroutingdstnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -89,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsrcnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 89,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsrcnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsrcnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsrcnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "postroutingsrcnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 111,
+        "policy": "accept"
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "inputsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "forwardsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "outputsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingdstnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -111,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingdstnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingdstnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingdstnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "preroutingdstnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -89,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsrcnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 89,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsrcnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsrcnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsrcnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "postroutingsrcnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 111,
+        "policy": "accept"
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "inputsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "forwardsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "outputsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingrawm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingrawm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingraw",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingrawp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingrawp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingmanglem11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -161,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingmanglem10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -160,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingmangle",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -150,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingmanglep10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingmanglep11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -139,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsecuritym11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 39,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsecuritym10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 40,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsecurity",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 50,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsecurityp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 60,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsecurityp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 61,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingdstnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -111,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingdstnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingdstnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingdstnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "preroutingdstnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -89,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsrcnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 89,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsrcnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsrcnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsrcnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "postroutingsrcnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 111,
+        "policy": "accept"
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "inputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "inputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "inputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "inputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "inputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "outputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "outputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "outputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "outputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "x",
+        "name": "outputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "ingressfilterm11",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "ingress",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "ingressfilterm10",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "ingress",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "ingressfilter",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "ingress",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "ingressfilterp10",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "ingress",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "ingressfilterp11",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "ingress",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "egressfilterm11",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "egress",
+        "prio": -11,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "egressfilterm10",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "egress",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "egressfilter",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "egress",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "egressfilterp10",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "egress",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "egressfilterp11",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "egress",
+        "prio": 11,
+        "policy": "accept"
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -211,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -210,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -200,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -190,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -189,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "inputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -211,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "inputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -210,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "inputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -200,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "inputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -190,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "inputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -189,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "forwardfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -211,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "forwardfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -210,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "forwardfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -200,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "forwardfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -190,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "forwardfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": -189,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -211,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -210,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -200,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -190,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": -189,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingfilterm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -211,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingfilterm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -210,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingfilter",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -200,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingfilterp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -190,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingfilterp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -189,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingdstnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -311,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingdstnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingdstnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingdstnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "preroutingdstnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputoutm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 89,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputoutm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputout",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputoutp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "outputoutp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 111,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingsrcnatm11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 289,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingsrcnatm10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingsrcnat",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 300,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingsrcnatp10",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 310,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "x",
+        "name": "postroutingsrcnatp11",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": 311,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0022prio_dummy_1.json-nft b/tests/shell/testcases/chains/dumps/0022prio_dummy_1.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0022prio_dummy_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0022prio_dummy_1.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.json-nft b/tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.json-nft
index aaeaa6cc0d96a4285112596ea27fb7e23444622b..72e0d438f6133bfa9ca0f73cdb0148eac6a2edbe 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.json-nft
@@ -1 +1,32 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"table": {"family": "ip6", "name": "x", "handle": 0}}, {"table": {"family": "inet", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.json-nft b/tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.json-nft
index aaeaa6cc0d96a4285112596ea27fb7e23444622b..72e0d438f6133bfa9ca0f73cdb0148eac6a2edbe 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.json-nft
@@ -1 +1,32 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"table": {"family": "ip6", "name": "x", "handle": 0}}, {"table": {"family": "inet", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0025prio_arp_1.json-nft b/tests/shell/testcases/chains/dumps/0025prio_arp_1.json-nft
index 32b4ee3ba2f87e4d97d918f6c3d6dd386d9c1804..17410e3248d2585508e26135c66dacbbed5e556c 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0025prio_arp_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0025prio_arp_1.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "arp", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0026prio_netdev_1.json-nft b/tests/shell/testcases/chains/dumps/0026prio_netdev_1.json-nft
index 218571c7bdbeffff9e219dc3c7eadfa9ea229e83..7d78bd67570349b68132fa42111e6972b8717ae5 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0026prio_netdev_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0026prio_netdev_1.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "netdev", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.json-nft b/tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.json-nft
index 5dea6a848624b606dbdf0d91dc968681c5c4e484..af6ff0a44ac73e578be5827953e36c0c0178f7e4 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "bridge", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.json-nft b/tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.json-nft
index 5dea6a848624b606dbdf0d91dc968681c5c4e484..af6ff0a44ac73e578be5827953e36c0c0178f7e4 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "bridge", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.json-nft b/tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.json-nft
index 5dea6a848624b606dbdf0d91dc968681c5c4e484..af6ff0a44ac73e578be5827953e36c0c0178f7e4 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "bridge", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0030create_0.json-nft b/tests/shell/testcases/chains/dumps/0030create_0.json-nft
index e6b3a36d141e8fdbe2e8c6f19d1e78524e4abb27..b6088c8037b69c276213d32c7f7b0d00c1c080eb 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0030create_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0030create_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0031priority_variable_0.json-nft b/tests/shell/testcases/chains/dumps/0031priority_variable_0.json-nft
index 3a7ef34d52dfc112f84e31edd11972c3ebdf560e..9572eda3d35254e3ae1d15bf0e4e3ec10377e8ed 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0031priority_variable_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0031priority_variable_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "global", "handle": 0}}, {"chain": {"family": "inet", "table": "global", "name": "prerouting", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "global",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "global",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0032priority_variable_0.json-nft b/tests/shell/testcases/chains/dumps/0032priority_variable_0.json-nft
index 67fcf658c84f22ba9ab4801560b986eb4cde8fd6..3044a6687ac58d14fe04c30547f844445a4ec604 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0032priority_variable_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0032priority_variable_0.json-nft
@@ -1 +1,54 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "global", "handle": 0}}, {"chain": {"family": "inet", "table": "global", "name": "prerouting", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "global", "name": "forward", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -100, "policy": "accept"}}, {"chain": {"family": "inet", "table": "global", "name": "postrouting", "handle": 0, "type": "filter", "hook": "postrouting", "prio": -10, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "global",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "global",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "global",
+        "name": "forward",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -100,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "global",
+        "name": "postrouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "postrouting",
+        "prio": -10,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0033priority_variable_1.json-nft b/tests/shell/testcases/chains/dumps/0033priority_variable_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0033priority_variable_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0033priority_variable_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0034priority_variable_1.json-nft b/tests/shell/testcases/chains/dumps/0034priority_variable_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0034priority_variable_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0034priority_variable_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0035policy_variable_0.json-nft b/tests/shell/testcases/chains/dumps/0035policy_variable_0.json-nft
index 3a7ef34d52dfc112f84e31edd11972c3ebdf560e..9572eda3d35254e3ae1d15bf0e4e3ec10377e8ed 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0035policy_variable_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0035policy_variable_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "global", "handle": 0}}, {"chain": {"family": "inet", "table": "global", "name": "prerouting", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "global",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "global",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0036policy_variable_0.json-nft b/tests/shell/testcases/chains/dumps/0036policy_variable_0.json-nft
index 13fa5ca7e1be109b0b1aa5bf2313d9c057c941bf..fc688463dc36409109f9c4737718122d1be6f794 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0036policy_variable_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0036policy_variable_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "global", "handle": 0}}, {"chain": {"family": "inet", "table": "global", "name": "prerouting", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "drop"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "global",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "global",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "drop"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0037policy_variable_1.json-nft b/tests/shell/testcases/chains/dumps/0037policy_variable_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0037policy_variable_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0037policy_variable_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0038policy_variable_1.json-nft b/tests/shell/testcases/chains/dumps/0038policy_variable_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0038policy_variable_1.json-nft
+++ b/tests/shell/testcases/chains/dumps/0038policy_variable_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0039negative_priority_0.json-nft b/tests/shell/testcases/chains/dumps/0039negative_priority_0.json-nft
index 699ad5298f65a7cafadf1f18088d9cf6a086e752..94218a8d9c3c1235ac835eb0c0d789f23476a564 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0039negative_priority_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0039negative_priority_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": -30, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -30,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0042chain_variable_0.json-nft b/tests/shell/testcases/chains/dumps/0042chain_variable_0.json-nft
index e39f7ff7c2e84b3909e60a10a890f81349a9274f..4059e85bc9258768b28af9307bfd4aa245774be3 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0042chain_variable_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0042chain_variable_0.json-nft
@@ -1 +1,90 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "netdev", "name": "filter1", "handle": 0}}, {"chain": {"family": "netdev", "table": "filter1", "name": "Main_Ingress1", "handle": 0, "dev": "lo", "type": "filter", "hook": "ingress", "prio": -500, "policy": "accept"}}, {"table": {"family": "netdev", "name": "filter2", "handle": 0}}, {"chain": {"family": "netdev", "table": "filter2", "name": "Main_Ingress2", "handle": 0, "dev": ["d23456789012345", "lo"], "type": "filter", "hook": "ingress", "prio": -500, "policy": "accept"}}, {"table": {"family": "netdev", "name": "filter3", "handle": 0}}, {"chain": {"family": "netdev", "table": "filter3", "name": "Main_Ingress3", "handle": 0, "dev": ["d23456789012345", "lo"], "type": "filter", "hook": "ingress", "prio": -500, "policy": "accept"}}, {"chain": {"family": "netdev", "table": "filter3", "name": "Main_Egress3", "handle": 0, "dev": "lo", "type": "filter", "hook": "egress", "prio": -500, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "filter1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "filter1",
+        "name": "Main_Ingress1",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "ingress",
+        "prio": -500,
+        "policy": "accept"
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "filter2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "filter2",
+        "name": "Main_Ingress2",
+        "handle": 0,
+        "dev": [
+          "d23456789012345",
+          "lo"
+        ],
+        "type": "filter",
+        "hook": "ingress",
+        "prio": -500,
+        "policy": "accept"
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "filter3",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "filter3",
+        "name": "Main_Ingress3",
+        "handle": 0,
+        "dev": [
+          "d23456789012345",
+          "lo"
+        ],
+        "type": "filter",
+        "hook": "ingress",
+        "prio": -500,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "filter3",
+        "name": "Main_Egress3",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "egress",
+        "prio": -500,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0043chain_ingress_0.json-nft b/tests/shell/testcases/chains/dumps/0043chain_ingress_0.json-nft
index 77eb7237666d9c551a1ea8bed88142a9c44ab858..6753658e023d538587d83d1b430993a7f0ac2d87 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0043chain_ingress_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0043chain_ingress_0.json-nft
@@ -1 +1,55 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "ingress", "handle": 0, "dev": "lo", "type": "filter", "hook": "ingress", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "filter", "name": "forward", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "ingress",
+        "handle": 0,
+        "dev": "lo",
+        "type": "filter",
+        "hook": "ingress",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "forward",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/0044chain_destroy_0.json-nft b/tests/shell/testcases/chains/dumps/0044chain_destroy_0.json-nft
index 5696ef2835b999a589cfb5b7b73f96cf6d9ac66a..e0e56fec062362ffbabf62d08a46432095331767 100644 (file)
--- a/tests/shell/testcases/chains/dumps/0044chain_destroy_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/0044chain_destroy_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/netdev_chain_0.json-nft b/tests/shell/testcases/chains/dumps/netdev_chain_0.json-nft
index 218571c7bdbeffff9e219dc3c7eadfa9ea229e83..7d78bd67570349b68132fa42111e6972b8717ae5 100644 (file)
--- a/tests/shell/testcases/chains/dumps/netdev_chain_0.json-nft
+++ b/tests/shell/testcases/chains/dumps/netdev_chain_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "netdev", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/chains/dumps/netdev_chain_autoremove.json-nft b/tests/shell/testcases/chains/dumps/netdev_chain_autoremove.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/chains/dumps/netdev_chain_autoremove.json-nft
+++ b/tests/shell/testcases/chains/dumps/netdev_chain_autoremove.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/comments/dumps/comments_0.json-nft b/tests/shell/testcases/comments/dumps/comments_0.json-nft
index b8069be3b4e4756e4436cd7e030b44c692d0ef99..28898a52608d32e954dd64dfd0559b1593c5cc74 100644 (file)
--- a/tests/shell/testcases/comments/dumps/comments_0.json-nft
+++ b/tests/shell/testcases/comments/dumps/comments_0.json-nft
@@ -1 +1,135 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "x", "handle": 0}}, {"set": {"family": "inet", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "elem": ["2.2.2.2", "3.3.3.3"]}}, {"chain": {"family": "inet", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "icmpv6", "field": "type"}}, "right": {"set": ["destination-unreachable", "packet-too-big"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "icmp", "field": "type"}}, "right": {"set": [1, 2]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [21, 2121]}}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "2.2.2.2",
+          "3.3.3.3"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "icmpv6",
+                  "field": "type"
+                }
+              },
+              "right": {
+                "set": [
+                  "destination-unreachable",
+                  "packet-too-big"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "icmp",
+                  "field": "type"
+                }
+              },
+              "right": {
+                "set": [
+                  1,
+                  2
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  21,
+                  2121
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft
index 94609e9aaec52d9a00055950253b4593d1e6602c..090c974456ca6ee6ced4bcd9e52672859733ab78 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft
@@ -1 +1,53 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"flowtable": {"family": "inet", "name": "f", "table": "t", "handle": 0, "hook": "ingress", "prio": 10, "dev": "lo"}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"flow": {"op": "add", "flowtable": "@f"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "inet",
+        "name": "f",
+        "table": "t",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 10,
+        "dev": "lo"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "flow": {
+              "op": "add",
+              "flowtable": "@f"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft
index 5d11a5e8bf1ff2be481efe0f4b5ff527c4e1d1e0..0013512b85d4f37c1551d501ec27357fdee01f82 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft
@@ -1 +1,29 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"flowtable": {"family": "ip", "name": "f", "table": "t", "handle": 0, "hook": "ingress", "prio": 10, "dev": "lo"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "f",
+        "table": "t",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 10,
+        "dev": "lo"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft b/tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft
index 557b2e56e5e95d4c1db76ed2683bfb405f6d776d..04057f1f7b74c6d3af153d0f3c3e1466c1c9d92a 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft
@@ -1 +1,29 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"flowtable": {"family": "ip", "name": "y", "table": "x", "handle": 0, "hook": "ingress", "prio": 0, "dev": "lo"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft b/tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft b/tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft
index 23ae711538fc1f04fc520c95b4e88d7f377f35e1..db73a530366325ca8889eeb246c4fdc49dc20121 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft
@@ -1 +1,53 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"flowtable": {"family": "ip", "name": "y", "table": "x", "handle": 0, "hook": "ingress", "prio": 0, "dev": "lo"}}, {"chain": {"family": "ip", "table": "x", "name": "x", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "x", "handle": 0, "expr": [{"flow": {"op": "add", "flowtable": "@y"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "x",
+        "handle": 0,
+        "expr": [
+          {
+            "flow": {
+              "op": "add",
+              "flowtable": "@y"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft b/tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft
index 5696ef2835b999a589cfb5b7b73f96cf6d9ac66a..e0e56fec062362ffbabf62d08a46432095331767 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft b/tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft
index 5696ef2835b999a589cfb5b7b73f96cf6d9ac66a..e0e56fec062362ffbabf62d08a46432095331767 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft b/tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft
index 5696ef2835b999a589cfb5b7b73f96cf6d9ac66a..e0e56fec062362ffbabf62d08a46432095331767 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft b/tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft
index e6b3a36d141e8fdbe2e8c6f19d1e78524e4abb27..b6088c8037b69c276213d32c7f7b0d00c1c080eb 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft b/tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft
index 6de121c805812ed9b747613d1e15fffb8976a19c..10372b0e9a1710c2c3209b8b76a88e6e17843fe5 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft b/tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft
index e6b3a36d141e8fdbe2e8c6f19d1e78524e4abb27..b6088c8037b69c276213d32c7f7b0d00c1c080eb 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft
index 562a94fda847a981ab4eaf302a25d72189563cb5..10f1df98874abf6a50c6afd4f68d13115b6e1e73 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft
@@ -1 +1,47 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter1", "handle": 0}}, {"flowtable": {"family": "ip", "name": "Main_ft1", "table": "filter1", "handle": 0, "hook": "ingress", "prio": 0, "dev": "lo"}}, {"table": {"family": "ip", "name": "filter2", "handle": 0}}, {"flowtable": {"family": "ip", "name": "Main_ft2", "table": "filter2", "handle": 0, "hook": "ingress", "prio": 0, "dev": "lo"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter1",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "Main_ft1",
+        "table": "filter1",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter2",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "Main_ft2",
+        "table": "filter2",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft b/tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft
index 24a1aa394f0511a9234d769d1b11f6515aa4dec9..85c7b327427c7312ea788863374201bcbceb1a59 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft
@@ -1 +1,29 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"flowtable": {"family": "inet", "name": "f", "table": "filter", "handle": 0, "hook": "ingress", "prio": -1, "dev": "lo"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "inet",
+        "name": "f",
+        "table": "filter",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": -1,
+        "dev": "lo"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft b/tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft
index 06ce1d5ff701645de6315fc91ea72e9571f8a4f5..79707ca30d958a5a56f17dd40986e30cbc0385f7 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft
@@ -1 +1,63 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"flowtable": {"family": "inet", "name": "f", "table": "filter", "handle": 0, "hook": "ingress", "prio": -1, "dev": "lo"}}, {"chain": {"family": "inet", "table": "filter", "name": "y", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "y", "handle": 0, "expr": [{"flow": {"op": "add", "flowtable": "@f"}}, {"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "inet",
+        "name": "f",
+        "table": "filter",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": -1,
+        "dev": "lo"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "flow": {
+              "op": "add",
+              "flowtable": "@f"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft b/tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft
index 5696ef2835b999a589cfb5b7b73f96cf6d9ac66a..e0e56fec062362ffbabf62d08a46432095331767 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0001absolute_0.json-nft b/tests/shell/testcases/include/dumps/0001absolute_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/include/dumps/0001absolute_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0001absolute_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0002relative_0.json-nft b/tests/shell/testcases/include/dumps/0002relative_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/include/dumps/0002relative_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0002relative_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0003includepath_0.json-nft b/tests/shell/testcases/include/dumps/0003includepath_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/include/dumps/0003includepath_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0003includepath_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0004endlessloop_1.json-nft b/tests/shell/testcases/include/dumps/0004endlessloop_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0004endlessloop_1.json-nft
+++ b/tests/shell/testcases/include/dumps/0004endlessloop_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0005glob_empty_0.json-nft b/tests/shell/testcases/include/dumps/0005glob_empty_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0005glob_empty_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0005glob_empty_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0006glob_single_0.json-nft b/tests/shell/testcases/include/dumps/0006glob_single_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/include/dumps/0006glob_single_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0006glob_single_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0007glob_double_0.json-nft b/tests/shell/testcases/include/dumps/0007glob_double_0.json-nft
index d5340905877c4571f8132508ed600344258320cd..ea75b43fb2b9ba060325c9e6081b933992b39418 100644 (file)
--- a/tests/shell/testcases/include/dumps/0007glob_double_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0007glob_double_0.json-nft
@@ -1 +1,25 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"table": {"family": "ip", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0008glob_nofile_wildcard_0.json-nft b/tests/shell/testcases/include/dumps/0008glob_nofile_wildcard_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0008glob_nofile_wildcard_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0008glob_nofile_wildcard_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0009glob_nofile_1.json-nft b/tests/shell/testcases/include/dumps/0009glob_nofile_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0009glob_nofile_1.json-nft
+++ b/tests/shell/testcases/include/dumps/0009glob_nofile_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0010glob_broken_file_1.json-nft b/tests/shell/testcases/include/dumps/0010glob_broken_file_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0010glob_broken_file_1.json-nft
+++ b/tests/shell/testcases/include/dumps/0010glob_broken_file_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0011glob_dependency_0.json-nft b/tests/shell/testcases/include/dumps/0011glob_dependency_0.json-nft
index e6b3a36d141e8fdbe2e8c6f19d1e78524e4abb27..b6088c8037b69c276213d32c7f7b0d00c1c080eb 100644 (file)
--- a/tests/shell/testcases/include/dumps/0011glob_dependency_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0011glob_dependency_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0012glob_dependency_1.json-nft b/tests/shell/testcases/include/dumps/0012glob_dependency_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0012glob_dependency_1.json-nft
+++ b/tests/shell/testcases/include/dumps/0012glob_dependency_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0013glob_dotfile_0.json-nft b/tests/shell/testcases/include/dumps/0013glob_dotfile_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/include/dumps/0013glob_dotfile_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0013glob_dotfile_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0013input_descriptors_included_files_0.json-nft b/tests/shell/testcases/include/dumps/0013input_descriptors_included_files_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0013input_descriptors_included_files_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0013input_descriptors_included_files_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0014glob_directory_0.json-nft b/tests/shell/testcases/include/dumps/0014glob_directory_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0014glob_directory_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0014glob_directory_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0015doubleincludepath_0.json-nft b/tests/shell/testcases/include/dumps/0015doubleincludepath_0.json-nft
index e6b3a36d141e8fdbe2e8c6f19d1e78524e4abb27..b6088c8037b69c276213d32c7f7b0d00c1c080eb 100644 (file)
--- a/tests/shell/testcases/include/dumps/0015doubleincludepath_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0015doubleincludepath_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0016maxdepth_0.json-nft b/tests/shell/testcases/include/dumps/0016maxdepth_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0016maxdepth_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0016maxdepth_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0017glob_more_than_maxdepth_1.json-nft b/tests/shell/testcases/include/dumps/0017glob_more_than_maxdepth_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0017glob_more_than_maxdepth_1.json-nft
+++ b/tests/shell/testcases/include/dumps/0017glob_more_than_maxdepth_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0018include_error_0.json-nft b/tests/shell/testcases/include/dumps/0018include_error_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0018include_error_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0018include_error_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0019include_error_0.json-nft b/tests/shell/testcases/include/dumps/0019include_error_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/include/dumps/0019include_error_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0019include_error_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/include/dumps/0020include_chain_0.json-nft b/tests/shell/testcases/include/dumps/0020include_chain_0.json-nft
index 369cec715145e4d9bedb734b4d5e38f95051e835..e893ccf1d55d71627337a71b01bb6d336ffbd454 100644 (file)
--- a/tests/shell/testcases/include/dumps/0020include_chain_0.json-nft
+++ b/tests/shell/testcases/include/dumps/0020include_chain_0.json-nft
@@ -1 +1,128 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "input2", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "filter", "name": "output2", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "input2", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "1.2.3.4"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22, 123, 443]}}}, {"drop": null}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "output2", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "1.2.3.4"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22, 123, 443]}}}, {"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input2",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "output2",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "input2",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "1.2.3.4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22,
+                  123,
+                  443
+                ]
+              }
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "output2",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "1.2.3.4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22,
+                  123,
+                  443
+                ]
+              }
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/json/dumps/0001set_statements_0.json-nft b/tests/shell/testcases/json/dumps/0001set_statements_0.json-nft
index 2dcf333b2cd817d373a67c021df1a8af7dd5bf3f..3830b8450a93b81bdc4abade283dac8d3c658dc4 100644 (file)
--- a/tests/shell/testcases/json/dumps/0001set_statements_0.json-nft
+++ b/tests/shell/testcases/json/dumps/0001set_statements_0.json-nft
@@ -1 +1,100 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "testt", "handle": 0}}, {"set": {"family": "ip", "name": "ssh_meter", "table": "testt", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"chain": {"family": "ip", "table": "testt", "name": "testc", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "testt", "chain": "testc", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}, {"set": {"op": "add", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "set": "@ssh_meter", "stmt": [{"limit": {"rate": 10, "burst": 5, "per": "second"}}]}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "testt",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "ssh_meter",
+        "table": "testt",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "testt",
+        "name": "testc",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "testt",
+        "chain": "testc",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "set": "@ssh_meter",
+              "stmt": [
+                {
+                  "limit": {
+                    "rate": 10,
+                    "burst": 5,
+                    "per": "second"
+                  }
+                }
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/json/dumps/0002table_map_0.json-nft b/tests/shell/testcases/json/dumps/0002table_map_0.json-nft
index fe26f289c16796f16ce562807d4cab122b97f765..78e3c8ad20a4aa8675341b0e2b9962e554f920e7 100644 (file)
--- a/tests/shell/testcases/json/dumps/0002table_map_0.json-nft
+++ b/tests/shell/testcases/json/dumps/0002table_map_0.json-nft
@@ -1 +1,33 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"map": {"family": "ip", "name": "m", "table": "t", "type": "ipv4_addr", "handle": 0, "map": "mark", "stmt": [{"counter": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "m",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "mark",
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/json/dumps/0003json_schema_version_0.json-nft b/tests/shell/testcases/json/dumps/0003json_schema_version_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/json/dumps/0003json_schema_version_0.json-nft
+++ b/tests/shell/testcases/json/dumps/0003json_schema_version_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/json/dumps/0004json_schema_version_1.json-nft b/tests/shell/testcases/json/dumps/0004json_schema_version_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/json/dumps/0004json_schema_version_1.json-nft
+++ b/tests/shell/testcases/json/dumps/0004json_schema_version_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/json/dumps/0005secmark_objref_0.json-nft b/tests/shell/testcases/json/dumps/0005secmark_objref_0.json-nft
index 9c8596061b004431534ad40ab7fb833734ac0df6..f5519a6ed49ac453fb0fc446242c709fd1bd075a 100644 (file)
--- a/tests/shell/testcases/json/dumps/0005secmark_objref_0.json-nft
+++ b/tests/shell/testcases/json/dumps/0005secmark_objref_0.json-nft
@@ -1 +1,233 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "x", "handle": 0}}, {"secmark": {"family": "inet", "name": "ssh_server", "table": "x", "handle": 0, "context": "system_u:object_r:ssh_server_packet_t:s0"}}, {"chain": {"family": "inet", "table": "x", "name": "y", "handle": 0, "type": "filter", "hook": "input", "prio": -225, "policy": "accept"}}, {"chain": {"family": "inet", "table": "x", "name": "z", "handle": 0, "type": "filter", "hook": "output", "prio": 225, "policy": "accept"}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 2222}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}, {"secmark": "ssh_server"}]}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}, {"mangle": {"key": {"ct": {"key": "secmark"}}, "value": {"meta": {"key": "secmark"}}}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["established", "related"]}}, {"mangle": {"key": {"meta": {"key": "secmark"}}, "value": {"ct": {"key": "secmark"}}}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "z", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}, {"mangle": {"key": {"ct": {"key": "secmark"}}, "value": {"meta": {"key": "secmark"}}}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "z", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["established", "related"]}}, {"mangle": {"key": {"meta": {"key": "secmark"}}, "value": {"ct": {"key": "secmark"}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "secmark": {
+        "family": "inet",
+        "name": "ssh_server",
+        "table": "x",
+        "handle": 0,
+        "context": "system_u:object_r:ssh_server_packet_t:s0"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -225,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "z",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 225,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 2222
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          },
+          {
+            "secmark": "ssh_server"
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "ct": {
+                  "key": "secmark"
+                }
+              },
+              "value": {
+                "meta": {
+                  "key": "secmark"
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "established",
+                "related"
+              ]
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "secmark"
+                }
+              },
+              "value": {
+                "ct": {
+                  "key": "secmark"
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "ct": {
+                  "key": "secmark"
+                }
+              },
+              "value": {
+                "meta": {
+                  "key": "secmark"
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "established",
+                "related"
+              ]
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "secmark"
+                }
+              },
+              "value": {
+                "ct": {
+                  "key": "secmark"
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/json/dumps/0006obj_comment_0.json-nft b/tests/shell/testcases/json/dumps/0006obj_comment_0.json-nft
index acd2c1cde0bc9bbf0c73ec9f9d0c5c6b26c6537e..208e13adc61749396b72fe7dcde97c06f22322c1 100644 (file)
--- a/tests/shell/testcases/json/dumps/0006obj_comment_0.json-nft
+++ b/tests/shell/testcases/json/dumps/0006obj_comment_0.json-nft
@@ -1 +1,29 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"counter": {"family": "inet", "name": "mycounter", "table": "t", "handle": 0, "comment": "my comment in counter", "packets": 0, "bytes": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "counter": {
+        "family": "inet",
+        "name": "mycounter",
+        "table": "t",
+        "handle": 0,
+        "comment": "my comment in counter",
+        "packets": 0,
+        "bytes": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/json/dumps/netdev.json-nft b/tests/shell/testcases/json/dumps/netdev.json-nft
index 31adaf8616159161d564df27a8b31fc26a2521a6..e0d2bfb4385b7913e4cadb9bb3d948e5b5b7fcc1 100644 (file)
--- a/tests/shell/testcases/json/dumps/netdev.json-nft
+++ b/tests/shell/testcases/json/dumps/netdev.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "netdev", "name": "test_table", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "test_table",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0001ruleset_0.json-nft b/tests/shell/testcases/listing/dumps/0001ruleset_0.json-nft
index f91f6ad211721453df68513b7959bbdba6bf6807..1bb0e1b8bbc86217c51b76186904c936cb7c4c07 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0001ruleset_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0001ruleset_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0002ruleset_0.json-nft b/tests/shell/testcases/listing/dumps/0002ruleset_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0002ruleset_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0002ruleset_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0003table_0.json-nft b/tests/shell/testcases/listing/dumps/0003table_0.json-nft
index f91f6ad211721453df68513b7959bbdba6bf6807..1bb0e1b8bbc86217c51b76186904c936cb7c4c07 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0003table_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0003table_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0004table_0.json-nft b/tests/shell/testcases/listing/dumps/0004table_0.json-nft
index 3bd35669f58de95b7f7fc7e3cd1716057105b2b2..85e9b2879c56bd119c4768306e72d7b423352844 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0004table_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0004table_0.json-nft
@@ -1 +1,25 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"table": {"family": "ip", "name": "test2", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test2",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0005ruleset_ip_0.json-nft b/tests/shell/testcases/listing/dumps/0005ruleset_ip_0.json-nft
index da70d749cad6738ee410ad1d3e9f59652d269ebe..ffd657e528712c2c301855d7ca81086b4c801fb1 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0005ruleset_ip_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0005ruleset_ip_0.json-nft
@@ -1 +1,46 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"table": {"family": "inet", "name": "test", "handle": 0}}, {"table": {"family": "arp", "name": "test", "handle": 0}}, {"table": {"family": "bridge", "name": "test", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0006ruleset_ip6_0.json-nft b/tests/shell/testcases/listing/dumps/0006ruleset_ip6_0.json-nft
index da70d749cad6738ee410ad1d3e9f59652d269ebe..ffd657e528712c2c301855d7ca81086b4c801fb1 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0006ruleset_ip6_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0006ruleset_ip6_0.json-nft
@@ -1 +1,46 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"table": {"family": "inet", "name": "test", "handle": 0}}, {"table": {"family": "arp", "name": "test", "handle": 0}}, {"table": {"family": "bridge", "name": "test", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0007ruleset_inet_0.json-nft b/tests/shell/testcases/listing/dumps/0007ruleset_inet_0.json-nft
index da70d749cad6738ee410ad1d3e9f59652d269ebe..ffd657e528712c2c301855d7ca81086b4c801fb1 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0007ruleset_inet_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0007ruleset_inet_0.json-nft
@@ -1 +1,46 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"table": {"family": "inet", "name": "test", "handle": 0}}, {"table": {"family": "arp", "name": "test", "handle": 0}}, {"table": {"family": "bridge", "name": "test", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0008ruleset_arp_0.json-nft b/tests/shell/testcases/listing/dumps/0008ruleset_arp_0.json-nft
index da70d749cad6738ee410ad1d3e9f59652d269ebe..ffd657e528712c2c301855d7ca81086b4c801fb1 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0008ruleset_arp_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0008ruleset_arp_0.json-nft
@@ -1 +1,46 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"table": {"family": "inet", "name": "test", "handle": 0}}, {"table": {"family": "arp", "name": "test", "handle": 0}}, {"table": {"family": "bridge", "name": "test", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0009ruleset_bridge_0.json-nft b/tests/shell/testcases/listing/dumps/0009ruleset_bridge_0.json-nft
index da70d749cad6738ee410ad1d3e9f59652d269ebe..ffd657e528712c2c301855d7ca81086b4c801fb1 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0009ruleset_bridge_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0009ruleset_bridge_0.json-nft
@@ -1 +1,46 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"table": {"family": "inet", "name": "test", "handle": 0}}, {"table": {"family": "arp", "name": "test", "handle": 0}}, {"table": {"family": "bridge", "name": "test", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0010sets_0.json-nft b/tests/shell/testcases/listing/dumps/0010sets_0.json-nft
index f04be95722cd2aeaea669338dfa4509b37242339..efca892e3667bd92f414f13f1e9fd6c55ea721f8 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0010sets_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0010sets_0.json-nft
@@ -1 +1,124 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "nat", "handle": 0}}, {"set": {"family": "ip", "name": "ssh", "table": "nat", "type": "ipv4_addr", "handle": 0}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"set": {"family": "ip6", "name": "testset", "table": "test", "type": "ipv6_addr", "handle": 0}}, {"table": {"family": "arp", "name": "test_arp", "handle": 0}}, {"set": {"family": "arp", "name": "test_set_arp00", "table": "test_arp", "type": "inet_service", "handle": 0}}, {"set": {"family": "arp", "name": "test_set_arp01", "table": "test_arp", "type": "inet_service", "handle": 0, "flags": ["constant"]}}, {"table": {"family": "bridge", "name": "test_bridge", "handle": 0}}, {"set": {"family": "bridge", "name": "test_set_bridge", "table": "test_bridge", "type": "inet_service", "handle": 0}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "set0", "table": "filter", "type": "inet_service", "handle": 0}}, {"set": {"family": "inet", "name": "set1", "table": "filter", "type": "inet_service", "handle": 0, "flags": ["constant"]}}, {"set": {"family": "inet", "name": "set2", "table": "filter", "type": "icmpv6_type", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "nat",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "ssh",
+        "table": "nat",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip6",
+        "name": "testset",
+        "table": "test",
+        "type": "ipv6_addr",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test_arp",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "arp",
+        "name": "test_set_arp00",
+        "table": "test_arp",
+        "type": "inet_service",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "arp",
+        "name": "test_set_arp01",
+        "table": "test_arp",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "constant"
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test_bridge",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "bridge",
+        "name": "test_set_bridge",
+        "table": "test_bridge",
+        "type": "inet_service",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "set0",
+        "table": "filter",
+        "type": "inet_service",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "set1",
+        "table": "filter",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "constant"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "set2",
+        "table": "filter",
+        "type": "icmpv6_type",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0011sets_0.json-nft b/tests/shell/testcases/listing/dumps/0011sets_0.json-nft
index 4406448010979acbb72cfaf102b18b14370be49a..a742fa459bed4f350d8b0eef3394601ce18bfa52 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0011sets_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0011sets_0.json-nft
@@ -1 +1,220 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "nat", "handle": 0}}, {"chain": {"family": "ip", "table": "nat", "name": "test", "handle": 0}}, {"rule": {"family": "ip", "table": "nat", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [123, 321]}}}]}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"chain": {"family": "ip6", "table": "test", "name": "test", "handle": 0}}, {"rule": {"family": "ip6", "table": "test", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "sport"}}, "right": {"set": [123, 321]}}}]}}, {"table": {"family": "arp", "name": "test_arp", "handle": 0}}, {"chain": {"family": "arp", "table": "test_arp", "name": "test", "handle": 0}}, {"rule": {"family": "arp", "table": "test_arp", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "mark"}}, "right": {"set": [123, 321]}}}]}}, {"table": {"family": "bridge", "name": "test_bridge", "handle": 0}}, {"chain": {"family": "bridge", "table": "test_bridge", "name": "test", "handle": 0}}, {"rule": {"family": "bridge", "table": "test_bridge", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": {"set": ["1.1.1.1", "2.2.2.2"]}}}]}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "test", "handle": 0}}, {"rule": {"family": "inet", "table": "filter", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [80, 443]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "nat",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "nat",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "nat",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  123,
+                  321
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "test",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "sport"
+                }
+              },
+              "right": {
+                "set": [
+                  123,
+                  321
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test_arp",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "arp",
+        "table": "test_arp",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "arp",
+        "table": "test_arp",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "right": {
+                "set": [
+                  123,
+                  321
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test_bridge",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "test_bridge",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "bridge",
+        "table": "test_bridge",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "1.1.1.1",
+                  "2.2.2.2"
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  80,
+                  443
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0012sets_0.json-nft b/tests/shell/testcases/listing/dumps/0012sets_0.json-nft
index f04be95722cd2aeaea669338dfa4509b37242339..efca892e3667bd92f414f13f1e9fd6c55ea721f8 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0012sets_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0012sets_0.json-nft
@@ -1 +1,124 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "nat", "handle": 0}}, {"set": {"family": "ip", "name": "ssh", "table": "nat", "type": "ipv4_addr", "handle": 0}}, {"table": {"family": "ip6", "name": "test", "handle": 0}}, {"set": {"family": "ip6", "name": "testset", "table": "test", "type": "ipv6_addr", "handle": 0}}, {"table": {"family": "arp", "name": "test_arp", "handle": 0}}, {"set": {"family": "arp", "name": "test_set_arp00", "table": "test_arp", "type": "inet_service", "handle": 0}}, {"set": {"family": "arp", "name": "test_set_arp01", "table": "test_arp", "type": "inet_service", "handle": 0, "flags": ["constant"]}}, {"table": {"family": "bridge", "name": "test_bridge", "handle": 0}}, {"set": {"family": "bridge", "name": "test_set_bridge", "table": "test_bridge", "type": "inet_service", "handle": 0}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "set0", "table": "filter", "type": "inet_service", "handle": 0}}, {"set": {"family": "inet", "name": "set1", "table": "filter", "type": "inet_service", "handle": 0, "flags": ["constant"]}}, {"set": {"family": "inet", "name": "set2", "table": "filter", "type": "icmpv6_type", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "nat",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "ssh",
+        "table": "nat",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip6",
+        "name": "testset",
+        "table": "test",
+        "type": "ipv6_addr",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "arp",
+        "name": "test_arp",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "arp",
+        "name": "test_set_arp00",
+        "table": "test_arp",
+        "type": "inet_service",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "arp",
+        "name": "test_set_arp01",
+        "table": "test_arp",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "constant"
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "test_bridge",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "bridge",
+        "name": "test_set_bridge",
+        "table": "test_bridge",
+        "type": "inet_service",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "set0",
+        "table": "filter",
+        "type": "inet_service",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "set1",
+        "table": "filter",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "constant"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "set2",
+        "table": "filter",
+        "type": "icmpv6_type",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0014objects_0.json-nft b/tests/shell/testcases/listing/dumps/0014objects_0.json-nft
index 909ba165bea69733199deebd2278073cd3a3bc00..83f72d40e01cc5cf5e254f59a29a2db95f2c1bc7 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0014objects_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0014objects_0.json-nft
@@ -1 +1,47 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"quota": {"family": "ip", "name": "https-quota", "table": "test", "handle": 0, "bytes": 26214400, "used": 0, "inv": false}}, {"ct helper": {"family": "ip", "name": "cthelp", "table": "test", "handle": 0, "type": "sip", "protocol": "tcp", "l3proto": "ip"}}, {"table": {"family": "ip", "name": "test-ip", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "quota": {
+        "family": "ip",
+        "name": "https-quota",
+        "table": "test",
+        "handle": 0,
+        "bytes": 26214400,
+        "used": 0,
+        "inv": false
+      }
+    },
+    {
+      "ct helper": {
+        "family": "ip",
+        "name": "cthelp",
+        "table": "test",
+        "handle": 0,
+        "type": "sip",
+        "protocol": "tcp",
+        "l3proto": "ip"
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test-ip",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0015dynamic_0.json-nft b/tests/shell/testcases/listing/dumps/0015dynamic_0.json-nft
index f187f53ab68d914107553578e623c707ff7f9353..a94a1b0471d92b4f118506bc3b2b21ec78fb109c 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0015dynamic_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0015dynamic_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"set": {"family": "ip", "name": "test_set", "table": "filter", "type": ["ipv4_addr", "inet_service", "ipv4_addr", "inet_service", "inet_proto"], "handle": 0, "size": 100000, "flags": ["timeout", "dynamic"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "test_set",
+        "table": "filter",
+        "type": [
+          "ipv4_addr",
+          "inet_service",
+          "ipv4_addr",
+          "inet_service",
+          "inet_proto"
+        ],
+        "handle": 0,
+        "size": 100000,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0016anonymous_0.json-nft b/tests/shell/testcases/listing/dumps/0016anonymous_0.json-nft
index 5ce6a975d7f946d065c5a6c4b8ceb74d45e60266..e47ccb8e6a0a5b838609b37e5a3eed3e10a42ce5 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0016anonymous_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0016anonymous_0.json-nft
@@ -1 +1,85 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "1.1.1.1"}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [["1.1.1.1", 2]]}}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "1.1.1.1"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        "1.1.1.1",
+                        2
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0017objects_0.json-nft b/tests/shell/testcases/listing/dumps/0017objects_0.json-nft
index f4ace70ce2a1fa44a186732fb660c5f770ca4f99..d735f7a1e0fc3090ab40e9e22ffcae08f5a98314 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0017objects_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0017objects_0.json-nft
@@ -1 +1,28 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"map": {"family": "inet", "name": "countermap", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "counter"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "inet",
+        "name": "countermap",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "counter"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0018data_0.json-nft b/tests/shell/testcases/listing/dumps/0018data_0.json-nft
index 32afbdc05b291f5cde1819ee580ab0a89aadd509..211dcd3042fb92824f20bddfe29fa08b4a4dd622 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0018data_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0018data_0.json-nft
@@ -1 +1,28 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"map": {"family": "inet", "name": "ipmap", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "inet",
+        "name": "ipmap",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0019set_0.json-nft b/tests/shell/testcases/listing/dumps/0019set_0.json-nft
index e1998dee18c667ad7a6edb7214f1fe781b69b5a5..3bb7cb8a031954b699de0fff1516b389aa65b41a 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0019set_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0019set_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "ipset", "table": "filter", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "ipset",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0020flowtable_0.json-nft b/tests/shell/testcases/listing/dumps/0020flowtable_0.json-nft
index 508310ac88c3252cf00052859bc9a408c62a4f98..d511739abd4b6ee1f30387efbffdcb13b4e94b80 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0020flowtable_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0020flowtable_0.json-nft
@@ -1 +1,67 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"flowtable": {"family": "inet", "name": "f", "table": "filter", "handle": 0, "hook": "ingress", "prio": 0, "dev": "lo"}}, {"flowtable": {"family": "inet", "name": "f2", "table": "filter", "handle": 0, "hook": "ingress", "prio": 0}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"flowtable": {"family": "ip", "name": "f", "table": "filter", "handle": 0, "hook": "ingress", "prio": 0, "dev": "lo"}}, {"flowtable": {"family": "ip", "name": "f2", "table": "filter", "handle": 0, "hook": "ingress", "prio": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "inet",
+        "name": "f",
+        "table": "filter",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
+    },
+    {
+      "flowtable": {
+        "family": "inet",
+        "name": "f2",
+        "table": "filter",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "f",
+        "table": "filter",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "f2",
+        "table": "filter",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0021ruleset_json_terse_0.json-nft b/tests/shell/testcases/listing/dumps/0021ruleset_json_terse_0.json-nft
index a78e230303c674d67e3838d00680080e08d0a0da..e9bc05ac7be1a507a4e89c0a3783f1a57b4480fc 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0021ruleset_json_terse_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0021ruleset_json_terse_0.json-nft
@@ -1 +1,39 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "test", "type": "ipv4_addr", "handle": 0, "elem": ["192.168.3.4", "192.168.3.5"]}}, {"chain": {"family": "ip", "table": "test", "name": "c", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "test",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "192.168.3.4",
+          "192.168.3.5"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "c",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/listing/dumps/0022terse_0.json-nft b/tests/shell/testcases/listing/dumps/0022terse_0.json-nft
index c9fe0769fb6c1d0093d61935a1e96029cb94d3cc..db19d0c3c2b5bd03e065944a4d42bf22ff4abc8a 100644 (file)
--- a/tests/shell/testcases/listing/dumps/0022terse_0.json-nft
+++ b/tests/shell/testcases/listing/dumps/0022terse_0.json-nft
@@ -1 +1,88 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "example", "table": "filter", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": ["10.10.10.10", "10.10.11.11"]}}, {"chain": {"family": "inet", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "input", "handle": 0, "expr": [{"match": {"op": "!=", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": {"set": ["10.10.10.100", "10.10.10.111"]}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@example"}}, {"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "example",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          "10.10.10.10",
+          "10.10.11.11"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "!=",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "10.10.10.100",
+                  "10.10.10.111"
+                ]
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@example"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0003map_add_many_elements_0.json-nft b/tests/shell/testcases/maps/dumps/0003map_add_many_elements_0.json-nft
index e4daeba1a80de07d2f4e7bac3231e9a0f095e708..1b5c2a23e6bb8b6518a6322825005c286dccb403 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0003map_add_many_elements_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0003map_add_many_elements_0.json-nft
@@ -1 +1,3874 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr", "elem": [["10.0.1.1", "10.0.1.1"], ["10.0.1.2", "10.0.1.2"], ["10.0.1.3", "10.0.1.3"], ["10.0.1.4", "10.0.1.4"], ["10.0.1.5", "10.0.1.5"], ["10.0.1.6", "10.0.1.6"], ["10.0.1.7", "10.0.1.7"], ["10.0.1.8", "10.0.1.8"], ["10.0.1.9", "10.0.1.9"], ["10.0.1.10", "10.0.1.10"], ["10.0.1.11", "10.0.1.11"], ["10.0.1.12", "10.0.1.12"], ["10.0.1.13", "10.0.1.13"], ["10.0.1.14", "10.0.1.14"], ["10.0.1.15", "10.0.1.15"], ["10.0.1.16", "10.0.1.16"], ["10.0.1.17", "10.0.1.17"], ["10.0.1.18", "10.0.1.18"], ["10.0.1.19", "10.0.1.19"], ["10.0.1.20", "10.0.1.20"], ["10.0.1.21", "10.0.1.21"], ["10.0.1.22", "10.0.1.22"], ["10.0.1.23", "10.0.1.23"], ["10.0.1.24", "10.0.1.24"], ["10.0.1.25", "10.0.1.25"], ["10.0.1.26", "10.0.1.26"], ["10.0.1.27", "10.0.1.27"], ["10.0.1.28", "10.0.1.28"], ["10.0.1.29", "10.0.1.29"], ["10.0.1.30", "10.0.1.30"], ["10.0.1.31", "10.0.1.31"], ["10.0.2.1", "10.0.2.1"], ["10.0.2.2", "10.0.2.2"], ["10.0.2.3", "10.0.2.3"], ["10.0.2.4", "10.0.2.4"], ["10.0.2.5", "10.0.2.5"], ["10.0.2.6", "10.0.2.6"], ["10.0.2.7", "10.0.2.7"], ["10.0.2.8", "10.0.2.8"], ["10.0.2.9", "10.0.2.9"], ["10.0.2.10", "10.0.2.10"], ["10.0.2.11", "10.0.2.11"], ["10.0.2.12", "10.0.2.12"], ["10.0.2.13", "10.0.2.13"], ["10.0.2.14", "10.0.2.14"], ["10.0.2.15", "10.0.2.15"], ["10.0.2.16", "10.0.2.16"], ["10.0.2.17", "10.0.2.17"], ["10.0.2.18", "10.0.2.18"], ["10.0.2.19", "10.0.2.19"], ["10.0.2.20", "10.0.2.20"], ["10.0.2.21", "10.0.2.21"], ["10.0.2.22", "10.0.2.22"], ["10.0.2.23", "10.0.2.23"], ["10.0.2.24", "10.0.2.24"], ["10.0.2.25", "10.0.2.25"], ["10.0.2.26", "10.0.2.26"], ["10.0.2.27", "10.0.2.27"], ["10.0.2.28", "10.0.2.28"], ["10.0.2.29", "10.0.2.29"], ["10.0.2.30", "10.0.2.30"], ["10.0.2.31", "10.0.2.31"], ["10.0.3.1", "10.0.3.1"], ["10.0.3.2", "10.0.3.2"], ["10.0.3.3", "10.0.3.3"], ["10.0.3.4", "10.0.3.4"], ["10.0.3.5", "10.0.3.5"], ["10.0.3.6", "10.0.3.6"], ["10.0.3.7", "10.0.3.7"], ["10.0.3.8", "10.0.3.8"], ["10.0.3.9", "10.0.3.9"], ["10.0.3.10", "10.0.3.10"], ["10.0.3.11", "10.0.3.11"], ["10.0.3.12", "10.0.3.12"], ["10.0.3.13", "10.0.3.13"], ["10.0.3.14", "10.0.3.14"], ["10.0.3.15", "10.0.3.15"], ["10.0.3.16", "10.0.3.16"], ["10.0.3.17", "10.0.3.17"], ["10.0.3.18", "10.0.3.18"], ["10.0.3.19", "10.0.3.19"], ["10.0.3.20", "10.0.3.20"], ["10.0.3.21", "10.0.3.21"], ["10.0.3.22", "10.0.3.22"], ["10.0.3.23", "10.0.3.23"], ["10.0.3.24", "10.0.3.24"], ["10.0.3.25", "10.0.3.25"], ["10.0.3.26", "10.0.3.26"], ["10.0.3.27", "10.0.3.27"], ["10.0.3.28", "10.0.3.28"], ["10.0.3.29", "10.0.3.29"], ["10.0.3.30", "10.0.3.30"], ["10.0.3.31", "10.0.3.31"], ["10.0.4.1", "10.0.4.1"], ["10.0.4.2", "10.0.4.2"], ["10.0.4.3", "10.0.4.3"], ["10.0.4.4", "10.0.4.4"], ["10.0.4.5", "10.0.4.5"], ["10.0.4.6", "10.0.4.6"], ["10.0.4.7", "10.0.4.7"], ["10.0.4.8", "10.0.4.8"], ["10.0.4.9", "10.0.4.9"], ["10.0.4.10", "10.0.4.10"], ["10.0.4.11", "10.0.4.11"], ["10.0.4.12", "10.0.4.12"], ["10.0.4.13", "10.0.4.13"], ["10.0.4.14", "10.0.4.14"], ["10.0.4.15", "10.0.4.15"], ["10.0.4.16", "10.0.4.16"], ["10.0.4.17", "10.0.4.17"], ["10.0.4.18", "10.0.4.18"], ["10.0.4.19", "10.0.4.19"], ["10.0.4.20", "10.0.4.20"], ["10.0.4.21", "10.0.4.21"], ["10.0.4.22", "10.0.4.22"], ["10.0.4.23", "10.0.4.23"], ["10.0.4.24", "10.0.4.24"], ["10.0.4.25", "10.0.4.25"], ["10.0.4.26", "10.0.4.26"], ["10.0.4.27", "10.0.4.27"], ["10.0.4.28", "10.0.4.28"], ["10.0.4.29", "10.0.4.29"], ["10.0.4.30", "10.0.4.30"], ["10.0.4.31", "10.0.4.31"], ["10.0.5.1", "10.0.5.1"], ["10.0.5.2", "10.0.5.2"], ["10.0.5.3", "10.0.5.3"], ["10.0.5.4", "10.0.5.4"], ["10.0.5.5", "10.0.5.5"], ["10.0.5.6", "10.0.5.6"], ["10.0.5.7", "10.0.5.7"], ["10.0.5.8", "10.0.5.8"], ["10.0.5.9", "10.0.5.9"], ["10.0.5.10", "10.0.5.10"], ["10.0.5.11", "10.0.5.11"], ["10.0.5.12", "10.0.5.12"], ["10.0.5.13", "10.0.5.13"], ["10.0.5.14", "10.0.5.14"], ["10.0.5.15", "10.0.5.15"], ["10.0.5.16", "10.0.5.16"], ["10.0.5.17", "10.0.5.17"], ["10.0.5.18", "10.0.5.18"], ["10.0.5.19", "10.0.5.19"], ["10.0.5.20", "10.0.5.20"], ["10.0.5.21", "10.0.5.21"], ["10.0.5.22", "10.0.5.22"], ["10.0.5.23", "10.0.5.23"], ["10.0.5.24", "10.0.5.24"], ["10.0.5.25", "10.0.5.25"], ["10.0.5.26", "10.0.5.26"], ["10.0.5.27", "10.0.5.27"], ["10.0.5.28", "10.0.5.28"], ["10.0.5.29", "10.0.5.29"], ["10.0.5.30", "10.0.5.30"], ["10.0.5.31", "10.0.5.31"], ["10.0.6.1", "10.0.6.1"], ["10.0.6.2", "10.0.6.2"], ["10.0.6.3", "10.0.6.3"], ["10.0.6.4", "10.0.6.4"], ["10.0.6.5", "10.0.6.5"], ["10.0.6.6", "10.0.6.6"], ["10.0.6.7", "10.0.6.7"], ["10.0.6.8", "10.0.6.8"], ["10.0.6.9", "10.0.6.9"], ["10.0.6.10", "10.0.6.10"], ["10.0.6.11", "10.0.6.11"], ["10.0.6.12", "10.0.6.12"], ["10.0.6.13", "10.0.6.13"], ["10.0.6.14", "10.0.6.14"], ["10.0.6.15", "10.0.6.15"], ["10.0.6.16", "10.0.6.16"], ["10.0.6.17", "10.0.6.17"], ["10.0.6.18", "10.0.6.18"], ["10.0.6.19", "10.0.6.19"], ["10.0.6.20", "10.0.6.20"], ["10.0.6.21", "10.0.6.21"], ["10.0.6.22", "10.0.6.22"], ["10.0.6.23", "10.0.6.23"], ["10.0.6.24", "10.0.6.24"], ["10.0.6.25", "10.0.6.25"], ["10.0.6.26", "10.0.6.26"], ["10.0.6.27", "10.0.6.27"], ["10.0.6.28", "10.0.6.28"], ["10.0.6.29", "10.0.6.29"], ["10.0.6.30", "10.0.6.30"], ["10.0.6.31", "10.0.6.31"], ["10.0.7.1", "10.0.7.1"], ["10.0.7.2", "10.0.7.2"], ["10.0.7.3", "10.0.7.3"], ["10.0.7.4", "10.0.7.4"], ["10.0.7.5", "10.0.7.5"], ["10.0.7.6", "10.0.7.6"], ["10.0.7.7", "10.0.7.7"], ["10.0.7.8", "10.0.7.8"], ["10.0.7.9", "10.0.7.9"], ["10.0.7.10", "10.0.7.10"], ["10.0.7.11", "10.0.7.11"], ["10.0.7.12", "10.0.7.12"], ["10.0.7.13", "10.0.7.13"], ["10.0.7.14", "10.0.7.14"], ["10.0.7.15", "10.0.7.15"], ["10.0.7.16", "10.0.7.16"], ["10.0.7.17", "10.0.7.17"], ["10.0.7.18", "10.0.7.18"], ["10.0.7.19", "10.0.7.19"], ["10.0.7.20", "10.0.7.20"], ["10.0.7.21", "10.0.7.21"], ["10.0.7.22", "10.0.7.22"], ["10.0.7.23", "10.0.7.23"], ["10.0.7.24", "10.0.7.24"], ["10.0.7.25", "10.0.7.25"], ["10.0.7.26", "10.0.7.26"], ["10.0.7.27", "10.0.7.27"], ["10.0.7.28", "10.0.7.28"], ["10.0.7.29", "10.0.7.29"], ["10.0.7.30", "10.0.7.30"], ["10.0.7.31", "10.0.7.31"], ["10.0.8.1", "10.0.8.1"], ["10.0.8.2", "10.0.8.2"], ["10.0.8.3", "10.0.8.3"], ["10.0.8.4", "10.0.8.4"], ["10.0.8.5", "10.0.8.5"], ["10.0.8.6", "10.0.8.6"], ["10.0.8.7", "10.0.8.7"], ["10.0.8.8", "10.0.8.8"], ["10.0.8.9", "10.0.8.9"], ["10.0.8.10", "10.0.8.10"], ["10.0.8.11", "10.0.8.11"], ["10.0.8.12", "10.0.8.12"], ["10.0.8.13", "10.0.8.13"], ["10.0.8.14", "10.0.8.14"], ["10.0.8.15", "10.0.8.15"], ["10.0.8.16", "10.0.8.16"], ["10.0.8.17", "10.0.8.17"], ["10.0.8.18", "10.0.8.18"], ["10.0.8.19", "10.0.8.19"], ["10.0.8.20", "10.0.8.20"], ["10.0.8.21", "10.0.8.21"], ["10.0.8.22", "10.0.8.22"], ["10.0.8.23", "10.0.8.23"], ["10.0.8.24", "10.0.8.24"], ["10.0.8.25", "10.0.8.25"], ["10.0.8.26", "10.0.8.26"], ["10.0.8.27", "10.0.8.27"], ["10.0.8.28", "10.0.8.28"], ["10.0.8.29", "10.0.8.29"], ["10.0.8.30", "10.0.8.30"], ["10.0.8.31", "10.0.8.31"], ["10.0.9.1", "10.0.9.1"], ["10.0.9.2", "10.0.9.2"], ["10.0.9.3", "10.0.9.3"], ["10.0.9.4", "10.0.9.4"], ["10.0.9.5", "10.0.9.5"], ["10.0.9.6", "10.0.9.6"], ["10.0.9.7", "10.0.9.7"], ["10.0.9.8", "10.0.9.8"], ["10.0.9.9", "10.0.9.9"], ["10.0.9.10", "10.0.9.10"], ["10.0.9.11", "10.0.9.11"], ["10.0.9.12", "10.0.9.12"], ["10.0.9.13", "10.0.9.13"], ["10.0.9.14", "10.0.9.14"], ["10.0.9.15", "10.0.9.15"], ["10.0.9.16", "10.0.9.16"], ["10.0.9.17", "10.0.9.17"], ["10.0.9.18", "10.0.9.18"], ["10.0.9.19", "10.0.9.19"], ["10.0.9.20", "10.0.9.20"], ["10.0.9.21", "10.0.9.21"], ["10.0.9.22", "10.0.9.22"], ["10.0.9.23", "10.0.9.23"], ["10.0.9.24", "10.0.9.24"], ["10.0.9.25", "10.0.9.25"], ["10.0.9.26", "10.0.9.26"], ["10.0.9.27", "10.0.9.27"], ["10.0.9.28", "10.0.9.28"], ["10.0.9.29", "10.0.9.29"], ["10.0.9.30", "10.0.9.30"], ["10.0.9.31", "10.0.9.31"], ["10.0.10.1", "10.0.10.1"], ["10.0.10.2", "10.0.10.2"], ["10.0.10.3", "10.0.10.3"], ["10.0.10.4", "10.0.10.4"], ["10.0.10.5", "10.0.10.5"], ["10.0.10.6", "10.0.10.6"], ["10.0.10.7", "10.0.10.7"], ["10.0.10.8", "10.0.10.8"], ["10.0.10.9", "10.0.10.9"], ["10.0.10.10", "10.0.10.10"], ["10.0.10.11", "10.0.10.11"], ["10.0.10.12", "10.0.10.12"], ["10.0.10.13", "10.0.10.13"], ["10.0.10.14", "10.0.10.14"], ["10.0.10.15", "10.0.10.15"], ["10.0.10.16", "10.0.10.16"], ["10.0.10.17", "10.0.10.17"], ["10.0.10.18", "10.0.10.18"], ["10.0.10.19", "10.0.10.19"], ["10.0.10.20", "10.0.10.20"], ["10.0.10.21", "10.0.10.21"], ["10.0.10.22", "10.0.10.22"], ["10.0.10.23", "10.0.10.23"], ["10.0.10.24", "10.0.10.24"], ["10.0.10.25", "10.0.10.25"], ["10.0.10.26", "10.0.10.26"], ["10.0.10.27", "10.0.10.27"], ["10.0.10.28", "10.0.10.28"], ["10.0.10.29", "10.0.10.29"], ["10.0.10.30", "10.0.10.30"], ["10.0.10.31", "10.0.10.31"], ["10.0.11.1", "10.0.11.1"], ["10.0.11.2", "10.0.11.2"], ["10.0.11.3", "10.0.11.3"], ["10.0.11.4", "10.0.11.4"], ["10.0.11.5", "10.0.11.5"], ["10.0.11.6", "10.0.11.6"], ["10.0.11.7", "10.0.11.7"], ["10.0.11.8", "10.0.11.8"], ["10.0.11.9", "10.0.11.9"], ["10.0.11.10", "10.0.11.10"], ["10.0.11.11", "10.0.11.11"], ["10.0.11.12", "10.0.11.12"], ["10.0.11.13", "10.0.11.13"], ["10.0.11.14", "10.0.11.14"], ["10.0.11.15", "10.0.11.15"], ["10.0.11.16", "10.0.11.16"], ["10.0.11.17", "10.0.11.17"], ["10.0.11.18", "10.0.11.18"], ["10.0.11.19", "10.0.11.19"], ["10.0.11.20", "10.0.11.20"], ["10.0.11.21", "10.0.11.21"], ["10.0.11.22", "10.0.11.22"], ["10.0.11.23", "10.0.11.23"], ["10.0.11.24", "10.0.11.24"], ["10.0.11.25", "10.0.11.25"], ["10.0.11.26", "10.0.11.26"], ["10.0.11.27", "10.0.11.27"], ["10.0.11.28", "10.0.11.28"], ["10.0.11.29", "10.0.11.29"], ["10.0.11.30", "10.0.11.30"], ["10.0.11.31", "10.0.11.31"], ["10.0.12.1", "10.0.12.1"], ["10.0.12.2", "10.0.12.2"], ["10.0.12.3", "10.0.12.3"], ["10.0.12.4", "10.0.12.4"], ["10.0.12.5", "10.0.12.5"], ["10.0.12.6", "10.0.12.6"], ["10.0.12.7", "10.0.12.7"], ["10.0.12.8", "10.0.12.8"], ["10.0.12.9", "10.0.12.9"], ["10.0.12.10", "10.0.12.10"], ["10.0.12.11", "10.0.12.11"], ["10.0.12.12", "10.0.12.12"], ["10.0.12.13", "10.0.12.13"], ["10.0.12.14", "10.0.12.14"], ["10.0.12.15", "10.0.12.15"], ["10.0.12.16", "10.0.12.16"], ["10.0.12.17", "10.0.12.17"], ["10.0.12.18", "10.0.12.18"], ["10.0.12.19", "10.0.12.19"], ["10.0.12.20", "10.0.12.20"], ["10.0.12.21", "10.0.12.21"], ["10.0.12.22", "10.0.12.22"], ["10.0.12.23", "10.0.12.23"], ["10.0.12.24", "10.0.12.24"], ["10.0.12.25", "10.0.12.25"], ["10.0.12.26", "10.0.12.26"], ["10.0.12.27", "10.0.12.27"], ["10.0.12.28", "10.0.12.28"], ["10.0.12.29", "10.0.12.29"], ["10.0.12.30", "10.0.12.30"], ["10.0.12.31", "10.0.12.31"], ["10.0.13.1", "10.0.13.1"], ["10.0.13.2", "10.0.13.2"], ["10.0.13.3", "10.0.13.3"], ["10.0.13.4", "10.0.13.4"], ["10.0.13.5", "10.0.13.5"], ["10.0.13.6", "10.0.13.6"], ["10.0.13.7", "10.0.13.7"], ["10.0.13.8", "10.0.13.8"], ["10.0.13.9", "10.0.13.9"], ["10.0.13.10", "10.0.13.10"], ["10.0.13.11", "10.0.13.11"], ["10.0.13.12", "10.0.13.12"], ["10.0.13.13", "10.0.13.13"], ["10.0.13.14", "10.0.13.14"], ["10.0.13.15", "10.0.13.15"], ["10.0.13.16", "10.0.13.16"], ["10.0.13.17", "10.0.13.17"], ["10.0.13.18", "10.0.13.18"], ["10.0.13.19", "10.0.13.19"], ["10.0.13.20", "10.0.13.20"], ["10.0.13.21", "10.0.13.21"], ["10.0.13.22", "10.0.13.22"], ["10.0.13.23", "10.0.13.23"], ["10.0.13.24", "10.0.13.24"], ["10.0.13.25", "10.0.13.25"], ["10.0.13.26", "10.0.13.26"], ["10.0.13.27", "10.0.13.27"], ["10.0.13.28", "10.0.13.28"], ["10.0.13.29", "10.0.13.29"], ["10.0.13.30", "10.0.13.30"], ["10.0.13.31", "10.0.13.31"], ["10.0.14.1", "10.0.14.1"], ["10.0.14.2", "10.0.14.2"], ["10.0.14.3", "10.0.14.3"], ["10.0.14.4", "10.0.14.4"], ["10.0.14.5", "10.0.14.5"], ["10.0.14.6", "10.0.14.6"], ["10.0.14.7", "10.0.14.7"], ["10.0.14.8", "10.0.14.8"], ["10.0.14.9", "10.0.14.9"], ["10.0.14.10", "10.0.14.10"], ["10.0.14.11", "10.0.14.11"], ["10.0.14.12", "10.0.14.12"], ["10.0.14.13", "10.0.14.13"], ["10.0.14.14", "10.0.14.14"], ["10.0.14.15", "10.0.14.15"], ["10.0.14.16", "10.0.14.16"], ["10.0.14.17", "10.0.14.17"], ["10.0.14.18", "10.0.14.18"], ["10.0.14.19", "10.0.14.19"], ["10.0.14.20", "10.0.14.20"], ["10.0.14.21", "10.0.14.21"], ["10.0.14.22", "10.0.14.22"], ["10.0.14.23", "10.0.14.23"], ["10.0.14.24", "10.0.14.24"], ["10.0.14.25", "10.0.14.25"], ["10.0.14.26", "10.0.14.26"], ["10.0.14.27", "10.0.14.27"], ["10.0.14.28", "10.0.14.28"], ["10.0.14.29", "10.0.14.29"], ["10.0.14.30", "10.0.14.30"], ["10.0.14.31", "10.0.14.31"], ["10.0.15.1", "10.0.15.1"], ["10.0.15.2", "10.0.15.2"], ["10.0.15.3", "10.0.15.3"], ["10.0.15.4", "10.0.15.4"], ["10.0.15.5", "10.0.15.5"], ["10.0.15.6", "10.0.15.6"], ["10.0.15.7", "10.0.15.7"], ["10.0.15.8", "10.0.15.8"], ["10.0.15.9", "10.0.15.9"], ["10.0.15.10", "10.0.15.10"], ["10.0.15.11", "10.0.15.11"], ["10.0.15.12", "10.0.15.12"], ["10.0.15.13", "10.0.15.13"], ["10.0.15.14", "10.0.15.14"], ["10.0.15.15", "10.0.15.15"], ["10.0.15.16", "10.0.15.16"], ["10.0.15.17", "10.0.15.17"], ["10.0.15.18", "10.0.15.18"], ["10.0.15.19", "10.0.15.19"], ["10.0.15.20", "10.0.15.20"], ["10.0.15.21", "10.0.15.21"], ["10.0.15.22", "10.0.15.22"], ["10.0.15.23", "10.0.15.23"], ["10.0.15.24", "10.0.15.24"], ["10.0.15.25", "10.0.15.25"], ["10.0.15.26", "10.0.15.26"], ["10.0.15.27", "10.0.15.27"], ["10.0.15.28", "10.0.15.28"], ["10.0.15.29", "10.0.15.29"], ["10.0.15.30", "10.0.15.30"], ["10.0.15.31", "10.0.15.31"], ["10.0.16.1", "10.0.16.1"], ["10.0.16.2", "10.0.16.2"], ["10.0.16.3", "10.0.16.3"], ["10.0.16.4", "10.0.16.4"], ["10.0.16.5", "10.0.16.5"], ["10.0.16.6", "10.0.16.6"], ["10.0.16.7", "10.0.16.7"], ["10.0.16.8", "10.0.16.8"], ["10.0.16.9", "10.0.16.9"], ["10.0.16.10", "10.0.16.10"], ["10.0.16.11", "10.0.16.11"], ["10.0.16.12", "10.0.16.12"], ["10.0.16.13", "10.0.16.13"], ["10.0.16.14", "10.0.16.14"], ["10.0.16.15", "10.0.16.15"], ["10.0.16.16", "10.0.16.16"], ["10.0.16.17", "10.0.16.17"], ["10.0.16.18", "10.0.16.18"], ["10.0.16.19", "10.0.16.19"], ["10.0.16.20", "10.0.16.20"], ["10.0.16.21", "10.0.16.21"], ["10.0.16.22", "10.0.16.22"], ["10.0.16.23", "10.0.16.23"], ["10.0.16.24", "10.0.16.24"], ["10.0.16.25", "10.0.16.25"], ["10.0.16.26", "10.0.16.26"], ["10.0.16.27", "10.0.16.27"], ["10.0.16.28", "10.0.16.28"], ["10.0.16.29", "10.0.16.29"], ["10.0.16.30", "10.0.16.30"], ["10.0.16.31", "10.0.16.31"], ["10.0.17.1", "10.0.17.1"], ["10.0.17.2", "10.0.17.2"], ["10.0.17.3", "10.0.17.3"], ["10.0.17.4", "10.0.17.4"], ["10.0.17.5", "10.0.17.5"], ["10.0.17.6", "10.0.17.6"], ["10.0.17.7", "10.0.17.7"], ["10.0.17.8", "10.0.17.8"], ["10.0.17.9", "10.0.17.9"], ["10.0.17.10", "10.0.17.10"], ["10.0.17.11", "10.0.17.11"], ["10.0.17.12", "10.0.17.12"], ["10.0.17.13", "10.0.17.13"], ["10.0.17.14", "10.0.17.14"], ["10.0.17.15", "10.0.17.15"], ["10.0.17.16", "10.0.17.16"], ["10.0.17.17", "10.0.17.17"], ["10.0.17.18", "10.0.17.18"], ["10.0.17.19", "10.0.17.19"], ["10.0.17.20", "10.0.17.20"], ["10.0.17.21", "10.0.17.21"], ["10.0.17.22", "10.0.17.22"], ["10.0.17.23", "10.0.17.23"], ["10.0.17.24", "10.0.17.24"], ["10.0.17.25", "10.0.17.25"], ["10.0.17.26", "10.0.17.26"], ["10.0.17.27", "10.0.17.27"], ["10.0.17.28", "10.0.17.28"], ["10.0.17.29", "10.0.17.29"], ["10.0.17.30", "10.0.17.30"], ["10.0.17.31", "10.0.17.31"], ["10.0.18.1", "10.0.18.1"], ["10.0.18.2", "10.0.18.2"], ["10.0.18.3", "10.0.18.3"], ["10.0.18.4", "10.0.18.4"], ["10.0.18.5", "10.0.18.5"], ["10.0.18.6", "10.0.18.6"], ["10.0.18.7", "10.0.18.7"], ["10.0.18.8", "10.0.18.8"], ["10.0.18.9", "10.0.18.9"], ["10.0.18.10", "10.0.18.10"], ["10.0.18.11", "10.0.18.11"], ["10.0.18.12", "10.0.18.12"], ["10.0.18.13", "10.0.18.13"], ["10.0.18.14", "10.0.18.14"], ["10.0.18.15", "10.0.18.15"], ["10.0.18.16", "10.0.18.16"], ["10.0.18.17", "10.0.18.17"], ["10.0.18.18", "10.0.18.18"], ["10.0.18.19", "10.0.18.19"], ["10.0.18.20", "10.0.18.20"], ["10.0.18.21", "10.0.18.21"], ["10.0.18.22", "10.0.18.22"], ["10.0.18.23", "10.0.18.23"], ["10.0.18.24", "10.0.18.24"], ["10.0.18.25", "10.0.18.25"], ["10.0.18.26", "10.0.18.26"], ["10.0.18.27", "10.0.18.27"], ["10.0.18.28", "10.0.18.28"], ["10.0.18.29", "10.0.18.29"], ["10.0.18.30", "10.0.18.30"], ["10.0.18.31", "10.0.18.31"], ["10.0.19.1", "10.0.19.1"], ["10.0.19.2", "10.0.19.2"], ["10.0.19.3", "10.0.19.3"], ["10.0.19.4", "10.0.19.4"], ["10.0.19.5", "10.0.19.5"], ["10.0.19.6", "10.0.19.6"], ["10.0.19.7", "10.0.19.7"], ["10.0.19.8", "10.0.19.8"], ["10.0.19.9", "10.0.19.9"], ["10.0.19.10", "10.0.19.10"], ["10.0.19.11", "10.0.19.11"], ["10.0.19.12", "10.0.19.12"], ["10.0.19.13", "10.0.19.13"], ["10.0.19.14", "10.0.19.14"], ["10.0.19.15", "10.0.19.15"], ["10.0.19.16", "10.0.19.16"], ["10.0.19.17", "10.0.19.17"], ["10.0.19.18", "10.0.19.18"], ["10.0.19.19", "10.0.19.19"], ["10.0.19.20", "10.0.19.20"], ["10.0.19.21", "10.0.19.21"], ["10.0.19.22", "10.0.19.22"], ["10.0.19.23", "10.0.19.23"], ["10.0.19.24", "10.0.19.24"], ["10.0.19.25", "10.0.19.25"], ["10.0.19.26", "10.0.19.26"], ["10.0.19.27", "10.0.19.27"], ["10.0.19.28", "10.0.19.28"], ["10.0.19.29", "10.0.19.29"], ["10.0.19.30", "10.0.19.30"], ["10.0.19.31", "10.0.19.31"], ["10.0.20.1", "10.0.20.1"], ["10.0.20.2", "10.0.20.2"], ["10.0.20.3", "10.0.20.3"], ["10.0.20.4", "10.0.20.4"], ["10.0.20.5", "10.0.20.5"], ["10.0.20.6", "10.0.20.6"], ["10.0.20.7", "10.0.20.7"], ["10.0.20.8", "10.0.20.8"], ["10.0.20.9", "10.0.20.9"], ["10.0.20.10", "10.0.20.10"], ["10.0.20.11", "10.0.20.11"], ["10.0.20.12", "10.0.20.12"], ["10.0.20.13", "10.0.20.13"], ["10.0.20.14", "10.0.20.14"], ["10.0.20.15", "10.0.20.15"], ["10.0.20.16", "10.0.20.16"], ["10.0.20.17", "10.0.20.17"], ["10.0.20.18", "10.0.20.18"], ["10.0.20.19", "10.0.20.19"], ["10.0.20.20", "10.0.20.20"], ["10.0.20.21", "10.0.20.21"], ["10.0.20.22", "10.0.20.22"], ["10.0.20.23", "10.0.20.23"], ["10.0.20.24", "10.0.20.24"], ["10.0.20.25", "10.0.20.25"], ["10.0.20.26", "10.0.20.26"], ["10.0.20.27", "10.0.20.27"], ["10.0.20.28", "10.0.20.28"], ["10.0.20.29", "10.0.20.29"], ["10.0.20.30", "10.0.20.30"], ["10.0.20.31", "10.0.20.31"], ["10.0.21.1", "10.0.21.1"], ["10.0.21.2", "10.0.21.2"], ["10.0.21.3", "10.0.21.3"], ["10.0.21.4", "10.0.21.4"], ["10.0.21.5", "10.0.21.5"], ["10.0.21.6", "10.0.21.6"], ["10.0.21.7", "10.0.21.7"], ["10.0.21.8", "10.0.21.8"], ["10.0.21.9", "10.0.21.9"], ["10.0.21.10", "10.0.21.10"], ["10.0.21.11", "10.0.21.11"], ["10.0.21.12", "10.0.21.12"], ["10.0.21.13", "10.0.21.13"], ["10.0.21.14", "10.0.21.14"], ["10.0.21.15", "10.0.21.15"], ["10.0.21.16", "10.0.21.16"], ["10.0.21.17", "10.0.21.17"], ["10.0.21.18", "10.0.21.18"], ["10.0.21.19", "10.0.21.19"], ["10.0.21.20", "10.0.21.20"], ["10.0.21.21", "10.0.21.21"], ["10.0.21.22", "10.0.21.22"], ["10.0.21.23", "10.0.21.23"], ["10.0.21.24", "10.0.21.24"], ["10.0.21.25", "10.0.21.25"], ["10.0.21.26", "10.0.21.26"], ["10.0.21.27", "10.0.21.27"], ["10.0.21.28", "10.0.21.28"], ["10.0.21.29", "10.0.21.29"], ["10.0.21.30", "10.0.21.30"], ["10.0.21.31", "10.0.21.31"], ["10.0.22.1", "10.0.22.1"], ["10.0.22.2", "10.0.22.2"], ["10.0.22.3", "10.0.22.3"], ["10.0.22.4", "10.0.22.4"], ["10.0.22.5", "10.0.22.5"], ["10.0.22.6", "10.0.22.6"], ["10.0.22.7", "10.0.22.7"], ["10.0.22.8", "10.0.22.8"], ["10.0.22.9", "10.0.22.9"], ["10.0.22.10", "10.0.22.10"], ["10.0.22.11", "10.0.22.11"], ["10.0.22.12", "10.0.22.12"], ["10.0.22.13", "10.0.22.13"], ["10.0.22.14", "10.0.22.14"], ["10.0.22.15", "10.0.22.15"], ["10.0.22.16", "10.0.22.16"], ["10.0.22.17", "10.0.22.17"], ["10.0.22.18", "10.0.22.18"], ["10.0.22.19", "10.0.22.19"], ["10.0.22.20", "10.0.22.20"], ["10.0.22.21", "10.0.22.21"], ["10.0.22.22", "10.0.22.22"], ["10.0.22.23", "10.0.22.23"], ["10.0.22.24", "10.0.22.24"], ["10.0.22.25", "10.0.22.25"], ["10.0.22.26", "10.0.22.26"], ["10.0.22.27", "10.0.22.27"], ["10.0.22.28", "10.0.22.28"], ["10.0.22.29", "10.0.22.29"], ["10.0.22.30", "10.0.22.30"], ["10.0.22.31", "10.0.22.31"], ["10.0.23.1", "10.0.23.1"], ["10.0.23.2", "10.0.23.2"], ["10.0.23.3", "10.0.23.3"], ["10.0.23.4", "10.0.23.4"], ["10.0.23.5", "10.0.23.5"], ["10.0.23.6", "10.0.23.6"], ["10.0.23.7", "10.0.23.7"], ["10.0.23.8", "10.0.23.8"], ["10.0.23.9", "10.0.23.9"], ["10.0.23.10", "10.0.23.10"], ["10.0.23.11", "10.0.23.11"], ["10.0.23.12", "10.0.23.12"], ["10.0.23.13", "10.0.23.13"], ["10.0.23.14", "10.0.23.14"], ["10.0.23.15", "10.0.23.15"], ["10.0.23.16", "10.0.23.16"], ["10.0.23.17", "10.0.23.17"], ["10.0.23.18", "10.0.23.18"], ["10.0.23.19", "10.0.23.19"], ["10.0.23.20", "10.0.23.20"], ["10.0.23.21", "10.0.23.21"], ["10.0.23.22", "10.0.23.22"], ["10.0.23.23", "10.0.23.23"], ["10.0.23.24", "10.0.23.24"], ["10.0.23.25", "10.0.23.25"], ["10.0.23.26", "10.0.23.26"], ["10.0.23.27", "10.0.23.27"], ["10.0.23.28", "10.0.23.28"], ["10.0.23.29", "10.0.23.29"], ["10.0.23.30", "10.0.23.30"], ["10.0.23.31", "10.0.23.31"], ["10.0.24.1", "10.0.24.1"], ["10.0.24.2", "10.0.24.2"], ["10.0.24.3", "10.0.24.3"], ["10.0.24.4", "10.0.24.4"], ["10.0.24.5", "10.0.24.5"], ["10.0.24.6", "10.0.24.6"], ["10.0.24.7", "10.0.24.7"], ["10.0.24.8", "10.0.24.8"], ["10.0.24.9", "10.0.24.9"], ["10.0.24.10", "10.0.24.10"], ["10.0.24.11", "10.0.24.11"], ["10.0.24.12", "10.0.24.12"], ["10.0.24.13", "10.0.24.13"], ["10.0.24.14", "10.0.24.14"], ["10.0.24.15", "10.0.24.15"], ["10.0.24.16", "10.0.24.16"], ["10.0.24.17", "10.0.24.17"], ["10.0.24.18", "10.0.24.18"], ["10.0.24.19", "10.0.24.19"], ["10.0.24.20", "10.0.24.20"], ["10.0.24.21", "10.0.24.21"], ["10.0.24.22", "10.0.24.22"], ["10.0.24.23", "10.0.24.23"], ["10.0.24.24", "10.0.24.24"], ["10.0.24.25", "10.0.24.25"], ["10.0.24.26", "10.0.24.26"], ["10.0.24.27", "10.0.24.27"], ["10.0.24.28", "10.0.24.28"], ["10.0.24.29", "10.0.24.29"], ["10.0.24.30", "10.0.24.30"], ["10.0.24.31", "10.0.24.31"], ["10.0.25.1", "10.0.25.1"], ["10.0.25.2", "10.0.25.2"], ["10.0.25.3", "10.0.25.3"], ["10.0.25.4", "10.0.25.4"], ["10.0.25.5", "10.0.25.5"], ["10.0.25.6", "10.0.25.6"], ["10.0.25.7", "10.0.25.7"], ["10.0.25.8", "10.0.25.8"], ["10.0.25.9", "10.0.25.9"], ["10.0.25.10", "10.0.25.10"], ["10.0.25.11", "10.0.25.11"], ["10.0.25.12", "10.0.25.12"], ["10.0.25.13", "10.0.25.13"], ["10.0.25.14", "10.0.25.14"], ["10.0.25.15", "10.0.25.15"], ["10.0.25.16", "10.0.25.16"], ["10.0.25.17", "10.0.25.17"], ["10.0.25.18", "10.0.25.18"], ["10.0.25.19", "10.0.25.19"], ["10.0.25.20", "10.0.25.20"], ["10.0.25.21", "10.0.25.21"], ["10.0.25.22", "10.0.25.22"], ["10.0.25.23", "10.0.25.23"], ["10.0.25.24", "10.0.25.24"], ["10.0.25.25", "10.0.25.25"], ["10.0.25.26", "10.0.25.26"], ["10.0.25.27", "10.0.25.27"], ["10.0.25.28", "10.0.25.28"], ["10.0.25.29", "10.0.25.29"], ["10.0.25.30", "10.0.25.30"], ["10.0.25.31", "10.0.25.31"], ["10.0.26.1", "10.0.26.1"], ["10.0.26.2", "10.0.26.2"], ["10.0.26.3", "10.0.26.3"], ["10.0.26.4", "10.0.26.4"], ["10.0.26.5", "10.0.26.5"], ["10.0.26.6", "10.0.26.6"], ["10.0.26.7", "10.0.26.7"], ["10.0.26.8", "10.0.26.8"], ["10.0.26.9", "10.0.26.9"], ["10.0.26.10", "10.0.26.10"], ["10.0.26.11", "10.0.26.11"], ["10.0.26.12", "10.0.26.12"], ["10.0.26.13", "10.0.26.13"], ["10.0.26.14", "10.0.26.14"], ["10.0.26.15", "10.0.26.15"], ["10.0.26.16", "10.0.26.16"], ["10.0.26.17", "10.0.26.17"], ["10.0.26.18", "10.0.26.18"], ["10.0.26.19", "10.0.26.19"], ["10.0.26.20", "10.0.26.20"], ["10.0.26.21", "10.0.26.21"], ["10.0.26.22", "10.0.26.22"], ["10.0.26.23", "10.0.26.23"], ["10.0.26.24", "10.0.26.24"], ["10.0.26.25", "10.0.26.25"], ["10.0.26.26", "10.0.26.26"], ["10.0.26.27", "10.0.26.27"], ["10.0.26.28", "10.0.26.28"], ["10.0.26.29", "10.0.26.29"], ["10.0.26.30", "10.0.26.30"], ["10.0.26.31", "10.0.26.31"], ["10.0.27.1", "10.0.27.1"], ["10.0.27.2", "10.0.27.2"], ["10.0.27.3", "10.0.27.3"], ["10.0.27.4", "10.0.27.4"], ["10.0.27.5", "10.0.27.5"], ["10.0.27.6", "10.0.27.6"], ["10.0.27.7", "10.0.27.7"], ["10.0.27.8", "10.0.27.8"], ["10.0.27.9", "10.0.27.9"], ["10.0.27.10", "10.0.27.10"], ["10.0.27.11", "10.0.27.11"], ["10.0.27.12", "10.0.27.12"], ["10.0.27.13", "10.0.27.13"], ["10.0.27.14", "10.0.27.14"], ["10.0.27.15", "10.0.27.15"], ["10.0.27.16", "10.0.27.16"], ["10.0.27.17", "10.0.27.17"], ["10.0.27.18", "10.0.27.18"], ["10.0.27.19", "10.0.27.19"], ["10.0.27.20", "10.0.27.20"], ["10.0.27.21", "10.0.27.21"], ["10.0.27.22", "10.0.27.22"], ["10.0.27.23", "10.0.27.23"], ["10.0.27.24", "10.0.27.24"], ["10.0.27.25", "10.0.27.25"], ["10.0.27.26", "10.0.27.26"], ["10.0.27.27", "10.0.27.27"], ["10.0.27.28", "10.0.27.28"], ["10.0.27.29", "10.0.27.29"], ["10.0.27.30", "10.0.27.30"], ["10.0.27.31", "10.0.27.31"], ["10.0.28.1", "10.0.28.1"], ["10.0.28.2", "10.0.28.2"], ["10.0.28.3", "10.0.28.3"], ["10.0.28.4", "10.0.28.4"], ["10.0.28.5", "10.0.28.5"], ["10.0.28.6", "10.0.28.6"], ["10.0.28.7", "10.0.28.7"], ["10.0.28.8", "10.0.28.8"], ["10.0.28.9", "10.0.28.9"], ["10.0.28.10", "10.0.28.10"], ["10.0.28.11", "10.0.28.11"], ["10.0.28.12", "10.0.28.12"], ["10.0.28.13", "10.0.28.13"], ["10.0.28.14", "10.0.28.14"], ["10.0.28.15", "10.0.28.15"], ["10.0.28.16", "10.0.28.16"], ["10.0.28.17", "10.0.28.17"], ["10.0.28.18", "10.0.28.18"], ["10.0.28.19", "10.0.28.19"], ["10.0.28.20", "10.0.28.20"], ["10.0.28.21", "10.0.28.21"], ["10.0.28.22", "10.0.28.22"], ["10.0.28.23", "10.0.28.23"], ["10.0.28.24", "10.0.28.24"], ["10.0.28.25", "10.0.28.25"], ["10.0.28.26", "10.0.28.26"], ["10.0.28.27", "10.0.28.27"], ["10.0.28.28", "10.0.28.28"], ["10.0.28.29", "10.0.28.29"], ["10.0.28.30", "10.0.28.30"], ["10.0.28.31", "10.0.28.31"], ["10.0.29.1", "10.0.29.1"], ["10.0.29.2", "10.0.29.2"], ["10.0.29.3", "10.0.29.3"], ["10.0.29.4", "10.0.29.4"], ["10.0.29.5", "10.0.29.5"], ["10.0.29.6", "10.0.29.6"], ["10.0.29.7", "10.0.29.7"], ["10.0.29.8", "10.0.29.8"], ["10.0.29.9", "10.0.29.9"], ["10.0.29.10", "10.0.29.10"], ["10.0.29.11", "10.0.29.11"], ["10.0.29.12", "10.0.29.12"], ["10.0.29.13", "10.0.29.13"], ["10.0.29.14", "10.0.29.14"], ["10.0.29.15", "10.0.29.15"], ["10.0.29.16", "10.0.29.16"], ["10.0.29.17", "10.0.29.17"], ["10.0.29.18", "10.0.29.18"], ["10.0.29.19", "10.0.29.19"], ["10.0.29.20", "10.0.29.20"], ["10.0.29.21", "10.0.29.21"], ["10.0.29.22", "10.0.29.22"], ["10.0.29.23", "10.0.29.23"], ["10.0.29.24", "10.0.29.24"], ["10.0.29.25", "10.0.29.25"], ["10.0.29.26", "10.0.29.26"], ["10.0.29.27", "10.0.29.27"], ["10.0.29.28", "10.0.29.28"], ["10.0.29.29", "10.0.29.29"], ["10.0.29.30", "10.0.29.30"], ["10.0.29.31", "10.0.29.31"], ["10.0.30.1", "10.0.30.1"], ["10.0.30.2", "10.0.30.2"], ["10.0.30.3", "10.0.30.3"], ["10.0.30.4", "10.0.30.4"], ["10.0.30.5", "10.0.30.5"], ["10.0.30.6", "10.0.30.6"], ["10.0.30.7", "10.0.30.7"], ["10.0.30.8", "10.0.30.8"], ["10.0.30.9", "10.0.30.9"], ["10.0.30.10", "10.0.30.10"], ["10.0.30.11", "10.0.30.11"], ["10.0.30.12", "10.0.30.12"], ["10.0.30.13", "10.0.30.13"], ["10.0.30.14", "10.0.30.14"], ["10.0.30.15", "10.0.30.15"], ["10.0.30.16", "10.0.30.16"], ["10.0.30.17", "10.0.30.17"], ["10.0.30.18", "10.0.30.18"], ["10.0.30.19", "10.0.30.19"], ["10.0.30.20", "10.0.30.20"], ["10.0.30.21", "10.0.30.21"], ["10.0.30.22", "10.0.30.22"], ["10.0.30.23", "10.0.30.23"], ["10.0.30.24", "10.0.30.24"], ["10.0.30.25", "10.0.30.25"], ["10.0.30.26", "10.0.30.26"], ["10.0.30.27", "10.0.30.27"], ["10.0.30.28", "10.0.30.28"], ["10.0.30.29", "10.0.30.29"], ["10.0.30.30", "10.0.30.30"], ["10.0.30.31", "10.0.30.31"], ["10.0.31.1", "10.0.31.1"], ["10.0.31.2", "10.0.31.2"], ["10.0.31.3", "10.0.31.3"], ["10.0.31.4", "10.0.31.4"], ["10.0.31.5", "10.0.31.5"], ["10.0.31.6", "10.0.31.6"], ["10.0.31.7", "10.0.31.7"], ["10.0.31.8", "10.0.31.8"], ["10.0.31.9", "10.0.31.9"], ["10.0.31.10", "10.0.31.10"], ["10.0.31.11", "10.0.31.11"], ["10.0.31.12", "10.0.31.12"], ["10.0.31.13", "10.0.31.13"], ["10.0.31.14", "10.0.31.14"], ["10.0.31.15", "10.0.31.15"], ["10.0.31.16", "10.0.31.16"], ["10.0.31.17", "10.0.31.17"], ["10.0.31.18", "10.0.31.18"], ["10.0.31.19", "10.0.31.19"], ["10.0.31.20", "10.0.31.20"], ["10.0.31.21", "10.0.31.21"], ["10.0.31.22", "10.0.31.22"], ["10.0.31.23", "10.0.31.23"], ["10.0.31.24", "10.0.31.24"], ["10.0.31.25", "10.0.31.25"], ["10.0.31.26", "10.0.31.26"], ["10.0.31.27", "10.0.31.27"], ["10.0.31.28", "10.0.31.28"], ["10.0.31.29", "10.0.31.29"], ["10.0.31.30", "10.0.31.30"], ["10.0.31.31", "10.0.31.31"]]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "elem": [
+          [
+            "10.0.1.1",
+            "10.0.1.1"
+          ],
+          [
+            "10.0.1.2",
+            "10.0.1.2"
+          ],
+          [
+            "10.0.1.3",
+            "10.0.1.3"
+          ],
+          [
+            "10.0.1.4",
+            "10.0.1.4"
+          ],
+          [
+            "10.0.1.5",
+            "10.0.1.5"
+          ],
+          [
+            "10.0.1.6",
+            "10.0.1.6"
+          ],
+          [
+            "10.0.1.7",
+            "10.0.1.7"
+          ],
+          [
+            "10.0.1.8",
+            "10.0.1.8"
+          ],
+          [
+            "10.0.1.9",
+            "10.0.1.9"
+          ],
+          [
+            "10.0.1.10",
+            "10.0.1.10"
+          ],
+          [
+            "10.0.1.11",
+            "10.0.1.11"
+          ],
+          [
+            "10.0.1.12",
+            "10.0.1.12"
+          ],
+          [
+            "10.0.1.13",
+            "10.0.1.13"
+          ],
+          [
+            "10.0.1.14",
+            "10.0.1.14"
+          ],
+          [
+            "10.0.1.15",
+            "10.0.1.15"
+          ],
+          [
+            "10.0.1.16",
+            "10.0.1.16"
+          ],
+          [
+            "10.0.1.17",
+            "10.0.1.17"
+          ],
+          [
+            "10.0.1.18",
+            "10.0.1.18"
+          ],
+          [
+            "10.0.1.19",
+            "10.0.1.19"
+          ],
+          [
+            "10.0.1.20",
+            "10.0.1.20"
+          ],
+          [
+            "10.0.1.21",
+            "10.0.1.21"
+          ],
+          [
+            "10.0.1.22",
+            "10.0.1.22"
+          ],
+          [
+            "10.0.1.23",
+            "10.0.1.23"
+          ],
+          [
+            "10.0.1.24",
+            "10.0.1.24"
+          ],
+          [
+            "10.0.1.25",
+            "10.0.1.25"
+          ],
+          [
+            "10.0.1.26",
+            "10.0.1.26"
+          ],
+          [
+            "10.0.1.27",
+            "10.0.1.27"
+          ],
+          [
+            "10.0.1.28",
+            "10.0.1.28"
+          ],
+          [
+            "10.0.1.29",
+            "10.0.1.29"
+          ],
+          [
+            "10.0.1.30",
+            "10.0.1.30"
+          ],
+          [
+            "10.0.1.31",
+            "10.0.1.31"
+          ],
+          [
+            "10.0.2.1",
+            "10.0.2.1"
+          ],
+          [
+            "10.0.2.2",
+            "10.0.2.2"
+          ],
+          [
+            "10.0.2.3",
+            "10.0.2.3"
+          ],
+          [
+            "10.0.2.4",
+            "10.0.2.4"
+          ],
+          [
+            "10.0.2.5",
+            "10.0.2.5"
+          ],
+          [
+            "10.0.2.6",
+            "10.0.2.6"
+          ],
+          [
+            "10.0.2.7",
+            "10.0.2.7"
+          ],
+          [
+            "10.0.2.8",
+            "10.0.2.8"
+          ],
+          [
+            "10.0.2.9",
+            "10.0.2.9"
+          ],
+          [
+            "10.0.2.10",
+            "10.0.2.10"
+          ],
+          [
+            "10.0.2.11",
+            "10.0.2.11"
+          ],
+          [
+            "10.0.2.12",
+            "10.0.2.12"
+          ],
+          [
+            "10.0.2.13",
+            "10.0.2.13"
+          ],
+          [
+            "10.0.2.14",
+            "10.0.2.14"
+          ],
+          [
+            "10.0.2.15",
+            "10.0.2.15"
+          ],
+          [
+            "10.0.2.16",
+            "10.0.2.16"
+          ],
+          [
+            "10.0.2.17",
+            "10.0.2.17"
+          ],
+          [
+            "10.0.2.18",
+            "10.0.2.18"
+          ],
+          [
+            "10.0.2.19",
+            "10.0.2.19"
+          ],
+          [
+            "10.0.2.20",
+            "10.0.2.20"
+          ],
+          [
+            "10.0.2.21",
+            "10.0.2.21"
+          ],
+          [
+            "10.0.2.22",
+            "10.0.2.22"
+          ],
+          [
+            "10.0.2.23",
+            "10.0.2.23"
+          ],
+          [
+            "10.0.2.24",
+            "10.0.2.24"
+          ],
+          [
+            "10.0.2.25",
+            "10.0.2.25"
+          ],
+          [
+            "10.0.2.26",
+            "10.0.2.26"
+          ],
+          [
+            "10.0.2.27",
+            "10.0.2.27"
+          ],
+          [
+            "10.0.2.28",
+            "10.0.2.28"
+          ],
+          [
+            "10.0.2.29",
+            "10.0.2.29"
+          ],
+          [
+            "10.0.2.30",
+            "10.0.2.30"
+          ],
+          [
+            "10.0.2.31",
+            "10.0.2.31"
+          ],
+          [
+            "10.0.3.1",
+            "10.0.3.1"
+          ],
+          [
+            "10.0.3.2",
+            "10.0.3.2"
+          ],
+          [
+            "10.0.3.3",
+            "10.0.3.3"
+          ],
+          [
+            "10.0.3.4",
+            "10.0.3.4"
+          ],
+          [
+            "10.0.3.5",
+            "10.0.3.5"
+          ],
+          [
+            "10.0.3.6",
+            "10.0.3.6"
+          ],
+          [
+            "10.0.3.7",
+            "10.0.3.7"
+          ],
+          [
+            "10.0.3.8",
+            "10.0.3.8"
+          ],
+          [
+            "10.0.3.9",
+            "10.0.3.9"
+          ],
+          [
+            "10.0.3.10",
+            "10.0.3.10"
+          ],
+          [
+            "10.0.3.11",
+            "10.0.3.11"
+          ],
+          [
+            "10.0.3.12",
+            "10.0.3.12"
+          ],
+          [
+            "10.0.3.13",
+            "10.0.3.13"
+          ],
+          [
+            "10.0.3.14",
+            "10.0.3.14"
+          ],
+          [
+            "10.0.3.15",
+            "10.0.3.15"
+          ],
+          [
+            "10.0.3.16",
+            "10.0.3.16"
+          ],
+          [
+            "10.0.3.17",
+            "10.0.3.17"
+          ],
+          [
+            "10.0.3.18",
+            "10.0.3.18"
+          ],
+          [
+            "10.0.3.19",
+            "10.0.3.19"
+          ],
+          [
+            "10.0.3.20",
+            "10.0.3.20"
+          ],
+          [
+            "10.0.3.21",
+            "10.0.3.21"
+          ],
+          [
+            "10.0.3.22",
+            "10.0.3.22"
+          ],
+          [
+            "10.0.3.23",
+            "10.0.3.23"
+          ],
+          [
+            "10.0.3.24",
+            "10.0.3.24"
+          ],
+          [
+            "10.0.3.25",
+            "10.0.3.25"
+          ],
+          [
+            "10.0.3.26",
+            "10.0.3.26"
+          ],
+          [
+            "10.0.3.27",
+            "10.0.3.27"
+          ],
+          [
+            "10.0.3.28",
+            "10.0.3.28"
+          ],
+          [
+            "10.0.3.29",
+            "10.0.3.29"
+          ],
+          [
+            "10.0.3.30",
+            "10.0.3.30"
+          ],
+          [
+            "10.0.3.31",
+            "10.0.3.31"
+          ],
+          [
+            "10.0.4.1",
+            "10.0.4.1"
+          ],
+          [
+            "10.0.4.2",
+            "10.0.4.2"
+          ],
+          [
+            "10.0.4.3",
+            "10.0.4.3"
+          ],
+          [
+            "10.0.4.4",
+            "10.0.4.4"
+          ],
+          [
+            "10.0.4.5",
+            "10.0.4.5"
+          ],
+          [
+            "10.0.4.6",
+            "10.0.4.6"
+          ],
+          [
+            "10.0.4.7",
+            "10.0.4.7"
+          ],
+          [
+            "10.0.4.8",
+            "10.0.4.8"
+          ],
+          [
+            "10.0.4.9",
+            "10.0.4.9"
+          ],
+          [
+            "10.0.4.10",
+            "10.0.4.10"
+          ],
+          [
+            "10.0.4.11",
+            "10.0.4.11"
+          ],
+          [
+            "10.0.4.12",
+            "10.0.4.12"
+          ],
+          [
+            "10.0.4.13",
+            "10.0.4.13"
+          ],
+          [
+            "10.0.4.14",
+            "10.0.4.14"
+          ],
+          [
+            "10.0.4.15",
+            "10.0.4.15"
+          ],
+          [
+            "10.0.4.16",
+            "10.0.4.16"
+          ],
+          [
+            "10.0.4.17",
+            "10.0.4.17"
+          ],
+          [
+            "10.0.4.18",
+            "10.0.4.18"
+          ],
+          [
+            "10.0.4.19",
+            "10.0.4.19"
+          ],
+          [
+            "10.0.4.20",
+            "10.0.4.20"
+          ],
+          [
+            "10.0.4.21",
+            "10.0.4.21"
+          ],
+          [
+            "10.0.4.22",
+            "10.0.4.22"
+          ],
+          [
+            "10.0.4.23",
+            "10.0.4.23"
+          ],
+          [
+            "10.0.4.24",
+            "10.0.4.24"
+          ],
+          [
+            "10.0.4.25",
+            "10.0.4.25"
+          ],
+          [
+            "10.0.4.26",
+            "10.0.4.26"
+          ],
+          [
+            "10.0.4.27",
+            "10.0.4.27"
+          ],
+          [
+            "10.0.4.28",
+            "10.0.4.28"
+          ],
+          [
+            "10.0.4.29",
+            "10.0.4.29"
+          ],
+          [
+            "10.0.4.30",
+            "10.0.4.30"
+          ],
+          [
+            "10.0.4.31",
+            "10.0.4.31"
+          ],
+          [
+            "10.0.5.1",
+            "10.0.5.1"
+          ],
+          [
+            "10.0.5.2",
+            "10.0.5.2"
+          ],
+          [
+            "10.0.5.3",
+            "10.0.5.3"
+          ],
+          [
+            "10.0.5.4",
+            "10.0.5.4"
+          ],
+          [
+            "10.0.5.5",
+            "10.0.5.5"
+          ],
+          [
+            "10.0.5.6",
+            "10.0.5.6"
+          ],
+          [
+            "10.0.5.7",
+            "10.0.5.7"
+          ],
+          [
+            "10.0.5.8",
+            "10.0.5.8"
+          ],
+          [
+            "10.0.5.9",
+            "10.0.5.9"
+          ],
+          [
+            "10.0.5.10",
+            "10.0.5.10"
+          ],
+          [
+            "10.0.5.11",
+            "10.0.5.11"
+          ],
+          [
+            "10.0.5.12",
+            "10.0.5.12"
+          ],
+          [
+            "10.0.5.13",
+            "10.0.5.13"
+          ],
+          [
+            "10.0.5.14",
+            "10.0.5.14"
+          ],
+          [
+            "10.0.5.15",
+            "10.0.5.15"
+          ],
+          [
+            "10.0.5.16",
+            "10.0.5.16"
+          ],
+          [
+            "10.0.5.17",
+            "10.0.5.17"
+          ],
+          [
+            "10.0.5.18",
+            "10.0.5.18"
+          ],
+          [
+            "10.0.5.19",
+            "10.0.5.19"
+          ],
+          [
+            "10.0.5.20",
+            "10.0.5.20"
+          ],
+          [
+            "10.0.5.21",
+            "10.0.5.21"
+          ],
+          [
+            "10.0.5.22",
+            "10.0.5.22"
+          ],
+          [
+            "10.0.5.23",
+            "10.0.5.23"
+          ],
+          [
+            "10.0.5.24",
+            "10.0.5.24"
+          ],
+          [
+            "10.0.5.25",
+            "10.0.5.25"
+          ],
+          [
+            "10.0.5.26",
+            "10.0.5.26"
+          ],
+          [
+            "10.0.5.27",
+            "10.0.5.27"
+          ],
+          [
+            "10.0.5.28",
+            "10.0.5.28"
+          ],
+          [
+            "10.0.5.29",
+            "10.0.5.29"
+          ],
+          [
+            "10.0.5.30",
+            "10.0.5.30"
+          ],
+          [
+            "10.0.5.31",
+            "10.0.5.31"
+          ],
+          [
+            "10.0.6.1",
+            "10.0.6.1"
+          ],
+          [
+            "10.0.6.2",
+            "10.0.6.2"
+          ],
+          [
+            "10.0.6.3",
+            "10.0.6.3"
+          ],
+          [
+            "10.0.6.4",
+            "10.0.6.4"
+          ],
+          [
+            "10.0.6.5",
+            "10.0.6.5"
+          ],
+          [
+            "10.0.6.6",
+            "10.0.6.6"
+          ],
+          [
+            "10.0.6.7",
+            "10.0.6.7"
+          ],
+          [
+            "10.0.6.8",
+            "10.0.6.8"
+          ],
+          [
+            "10.0.6.9",
+            "10.0.6.9"
+          ],
+          [
+            "10.0.6.10",
+            "10.0.6.10"
+          ],
+          [
+            "10.0.6.11",
+            "10.0.6.11"
+          ],
+          [
+            "10.0.6.12",
+            "10.0.6.12"
+          ],
+          [
+            "10.0.6.13",
+            "10.0.6.13"
+          ],
+          [
+            "10.0.6.14",
+            "10.0.6.14"
+          ],
+          [
+            "10.0.6.15",
+            "10.0.6.15"
+          ],
+          [
+            "10.0.6.16",
+            "10.0.6.16"
+          ],
+          [
+            "10.0.6.17",
+            "10.0.6.17"
+          ],
+          [
+            "10.0.6.18",
+            "10.0.6.18"
+          ],
+          [
+            "10.0.6.19",
+            "10.0.6.19"
+          ],
+          [
+            "10.0.6.20",
+            "10.0.6.20"
+          ],
+          [
+            "10.0.6.21",
+            "10.0.6.21"
+          ],
+          [
+            "10.0.6.22",
+            "10.0.6.22"
+          ],
+          [
+            "10.0.6.23",
+            "10.0.6.23"
+          ],
+          [
+            "10.0.6.24",
+            "10.0.6.24"
+          ],
+          [
+            "10.0.6.25",
+            "10.0.6.25"
+          ],
+          [
+            "10.0.6.26",
+            "10.0.6.26"
+          ],
+          [
+            "10.0.6.27",
+            "10.0.6.27"
+          ],
+          [
+            "10.0.6.28",
+            "10.0.6.28"
+          ],
+          [
+            "10.0.6.29",
+            "10.0.6.29"
+          ],
+          [
+            "10.0.6.30",
+            "10.0.6.30"
+          ],
+          [
+            "10.0.6.31",
+            "10.0.6.31"
+          ],
+          [
+            "10.0.7.1",
+            "10.0.7.1"
+          ],
+          [
+            "10.0.7.2",
+            "10.0.7.2"
+          ],
+          [
+            "10.0.7.3",
+            "10.0.7.3"
+          ],
+          [
+            "10.0.7.4",
+            "10.0.7.4"
+          ],
+          [
+            "10.0.7.5",
+            "10.0.7.5"
+          ],
+          [
+            "10.0.7.6",
+            "10.0.7.6"
+          ],
+          [
+            "10.0.7.7",
+            "10.0.7.7"
+          ],
+          [
+            "10.0.7.8",
+            "10.0.7.8"
+          ],
+          [
+            "10.0.7.9",
+            "10.0.7.9"
+          ],
+          [
+            "10.0.7.10",
+            "10.0.7.10"
+          ],
+          [
+            "10.0.7.11",
+            "10.0.7.11"
+          ],
+          [
+            "10.0.7.12",
+            "10.0.7.12"
+          ],
+          [
+            "10.0.7.13",
+            "10.0.7.13"
+          ],
+          [
+            "10.0.7.14",
+            "10.0.7.14"
+          ],
+          [
+            "10.0.7.15",
+            "10.0.7.15"
+          ],
+          [
+            "10.0.7.16",
+            "10.0.7.16"
+          ],
+          [
+            "10.0.7.17",
+            "10.0.7.17"
+          ],
+          [
+            "10.0.7.18",
+            "10.0.7.18"
+          ],
+          [
+            "10.0.7.19",
+            "10.0.7.19"
+          ],
+          [
+            "10.0.7.20",
+            "10.0.7.20"
+          ],
+          [
+            "10.0.7.21",
+            "10.0.7.21"
+          ],
+          [
+            "10.0.7.22",
+            "10.0.7.22"
+          ],
+          [
+            "10.0.7.23",
+            "10.0.7.23"
+          ],
+          [
+            "10.0.7.24",
+            "10.0.7.24"
+          ],
+          [
+            "10.0.7.25",
+            "10.0.7.25"
+          ],
+          [
+            "10.0.7.26",
+            "10.0.7.26"
+          ],
+          [
+            "10.0.7.27",
+            "10.0.7.27"
+          ],
+          [
+            "10.0.7.28",
+            "10.0.7.28"
+          ],
+          [
+            "10.0.7.29",
+            "10.0.7.29"
+          ],
+          [
+            "10.0.7.30",
+            "10.0.7.30"
+          ],
+          [
+            "10.0.7.31",
+            "10.0.7.31"
+          ],
+          [
+            "10.0.8.1",
+            "10.0.8.1"
+          ],
+          [
+            "10.0.8.2",
+            "10.0.8.2"
+          ],
+          [
+            "10.0.8.3",
+            "10.0.8.3"
+          ],
+          [
+            "10.0.8.4",
+            "10.0.8.4"
+          ],
+          [
+            "10.0.8.5",
+            "10.0.8.5"
+          ],
+          [
+            "10.0.8.6",
+            "10.0.8.6"
+          ],
+          [
+            "10.0.8.7",
+            "10.0.8.7"
+          ],
+          [
+            "10.0.8.8",
+            "10.0.8.8"
+          ],
+          [
+            "10.0.8.9",
+            "10.0.8.9"
+          ],
+          [
+            "10.0.8.10",
+            "10.0.8.10"
+          ],
+          [
+            "10.0.8.11",
+            "10.0.8.11"
+          ],
+          [
+            "10.0.8.12",
+            "10.0.8.12"
+          ],
+          [
+            "10.0.8.13",
+            "10.0.8.13"
+          ],
+          [
+            "10.0.8.14",
+            "10.0.8.14"
+          ],
+          [
+            "10.0.8.15",
+            "10.0.8.15"
+          ],
+          [
+            "10.0.8.16",
+            "10.0.8.16"
+          ],
+          [
+            "10.0.8.17",
+            "10.0.8.17"
+          ],
+          [
+            "10.0.8.18",
+            "10.0.8.18"
+          ],
+          [
+            "10.0.8.19",
+            "10.0.8.19"
+          ],
+          [
+            "10.0.8.20",
+            "10.0.8.20"
+          ],
+          [
+            "10.0.8.21",
+            "10.0.8.21"
+          ],
+          [
+            "10.0.8.22",
+            "10.0.8.22"
+          ],
+          [
+            "10.0.8.23",
+            "10.0.8.23"
+          ],
+          [
+            "10.0.8.24",
+            "10.0.8.24"
+          ],
+          [
+            "10.0.8.25",
+            "10.0.8.25"
+          ],
+          [
+            "10.0.8.26",
+            "10.0.8.26"
+          ],
+          [
+            "10.0.8.27",
+            "10.0.8.27"
+          ],
+          [
+            "10.0.8.28",
+            "10.0.8.28"
+          ],
+          [
+            "10.0.8.29",
+            "10.0.8.29"
+          ],
+          [
+            "10.0.8.30",
+            "10.0.8.30"
+          ],
+          [
+            "10.0.8.31",
+            "10.0.8.31"
+          ],
+          [
+            "10.0.9.1",
+            "10.0.9.1"
+          ],
+          [
+            "10.0.9.2",
+            "10.0.9.2"
+          ],
+          [
+            "10.0.9.3",
+            "10.0.9.3"
+          ],
+          [
+            "10.0.9.4",
+            "10.0.9.4"
+          ],
+          [
+            "10.0.9.5",
+            "10.0.9.5"
+          ],
+          [
+            "10.0.9.6",
+            "10.0.9.6"
+          ],
+          [
+            "10.0.9.7",
+            "10.0.9.7"
+          ],
+          [
+            "10.0.9.8",
+            "10.0.9.8"
+          ],
+          [
+            "10.0.9.9",
+            "10.0.9.9"
+          ],
+          [
+            "10.0.9.10",
+            "10.0.9.10"
+          ],
+          [
+            "10.0.9.11",
+            "10.0.9.11"
+          ],
+          [
+            "10.0.9.12",
+            "10.0.9.12"
+          ],
+          [
+            "10.0.9.13",
+            "10.0.9.13"
+          ],
+          [
+            "10.0.9.14",
+            "10.0.9.14"
+          ],
+          [
+            "10.0.9.15",
+            "10.0.9.15"
+          ],
+          [
+            "10.0.9.16",
+            "10.0.9.16"
+          ],
+          [
+            "10.0.9.17",
+            "10.0.9.17"
+          ],
+          [
+            "10.0.9.18",
+            "10.0.9.18"
+          ],
+          [
+            "10.0.9.19",
+            "10.0.9.19"
+          ],
+          [
+            "10.0.9.20",
+            "10.0.9.20"
+          ],
+          [
+            "10.0.9.21",
+            "10.0.9.21"
+          ],
+          [
+            "10.0.9.22",
+            "10.0.9.22"
+          ],
+          [
+            "10.0.9.23",
+            "10.0.9.23"
+          ],
+          [
+            "10.0.9.24",
+            "10.0.9.24"
+          ],
+          [
+            "10.0.9.25",
+            "10.0.9.25"
+          ],
+          [
+            "10.0.9.26",
+            "10.0.9.26"
+          ],
+          [
+            "10.0.9.27",
+            "10.0.9.27"
+          ],
+          [
+            "10.0.9.28",
+            "10.0.9.28"
+          ],
+          [
+            "10.0.9.29",
+            "10.0.9.29"
+          ],
+          [
+            "10.0.9.30",
+            "10.0.9.30"
+          ],
+          [
+            "10.0.9.31",
+            "10.0.9.31"
+          ],
+          [
+            "10.0.10.1",
+            "10.0.10.1"
+          ],
+          [
+            "10.0.10.2",
+            "10.0.10.2"
+          ],
+          [
+            "10.0.10.3",
+            "10.0.10.3"
+          ],
+          [
+            "10.0.10.4",
+            "10.0.10.4"
+          ],
+          [
+            "10.0.10.5",
+            "10.0.10.5"
+          ],
+          [
+            "10.0.10.6",
+            "10.0.10.6"
+          ],
+          [
+            "10.0.10.7",
+            "10.0.10.7"
+          ],
+          [
+            "10.0.10.8",
+            "10.0.10.8"
+          ],
+          [
+            "10.0.10.9",
+            "10.0.10.9"
+          ],
+          [
+            "10.0.10.10",
+            "10.0.10.10"
+          ],
+          [
+            "10.0.10.11",
+            "10.0.10.11"
+          ],
+          [
+            "10.0.10.12",
+            "10.0.10.12"
+          ],
+          [
+            "10.0.10.13",
+            "10.0.10.13"
+          ],
+          [
+            "10.0.10.14",
+            "10.0.10.14"
+          ],
+          [
+            "10.0.10.15",
+            "10.0.10.15"
+          ],
+          [
+            "10.0.10.16",
+            "10.0.10.16"
+          ],
+          [
+            "10.0.10.17",
+            "10.0.10.17"
+          ],
+          [
+            "10.0.10.18",
+            "10.0.10.18"
+          ],
+          [
+            "10.0.10.19",
+            "10.0.10.19"
+          ],
+          [
+            "10.0.10.20",
+            "10.0.10.20"
+          ],
+          [
+            "10.0.10.21",
+            "10.0.10.21"
+          ],
+          [
+            "10.0.10.22",
+            "10.0.10.22"
+          ],
+          [
+            "10.0.10.23",
+            "10.0.10.23"
+          ],
+          [
+            "10.0.10.24",
+            "10.0.10.24"
+          ],
+          [
+            "10.0.10.25",
+            "10.0.10.25"
+          ],
+          [
+            "10.0.10.26",
+            "10.0.10.26"
+          ],
+          [
+            "10.0.10.27",
+            "10.0.10.27"
+          ],
+          [
+            "10.0.10.28",
+            "10.0.10.28"
+          ],
+          [
+            "10.0.10.29",
+            "10.0.10.29"
+          ],
+          [
+            "10.0.10.30",
+            "10.0.10.30"
+          ],
+          [
+            "10.0.10.31",
+            "10.0.10.31"
+          ],
+          [
+            "10.0.11.1",
+            "10.0.11.1"
+          ],
+          [
+            "10.0.11.2",
+            "10.0.11.2"
+          ],
+          [
+            "10.0.11.3",
+            "10.0.11.3"
+          ],
+          [
+            "10.0.11.4",
+            "10.0.11.4"
+          ],
+          [
+            "10.0.11.5",
+            "10.0.11.5"
+          ],
+          [
+            "10.0.11.6",
+            "10.0.11.6"
+          ],
+          [
+            "10.0.11.7",
+            "10.0.11.7"
+          ],
+          [
+            "10.0.11.8",
+            "10.0.11.8"
+          ],
+          [
+            "10.0.11.9",
+            "10.0.11.9"
+          ],
+          [
+            "10.0.11.10",
+            "10.0.11.10"
+          ],
+          [
+            "10.0.11.11",
+            "10.0.11.11"
+          ],
+          [
+            "10.0.11.12",
+            "10.0.11.12"
+          ],
+          [
+            "10.0.11.13",
+            "10.0.11.13"
+          ],
+          [
+            "10.0.11.14",
+            "10.0.11.14"
+          ],
+          [
+            "10.0.11.15",
+            "10.0.11.15"
+          ],
+          [
+            "10.0.11.16",
+            "10.0.11.16"
+          ],
+          [
+            "10.0.11.17",
+            "10.0.11.17"
+          ],
+          [
+            "10.0.11.18",
+            "10.0.11.18"
+          ],
+          [
+            "10.0.11.19",
+            "10.0.11.19"
+          ],
+          [
+            "10.0.11.20",
+            "10.0.11.20"
+          ],
+          [
+            "10.0.11.21",
+            "10.0.11.21"
+          ],
+          [
+            "10.0.11.22",
+            "10.0.11.22"
+          ],
+          [
+            "10.0.11.23",
+            "10.0.11.23"
+          ],
+          [
+            "10.0.11.24",
+            "10.0.11.24"
+          ],
+          [
+            "10.0.11.25",
+            "10.0.11.25"
+          ],
+          [
+            "10.0.11.26",
+            "10.0.11.26"
+          ],
+          [
+            "10.0.11.27",
+            "10.0.11.27"
+          ],
+          [
+            "10.0.11.28",
+            "10.0.11.28"
+          ],
+          [
+            "10.0.11.29",
+            "10.0.11.29"
+          ],
+          [
+            "10.0.11.30",
+            "10.0.11.30"
+          ],
+          [
+            "10.0.11.31",
+            "10.0.11.31"
+          ],
+          [
+            "10.0.12.1",
+            "10.0.12.1"
+          ],
+          [
+            "10.0.12.2",
+            "10.0.12.2"
+          ],
+          [
+            "10.0.12.3",
+            "10.0.12.3"
+          ],
+          [
+            "10.0.12.4",
+            "10.0.12.4"
+          ],
+          [
+            "10.0.12.5",
+            "10.0.12.5"
+          ],
+          [
+            "10.0.12.6",
+            "10.0.12.6"
+          ],
+          [
+            "10.0.12.7",
+            "10.0.12.7"
+          ],
+          [
+            "10.0.12.8",
+            "10.0.12.8"
+          ],
+          [
+            "10.0.12.9",
+            "10.0.12.9"
+          ],
+          [
+            "10.0.12.10",
+            "10.0.12.10"
+          ],
+          [
+            "10.0.12.11",
+            "10.0.12.11"
+          ],
+          [
+            "10.0.12.12",
+            "10.0.12.12"
+          ],
+          [
+            "10.0.12.13",
+            "10.0.12.13"
+          ],
+          [
+            "10.0.12.14",
+            "10.0.12.14"
+          ],
+          [
+            "10.0.12.15",
+            "10.0.12.15"
+          ],
+          [
+            "10.0.12.16",
+            "10.0.12.16"
+          ],
+          [
+            "10.0.12.17",
+            "10.0.12.17"
+          ],
+          [
+            "10.0.12.18",
+            "10.0.12.18"
+          ],
+          [
+            "10.0.12.19",
+            "10.0.12.19"
+          ],
+          [
+            "10.0.12.20",
+            "10.0.12.20"
+          ],
+          [
+            "10.0.12.21",
+            "10.0.12.21"
+          ],
+          [
+            "10.0.12.22",
+            "10.0.12.22"
+          ],
+          [
+            "10.0.12.23",
+            "10.0.12.23"
+          ],
+          [
+            "10.0.12.24",
+            "10.0.12.24"
+          ],
+          [
+            "10.0.12.25",
+            "10.0.12.25"
+          ],
+          [
+            "10.0.12.26",
+            "10.0.12.26"
+          ],
+          [
+            "10.0.12.27",
+            "10.0.12.27"
+          ],
+          [
+            "10.0.12.28",
+            "10.0.12.28"
+          ],
+          [
+            "10.0.12.29",
+            "10.0.12.29"
+          ],
+          [
+            "10.0.12.30",
+            "10.0.12.30"
+          ],
+          [
+            "10.0.12.31",
+            "10.0.12.31"
+          ],
+          [
+            "10.0.13.1",
+            "10.0.13.1"
+          ],
+          [
+            "10.0.13.2",
+            "10.0.13.2"
+          ],
+          [
+            "10.0.13.3",
+            "10.0.13.3"
+          ],
+          [
+            "10.0.13.4",
+            "10.0.13.4"
+          ],
+          [
+            "10.0.13.5",
+            "10.0.13.5"
+          ],
+          [
+            "10.0.13.6",
+            "10.0.13.6"
+          ],
+          [
+            "10.0.13.7",
+            "10.0.13.7"
+          ],
+          [
+            "10.0.13.8",
+            "10.0.13.8"
+          ],
+          [
+            "10.0.13.9",
+            "10.0.13.9"
+          ],
+          [
+            "10.0.13.10",
+            "10.0.13.10"
+          ],
+          [
+            "10.0.13.11",
+            "10.0.13.11"
+          ],
+          [
+            "10.0.13.12",
+            "10.0.13.12"
+          ],
+          [
+            "10.0.13.13",
+            "10.0.13.13"
+          ],
+          [
+            "10.0.13.14",
+            "10.0.13.14"
+          ],
+          [
+            "10.0.13.15",
+            "10.0.13.15"
+          ],
+          [
+            "10.0.13.16",
+            "10.0.13.16"
+          ],
+          [
+            "10.0.13.17",
+            "10.0.13.17"
+          ],
+          [
+            "10.0.13.18",
+            "10.0.13.18"
+          ],
+          [
+            "10.0.13.19",
+            "10.0.13.19"
+          ],
+          [
+            "10.0.13.20",
+            "10.0.13.20"
+          ],
+          [
+            "10.0.13.21",
+            "10.0.13.21"
+          ],
+          [
+            "10.0.13.22",
+            "10.0.13.22"
+          ],
+          [
+            "10.0.13.23",
+            "10.0.13.23"
+          ],
+          [
+            "10.0.13.24",
+            "10.0.13.24"
+          ],
+          [
+            "10.0.13.25",
+            "10.0.13.25"
+          ],
+          [
+            "10.0.13.26",
+            "10.0.13.26"
+          ],
+          [
+            "10.0.13.27",
+            "10.0.13.27"
+          ],
+          [
+            "10.0.13.28",
+            "10.0.13.28"
+          ],
+          [
+            "10.0.13.29",
+            "10.0.13.29"
+          ],
+          [
+            "10.0.13.30",
+            "10.0.13.30"
+          ],
+          [
+            "10.0.13.31",
+            "10.0.13.31"
+          ],
+          [
+            "10.0.14.1",
+            "10.0.14.1"
+          ],
+          [
+            "10.0.14.2",
+            "10.0.14.2"
+          ],
+          [
+            "10.0.14.3",
+            "10.0.14.3"
+          ],
+          [
+            "10.0.14.4",
+            "10.0.14.4"
+          ],
+          [
+            "10.0.14.5",
+            "10.0.14.5"
+          ],
+          [
+            "10.0.14.6",
+            "10.0.14.6"
+          ],
+          [
+            "10.0.14.7",
+            "10.0.14.7"
+          ],
+          [
+            "10.0.14.8",
+            "10.0.14.8"
+          ],
+          [
+            "10.0.14.9",
+            "10.0.14.9"
+          ],
+          [
+            "10.0.14.10",
+            "10.0.14.10"
+          ],
+          [
+            "10.0.14.11",
+            "10.0.14.11"
+          ],
+          [
+            "10.0.14.12",
+            "10.0.14.12"
+          ],
+          [
+            "10.0.14.13",
+            "10.0.14.13"
+          ],
+          [
+            "10.0.14.14",
+            "10.0.14.14"
+          ],
+          [
+            "10.0.14.15",
+            "10.0.14.15"
+          ],
+          [
+            "10.0.14.16",
+            "10.0.14.16"
+          ],
+          [
+            "10.0.14.17",
+            "10.0.14.17"
+          ],
+          [
+            "10.0.14.18",
+            "10.0.14.18"
+          ],
+          [
+            "10.0.14.19",
+            "10.0.14.19"
+          ],
+          [
+            "10.0.14.20",
+            "10.0.14.20"
+          ],
+          [
+            "10.0.14.21",
+            "10.0.14.21"
+          ],
+          [
+            "10.0.14.22",
+            "10.0.14.22"
+          ],
+          [
+            "10.0.14.23",
+            "10.0.14.23"
+          ],
+          [
+            "10.0.14.24",
+            "10.0.14.24"
+          ],
+          [
+            "10.0.14.25",
+            "10.0.14.25"
+          ],
+          [
+            "10.0.14.26",
+            "10.0.14.26"
+          ],
+          [
+            "10.0.14.27",
+            "10.0.14.27"
+          ],
+          [
+            "10.0.14.28",
+            "10.0.14.28"
+          ],
+          [
+            "10.0.14.29",
+            "10.0.14.29"
+          ],
+          [
+            "10.0.14.30",
+            "10.0.14.30"
+          ],
+          [
+            "10.0.14.31",
+            "10.0.14.31"
+          ],
+          [
+            "10.0.15.1",
+            "10.0.15.1"
+          ],
+          [
+            "10.0.15.2",
+            "10.0.15.2"
+          ],
+          [
+            "10.0.15.3",
+            "10.0.15.3"
+          ],
+          [
+            "10.0.15.4",
+            "10.0.15.4"
+          ],
+          [
+            "10.0.15.5",
+            "10.0.15.5"
+          ],
+          [
+            "10.0.15.6",
+            "10.0.15.6"
+          ],
+          [
+            "10.0.15.7",
+            "10.0.15.7"
+          ],
+          [
+            "10.0.15.8",
+            "10.0.15.8"
+          ],
+          [
+            "10.0.15.9",
+            "10.0.15.9"
+          ],
+          [
+            "10.0.15.10",
+            "10.0.15.10"
+          ],
+          [
+            "10.0.15.11",
+            "10.0.15.11"
+          ],
+          [
+            "10.0.15.12",
+            "10.0.15.12"
+          ],
+          [
+            "10.0.15.13",
+            "10.0.15.13"
+          ],
+          [
+            "10.0.15.14",
+            "10.0.15.14"
+          ],
+          [
+            "10.0.15.15",
+            "10.0.15.15"
+          ],
+          [
+            "10.0.15.16",
+            "10.0.15.16"
+          ],
+          [
+            "10.0.15.17",
+            "10.0.15.17"
+          ],
+          [
+            "10.0.15.18",
+            "10.0.15.18"
+          ],
+          [
+            "10.0.15.19",
+            "10.0.15.19"
+          ],
+          [
+            "10.0.15.20",
+            "10.0.15.20"
+          ],
+          [
+            "10.0.15.21",
+            "10.0.15.21"
+          ],
+          [
+            "10.0.15.22",
+            "10.0.15.22"
+          ],
+          [
+            "10.0.15.23",
+            "10.0.15.23"
+          ],
+          [
+            "10.0.15.24",
+            "10.0.15.24"
+          ],
+          [
+            "10.0.15.25",
+            "10.0.15.25"
+          ],
+          [
+            "10.0.15.26",
+            "10.0.15.26"
+          ],
+          [
+            "10.0.15.27",
+            "10.0.15.27"
+          ],
+          [
+            "10.0.15.28",
+            "10.0.15.28"
+          ],
+          [
+            "10.0.15.29",
+            "10.0.15.29"
+          ],
+          [
+            "10.0.15.30",
+            "10.0.15.30"
+          ],
+          [
+            "10.0.15.31",
+            "10.0.15.31"
+          ],
+          [
+            "10.0.16.1",
+            "10.0.16.1"
+          ],
+          [
+            "10.0.16.2",
+            "10.0.16.2"
+          ],
+          [
+            "10.0.16.3",
+            "10.0.16.3"
+          ],
+          [
+            "10.0.16.4",
+            "10.0.16.4"
+          ],
+          [
+            "10.0.16.5",
+            "10.0.16.5"
+          ],
+          [
+            "10.0.16.6",
+            "10.0.16.6"
+          ],
+          [
+            "10.0.16.7",
+            "10.0.16.7"
+          ],
+          [
+            "10.0.16.8",
+            "10.0.16.8"
+          ],
+          [
+            "10.0.16.9",
+            "10.0.16.9"
+          ],
+          [
+            "10.0.16.10",
+            "10.0.16.10"
+          ],
+          [
+            "10.0.16.11",
+            "10.0.16.11"
+          ],
+          [
+            "10.0.16.12",
+            "10.0.16.12"
+          ],
+          [
+            "10.0.16.13",
+            "10.0.16.13"
+          ],
+          [
+            "10.0.16.14",
+            "10.0.16.14"
+          ],
+          [
+            "10.0.16.15",
+            "10.0.16.15"
+          ],
+          [
+            "10.0.16.16",
+            "10.0.16.16"
+          ],
+          [
+            "10.0.16.17",
+            "10.0.16.17"
+          ],
+          [
+            "10.0.16.18",
+            "10.0.16.18"
+          ],
+          [
+            "10.0.16.19",
+            "10.0.16.19"
+          ],
+          [
+            "10.0.16.20",
+            "10.0.16.20"
+          ],
+          [
+            "10.0.16.21",
+            "10.0.16.21"
+          ],
+          [
+            "10.0.16.22",
+            "10.0.16.22"
+          ],
+          [
+            "10.0.16.23",
+            "10.0.16.23"
+          ],
+          [
+            "10.0.16.24",
+            "10.0.16.24"
+          ],
+          [
+            "10.0.16.25",
+            "10.0.16.25"
+          ],
+          [
+            "10.0.16.26",
+            "10.0.16.26"
+          ],
+          [
+            "10.0.16.27",
+            "10.0.16.27"
+          ],
+          [
+            "10.0.16.28",
+            "10.0.16.28"
+          ],
+          [
+            "10.0.16.29",
+            "10.0.16.29"
+          ],
+          [
+            "10.0.16.30",
+            "10.0.16.30"
+          ],
+          [
+            "10.0.16.31",
+            "10.0.16.31"
+          ],
+          [
+            "10.0.17.1",
+            "10.0.17.1"
+          ],
+          [
+            "10.0.17.2",
+            "10.0.17.2"
+          ],
+          [
+            "10.0.17.3",
+            "10.0.17.3"
+          ],
+          [
+            "10.0.17.4",
+            "10.0.17.4"
+          ],
+          [
+            "10.0.17.5",
+            "10.0.17.5"
+          ],
+          [
+            "10.0.17.6",
+            "10.0.17.6"
+          ],
+          [
+            "10.0.17.7",
+            "10.0.17.7"
+          ],
+          [
+            "10.0.17.8",
+            "10.0.17.8"
+          ],
+          [
+            "10.0.17.9",
+            "10.0.17.9"
+          ],
+          [
+            "10.0.17.10",
+            "10.0.17.10"
+          ],
+          [
+            "10.0.17.11",
+            "10.0.17.11"
+          ],
+          [
+            "10.0.17.12",
+            "10.0.17.12"
+          ],
+          [
+            "10.0.17.13",
+            "10.0.17.13"
+          ],
+          [
+            "10.0.17.14",
+            "10.0.17.14"
+          ],
+          [
+            "10.0.17.15",
+            "10.0.17.15"
+          ],
+          [
+            "10.0.17.16",
+            "10.0.17.16"
+          ],
+          [
+            "10.0.17.17",
+            "10.0.17.17"
+          ],
+          [
+            "10.0.17.18",
+            "10.0.17.18"
+          ],
+          [
+            "10.0.17.19",
+            "10.0.17.19"
+          ],
+          [
+            "10.0.17.20",
+            "10.0.17.20"
+          ],
+          [
+            "10.0.17.21",
+            "10.0.17.21"
+          ],
+          [
+            "10.0.17.22",
+            "10.0.17.22"
+          ],
+          [
+            "10.0.17.23",
+            "10.0.17.23"
+          ],
+          [
+            "10.0.17.24",
+            "10.0.17.24"
+          ],
+          [
+            "10.0.17.25",
+            "10.0.17.25"
+          ],
+          [
+            "10.0.17.26",
+            "10.0.17.26"
+          ],
+          [
+            "10.0.17.27",
+            "10.0.17.27"
+          ],
+          [
+            "10.0.17.28",
+            "10.0.17.28"
+          ],
+          [
+            "10.0.17.29",
+            "10.0.17.29"
+          ],
+          [
+            "10.0.17.30",
+            "10.0.17.30"
+          ],
+          [
+            "10.0.17.31",
+            "10.0.17.31"
+          ],
+          [
+            "10.0.18.1",
+            "10.0.18.1"
+          ],
+          [
+            "10.0.18.2",
+            "10.0.18.2"
+          ],
+          [
+            "10.0.18.3",
+            "10.0.18.3"
+          ],
+          [
+            "10.0.18.4",
+            "10.0.18.4"
+          ],
+          [
+            "10.0.18.5",
+            "10.0.18.5"
+          ],
+          [
+            "10.0.18.6",
+            "10.0.18.6"
+          ],
+          [
+            "10.0.18.7",
+            "10.0.18.7"
+          ],
+          [
+            "10.0.18.8",
+            "10.0.18.8"
+          ],
+          [
+            "10.0.18.9",
+            "10.0.18.9"
+          ],
+          [
+            "10.0.18.10",
+            "10.0.18.10"
+          ],
+          [
+            "10.0.18.11",
+            "10.0.18.11"
+          ],
+          [
+            "10.0.18.12",
+            "10.0.18.12"
+          ],
+          [
+            "10.0.18.13",
+            "10.0.18.13"
+          ],
+          [
+            "10.0.18.14",
+            "10.0.18.14"
+          ],
+          [
+            "10.0.18.15",
+            "10.0.18.15"
+          ],
+          [
+            "10.0.18.16",
+            "10.0.18.16"
+          ],
+          [
+            "10.0.18.17",
+            "10.0.18.17"
+          ],
+          [
+            "10.0.18.18",
+            "10.0.18.18"
+          ],
+          [
+            "10.0.18.19",
+            "10.0.18.19"
+          ],
+          [
+            "10.0.18.20",
+            "10.0.18.20"
+          ],
+          [
+            "10.0.18.21",
+            "10.0.18.21"
+          ],
+          [
+            "10.0.18.22",
+            "10.0.18.22"
+          ],
+          [
+            "10.0.18.23",
+            "10.0.18.23"
+          ],
+          [
+            "10.0.18.24",
+            "10.0.18.24"
+          ],
+          [
+            "10.0.18.25",
+            "10.0.18.25"
+          ],
+          [
+            "10.0.18.26",
+            "10.0.18.26"
+          ],
+          [
+            "10.0.18.27",
+            "10.0.18.27"
+          ],
+          [
+            "10.0.18.28",
+            "10.0.18.28"
+          ],
+          [
+            "10.0.18.29",
+            "10.0.18.29"
+          ],
+          [
+            "10.0.18.30",
+            "10.0.18.30"
+          ],
+          [
+            "10.0.18.31",
+            "10.0.18.31"
+          ],
+          [
+            "10.0.19.1",
+            "10.0.19.1"
+          ],
+          [
+            "10.0.19.2",
+            "10.0.19.2"
+          ],
+          [
+            "10.0.19.3",
+            "10.0.19.3"
+          ],
+          [
+            "10.0.19.4",
+            "10.0.19.4"
+          ],
+          [
+            "10.0.19.5",
+            "10.0.19.5"
+          ],
+          [
+            "10.0.19.6",
+            "10.0.19.6"
+          ],
+          [
+            "10.0.19.7",
+            "10.0.19.7"
+          ],
+          [
+            "10.0.19.8",
+            "10.0.19.8"
+          ],
+          [
+            "10.0.19.9",
+            "10.0.19.9"
+          ],
+          [
+            "10.0.19.10",
+            "10.0.19.10"
+          ],
+          [
+            "10.0.19.11",
+            "10.0.19.11"
+          ],
+          [
+            "10.0.19.12",
+            "10.0.19.12"
+          ],
+          [
+            "10.0.19.13",
+            "10.0.19.13"
+          ],
+          [
+            "10.0.19.14",
+            "10.0.19.14"
+          ],
+          [
+            "10.0.19.15",
+            "10.0.19.15"
+          ],
+          [
+            "10.0.19.16",
+            "10.0.19.16"
+          ],
+          [
+            "10.0.19.17",
+            "10.0.19.17"
+          ],
+          [
+            "10.0.19.18",
+            "10.0.19.18"
+          ],
+          [
+            "10.0.19.19",
+            "10.0.19.19"
+          ],
+          [
+            "10.0.19.20",
+            "10.0.19.20"
+          ],
+          [
+            "10.0.19.21",
+            "10.0.19.21"
+          ],
+          [
+            "10.0.19.22",
+            "10.0.19.22"
+          ],
+          [
+            "10.0.19.23",
+            "10.0.19.23"
+          ],
+          [
+            "10.0.19.24",
+            "10.0.19.24"
+          ],
+          [
+            "10.0.19.25",
+            "10.0.19.25"
+          ],
+          [
+            "10.0.19.26",
+            "10.0.19.26"
+          ],
+          [
+            "10.0.19.27",
+            "10.0.19.27"
+          ],
+          [
+            "10.0.19.28",
+            "10.0.19.28"
+          ],
+          [
+            "10.0.19.29",
+            "10.0.19.29"
+          ],
+          [
+            "10.0.19.30",
+            "10.0.19.30"
+          ],
+          [
+            "10.0.19.31",
+            "10.0.19.31"
+          ],
+          [
+            "10.0.20.1",
+            "10.0.20.1"
+          ],
+          [
+            "10.0.20.2",
+            "10.0.20.2"
+          ],
+          [
+            "10.0.20.3",
+            "10.0.20.3"
+          ],
+          [
+            "10.0.20.4",
+            "10.0.20.4"
+          ],
+          [
+            "10.0.20.5",
+            "10.0.20.5"
+          ],
+          [
+            "10.0.20.6",
+            "10.0.20.6"
+          ],
+          [
+            "10.0.20.7",
+            "10.0.20.7"
+          ],
+          [
+            "10.0.20.8",
+            "10.0.20.8"
+          ],
+          [
+            "10.0.20.9",
+            "10.0.20.9"
+          ],
+          [
+            "10.0.20.10",
+            "10.0.20.10"
+          ],
+          [
+            "10.0.20.11",
+            "10.0.20.11"
+          ],
+          [
+            "10.0.20.12",
+            "10.0.20.12"
+          ],
+          [
+            "10.0.20.13",
+            "10.0.20.13"
+          ],
+          [
+            "10.0.20.14",
+            "10.0.20.14"
+          ],
+          [
+            "10.0.20.15",
+            "10.0.20.15"
+          ],
+          [
+            "10.0.20.16",
+            "10.0.20.16"
+          ],
+          [
+            "10.0.20.17",
+            "10.0.20.17"
+          ],
+          [
+            "10.0.20.18",
+            "10.0.20.18"
+          ],
+          [
+            "10.0.20.19",
+            "10.0.20.19"
+          ],
+          [
+            "10.0.20.20",
+            "10.0.20.20"
+          ],
+          [
+            "10.0.20.21",
+            "10.0.20.21"
+          ],
+          [
+            "10.0.20.22",
+            "10.0.20.22"
+          ],
+          [
+            "10.0.20.23",
+            "10.0.20.23"
+          ],
+          [
+            "10.0.20.24",
+            "10.0.20.24"
+          ],
+          [
+            "10.0.20.25",
+            "10.0.20.25"
+          ],
+          [
+            "10.0.20.26",
+            "10.0.20.26"
+          ],
+          [
+            "10.0.20.27",
+            "10.0.20.27"
+          ],
+          [
+            "10.0.20.28",
+            "10.0.20.28"
+          ],
+          [
+            "10.0.20.29",
+            "10.0.20.29"
+          ],
+          [
+            "10.0.20.30",
+            "10.0.20.30"
+          ],
+          [
+            "10.0.20.31",
+            "10.0.20.31"
+          ],
+          [
+            "10.0.21.1",
+            "10.0.21.1"
+          ],
+          [
+            "10.0.21.2",
+            "10.0.21.2"
+          ],
+          [
+            "10.0.21.3",
+            "10.0.21.3"
+          ],
+          [
+            "10.0.21.4",
+            "10.0.21.4"
+          ],
+          [
+            "10.0.21.5",
+            "10.0.21.5"
+          ],
+          [
+            "10.0.21.6",
+            "10.0.21.6"
+          ],
+          [
+            "10.0.21.7",
+            "10.0.21.7"
+          ],
+          [
+            "10.0.21.8",
+            "10.0.21.8"
+          ],
+          [
+            "10.0.21.9",
+            "10.0.21.9"
+          ],
+          [
+            "10.0.21.10",
+            "10.0.21.10"
+          ],
+          [
+            "10.0.21.11",
+            "10.0.21.11"
+          ],
+          [
+            "10.0.21.12",
+            "10.0.21.12"
+          ],
+          [
+            "10.0.21.13",
+            "10.0.21.13"
+          ],
+          [
+            "10.0.21.14",
+            "10.0.21.14"
+          ],
+          [
+            "10.0.21.15",
+            "10.0.21.15"
+          ],
+          [
+            "10.0.21.16",
+            "10.0.21.16"
+          ],
+          [
+            "10.0.21.17",
+            "10.0.21.17"
+          ],
+          [
+            "10.0.21.18",
+            "10.0.21.18"
+          ],
+          [
+            "10.0.21.19",
+            "10.0.21.19"
+          ],
+          [
+            "10.0.21.20",
+            "10.0.21.20"
+          ],
+          [
+            "10.0.21.21",
+            "10.0.21.21"
+          ],
+          [
+            "10.0.21.22",
+            "10.0.21.22"
+          ],
+          [
+            "10.0.21.23",
+            "10.0.21.23"
+          ],
+          [
+            "10.0.21.24",
+            "10.0.21.24"
+          ],
+          [
+            "10.0.21.25",
+            "10.0.21.25"
+          ],
+          [
+            "10.0.21.26",
+            "10.0.21.26"
+          ],
+          [
+            "10.0.21.27",
+            "10.0.21.27"
+          ],
+          [
+            "10.0.21.28",
+            "10.0.21.28"
+          ],
+          [
+            "10.0.21.29",
+            "10.0.21.29"
+          ],
+          [
+            "10.0.21.30",
+            "10.0.21.30"
+          ],
+          [
+            "10.0.21.31",
+            "10.0.21.31"
+          ],
+          [
+            "10.0.22.1",
+            "10.0.22.1"
+          ],
+          [
+            "10.0.22.2",
+            "10.0.22.2"
+          ],
+          [
+            "10.0.22.3",
+            "10.0.22.3"
+          ],
+          [
+            "10.0.22.4",
+            "10.0.22.4"
+          ],
+          [
+            "10.0.22.5",
+            "10.0.22.5"
+          ],
+          [
+            "10.0.22.6",
+            "10.0.22.6"
+          ],
+          [
+            "10.0.22.7",
+            "10.0.22.7"
+          ],
+          [
+            "10.0.22.8",
+            "10.0.22.8"
+          ],
+          [
+            "10.0.22.9",
+            "10.0.22.9"
+          ],
+          [
+            "10.0.22.10",
+            "10.0.22.10"
+          ],
+          [
+            "10.0.22.11",
+            "10.0.22.11"
+          ],
+          [
+            "10.0.22.12",
+            "10.0.22.12"
+          ],
+          [
+            "10.0.22.13",
+            "10.0.22.13"
+          ],
+          [
+            "10.0.22.14",
+            "10.0.22.14"
+          ],
+          [
+            "10.0.22.15",
+            "10.0.22.15"
+          ],
+          [
+            "10.0.22.16",
+            "10.0.22.16"
+          ],
+          [
+            "10.0.22.17",
+            "10.0.22.17"
+          ],
+          [
+            "10.0.22.18",
+            "10.0.22.18"
+          ],
+          [
+            "10.0.22.19",
+            "10.0.22.19"
+          ],
+          [
+            "10.0.22.20",
+            "10.0.22.20"
+          ],
+          [
+            "10.0.22.21",
+            "10.0.22.21"
+          ],
+          [
+            "10.0.22.22",
+            "10.0.22.22"
+          ],
+          [
+            "10.0.22.23",
+            "10.0.22.23"
+          ],
+          [
+            "10.0.22.24",
+            "10.0.22.24"
+          ],
+          [
+            "10.0.22.25",
+            "10.0.22.25"
+          ],
+          [
+            "10.0.22.26",
+            "10.0.22.26"
+          ],
+          [
+            "10.0.22.27",
+            "10.0.22.27"
+          ],
+          [
+            "10.0.22.28",
+            "10.0.22.28"
+          ],
+          [
+            "10.0.22.29",
+            "10.0.22.29"
+          ],
+          [
+            "10.0.22.30",
+            "10.0.22.30"
+          ],
+          [
+            "10.0.22.31",
+            "10.0.22.31"
+          ],
+          [
+            "10.0.23.1",
+            "10.0.23.1"
+          ],
+          [
+            "10.0.23.2",
+            "10.0.23.2"
+          ],
+          [
+            "10.0.23.3",
+            "10.0.23.3"
+          ],
+          [
+            "10.0.23.4",
+            "10.0.23.4"
+          ],
+          [
+            "10.0.23.5",
+            "10.0.23.5"
+          ],
+          [
+            "10.0.23.6",
+            "10.0.23.6"
+          ],
+          [
+            "10.0.23.7",
+            "10.0.23.7"
+          ],
+          [
+            "10.0.23.8",
+            "10.0.23.8"
+          ],
+          [
+            "10.0.23.9",
+            "10.0.23.9"
+          ],
+          [
+            "10.0.23.10",
+            "10.0.23.10"
+          ],
+          [
+            "10.0.23.11",
+            "10.0.23.11"
+          ],
+          [
+            "10.0.23.12",
+            "10.0.23.12"
+          ],
+          [
+            "10.0.23.13",
+            "10.0.23.13"
+          ],
+          [
+            "10.0.23.14",
+            "10.0.23.14"
+          ],
+          [
+            "10.0.23.15",
+            "10.0.23.15"
+          ],
+          [
+            "10.0.23.16",
+            "10.0.23.16"
+          ],
+          [
+            "10.0.23.17",
+            "10.0.23.17"
+          ],
+          [
+            "10.0.23.18",
+            "10.0.23.18"
+          ],
+          [
+            "10.0.23.19",
+            "10.0.23.19"
+          ],
+          [
+            "10.0.23.20",
+            "10.0.23.20"
+          ],
+          [
+            "10.0.23.21",
+            "10.0.23.21"
+          ],
+          [
+            "10.0.23.22",
+            "10.0.23.22"
+          ],
+          [
+            "10.0.23.23",
+            "10.0.23.23"
+          ],
+          [
+            "10.0.23.24",
+            "10.0.23.24"
+          ],
+          [
+            "10.0.23.25",
+            "10.0.23.25"
+          ],
+          [
+            "10.0.23.26",
+            "10.0.23.26"
+          ],
+          [
+            "10.0.23.27",
+            "10.0.23.27"
+          ],
+          [
+            "10.0.23.28",
+            "10.0.23.28"
+          ],
+          [
+            "10.0.23.29",
+            "10.0.23.29"
+          ],
+          [
+            "10.0.23.30",
+            "10.0.23.30"
+          ],
+          [
+            "10.0.23.31",
+            "10.0.23.31"
+          ],
+          [
+            "10.0.24.1",
+            "10.0.24.1"
+          ],
+          [
+            "10.0.24.2",
+            "10.0.24.2"
+          ],
+          [
+            "10.0.24.3",
+            "10.0.24.3"
+          ],
+          [
+            "10.0.24.4",
+            "10.0.24.4"
+          ],
+          [
+            "10.0.24.5",
+            "10.0.24.5"
+          ],
+          [
+            "10.0.24.6",
+            "10.0.24.6"
+          ],
+          [
+            "10.0.24.7",
+            "10.0.24.7"
+          ],
+          [
+            "10.0.24.8",
+            "10.0.24.8"
+          ],
+          [
+            "10.0.24.9",
+            "10.0.24.9"
+          ],
+          [
+            "10.0.24.10",
+            "10.0.24.10"
+          ],
+          [
+            "10.0.24.11",
+            "10.0.24.11"
+          ],
+          [
+            "10.0.24.12",
+            "10.0.24.12"
+          ],
+          [
+            "10.0.24.13",
+            "10.0.24.13"
+          ],
+          [
+            "10.0.24.14",
+            "10.0.24.14"
+          ],
+          [
+            "10.0.24.15",
+            "10.0.24.15"
+          ],
+          [
+            "10.0.24.16",
+            "10.0.24.16"
+          ],
+          [
+            "10.0.24.17",
+            "10.0.24.17"
+          ],
+          [
+            "10.0.24.18",
+            "10.0.24.18"
+          ],
+          [
+            "10.0.24.19",
+            "10.0.24.19"
+          ],
+          [
+            "10.0.24.20",
+            "10.0.24.20"
+          ],
+          [
+            "10.0.24.21",
+            "10.0.24.21"
+          ],
+          [
+            "10.0.24.22",
+            "10.0.24.22"
+          ],
+          [
+            "10.0.24.23",
+            "10.0.24.23"
+          ],
+          [
+            "10.0.24.24",
+            "10.0.24.24"
+          ],
+          [
+            "10.0.24.25",
+            "10.0.24.25"
+          ],
+          [
+            "10.0.24.26",
+            "10.0.24.26"
+          ],
+          [
+            "10.0.24.27",
+            "10.0.24.27"
+          ],
+          [
+            "10.0.24.28",
+            "10.0.24.28"
+          ],
+          [
+            "10.0.24.29",
+            "10.0.24.29"
+          ],
+          [
+            "10.0.24.30",
+            "10.0.24.30"
+          ],
+          [
+            "10.0.24.31",
+            "10.0.24.31"
+          ],
+          [
+            "10.0.25.1",
+            "10.0.25.1"
+          ],
+          [
+            "10.0.25.2",
+            "10.0.25.2"
+          ],
+          [
+            "10.0.25.3",
+            "10.0.25.3"
+          ],
+          [
+            "10.0.25.4",
+            "10.0.25.4"
+          ],
+          [
+            "10.0.25.5",
+            "10.0.25.5"
+          ],
+          [
+            "10.0.25.6",
+            "10.0.25.6"
+          ],
+          [
+            "10.0.25.7",
+            "10.0.25.7"
+          ],
+          [
+            "10.0.25.8",
+            "10.0.25.8"
+          ],
+          [
+            "10.0.25.9",
+            "10.0.25.9"
+          ],
+          [
+            "10.0.25.10",
+            "10.0.25.10"
+          ],
+          [
+            "10.0.25.11",
+            "10.0.25.11"
+          ],
+          [
+            "10.0.25.12",
+            "10.0.25.12"
+          ],
+          [
+            "10.0.25.13",
+            "10.0.25.13"
+          ],
+          [
+            "10.0.25.14",
+            "10.0.25.14"
+          ],
+          [
+            "10.0.25.15",
+            "10.0.25.15"
+          ],
+          [
+            "10.0.25.16",
+            "10.0.25.16"
+          ],
+          [
+            "10.0.25.17",
+            "10.0.25.17"
+          ],
+          [
+            "10.0.25.18",
+            "10.0.25.18"
+          ],
+          [
+            "10.0.25.19",
+            "10.0.25.19"
+          ],
+          [
+            "10.0.25.20",
+            "10.0.25.20"
+          ],
+          [
+            "10.0.25.21",
+            "10.0.25.21"
+          ],
+          [
+            "10.0.25.22",
+            "10.0.25.22"
+          ],
+          [
+            "10.0.25.23",
+            "10.0.25.23"
+          ],
+          [
+            "10.0.25.24",
+            "10.0.25.24"
+          ],
+          [
+            "10.0.25.25",
+            "10.0.25.25"
+          ],
+          [
+            "10.0.25.26",
+            "10.0.25.26"
+          ],
+          [
+            "10.0.25.27",
+            "10.0.25.27"
+          ],
+          [
+            "10.0.25.28",
+            "10.0.25.28"
+          ],
+          [
+            "10.0.25.29",
+            "10.0.25.29"
+          ],
+          [
+            "10.0.25.30",
+            "10.0.25.30"
+          ],
+          [
+            "10.0.25.31",
+            "10.0.25.31"
+          ],
+          [
+            "10.0.26.1",
+            "10.0.26.1"
+          ],
+          [
+            "10.0.26.2",
+            "10.0.26.2"
+          ],
+          [
+            "10.0.26.3",
+            "10.0.26.3"
+          ],
+          [
+            "10.0.26.4",
+            "10.0.26.4"
+          ],
+          [
+            "10.0.26.5",
+            "10.0.26.5"
+          ],
+          [
+            "10.0.26.6",
+            "10.0.26.6"
+          ],
+          [
+            "10.0.26.7",
+            "10.0.26.7"
+          ],
+          [
+            "10.0.26.8",
+            "10.0.26.8"
+          ],
+          [
+            "10.0.26.9",
+            "10.0.26.9"
+          ],
+          [
+            "10.0.26.10",
+            "10.0.26.10"
+          ],
+          [
+            "10.0.26.11",
+            "10.0.26.11"
+          ],
+          [
+            "10.0.26.12",
+            "10.0.26.12"
+          ],
+          [
+            "10.0.26.13",
+            "10.0.26.13"
+          ],
+          [
+            "10.0.26.14",
+            "10.0.26.14"
+          ],
+          [
+            "10.0.26.15",
+            "10.0.26.15"
+          ],
+          [
+            "10.0.26.16",
+            "10.0.26.16"
+          ],
+          [
+            "10.0.26.17",
+            "10.0.26.17"
+          ],
+          [
+            "10.0.26.18",
+            "10.0.26.18"
+          ],
+          [
+            "10.0.26.19",
+            "10.0.26.19"
+          ],
+          [
+            "10.0.26.20",
+            "10.0.26.20"
+          ],
+          [
+            "10.0.26.21",
+            "10.0.26.21"
+          ],
+          [
+            "10.0.26.22",
+            "10.0.26.22"
+          ],
+          [
+            "10.0.26.23",
+            "10.0.26.23"
+          ],
+          [
+            "10.0.26.24",
+            "10.0.26.24"
+          ],
+          [
+            "10.0.26.25",
+            "10.0.26.25"
+          ],
+          [
+            "10.0.26.26",
+            "10.0.26.26"
+          ],
+          [
+            "10.0.26.27",
+            "10.0.26.27"
+          ],
+          [
+            "10.0.26.28",
+            "10.0.26.28"
+          ],
+          [
+            "10.0.26.29",
+            "10.0.26.29"
+          ],
+          [
+            "10.0.26.30",
+            "10.0.26.30"
+          ],
+          [
+            "10.0.26.31",
+            "10.0.26.31"
+          ],
+          [
+            "10.0.27.1",
+            "10.0.27.1"
+          ],
+          [
+            "10.0.27.2",
+            "10.0.27.2"
+          ],
+          [
+            "10.0.27.3",
+            "10.0.27.3"
+          ],
+          [
+            "10.0.27.4",
+            "10.0.27.4"
+          ],
+          [
+            "10.0.27.5",
+            "10.0.27.5"
+          ],
+          [
+            "10.0.27.6",
+            "10.0.27.6"
+          ],
+          [
+            "10.0.27.7",
+            "10.0.27.7"
+          ],
+          [
+            "10.0.27.8",
+            "10.0.27.8"
+          ],
+          [
+            "10.0.27.9",
+            "10.0.27.9"
+          ],
+          [
+            "10.0.27.10",
+            "10.0.27.10"
+          ],
+          [
+            "10.0.27.11",
+            "10.0.27.11"
+          ],
+          [
+            "10.0.27.12",
+            "10.0.27.12"
+          ],
+          [
+            "10.0.27.13",
+            "10.0.27.13"
+          ],
+          [
+            "10.0.27.14",
+            "10.0.27.14"
+          ],
+          [
+            "10.0.27.15",
+            "10.0.27.15"
+          ],
+          [
+            "10.0.27.16",
+            "10.0.27.16"
+          ],
+          [
+            "10.0.27.17",
+            "10.0.27.17"
+          ],
+          [
+            "10.0.27.18",
+            "10.0.27.18"
+          ],
+          [
+            "10.0.27.19",
+            "10.0.27.19"
+          ],
+          [
+            "10.0.27.20",
+            "10.0.27.20"
+          ],
+          [
+            "10.0.27.21",
+            "10.0.27.21"
+          ],
+          [
+            "10.0.27.22",
+            "10.0.27.22"
+          ],
+          [
+            "10.0.27.23",
+            "10.0.27.23"
+          ],
+          [
+            "10.0.27.24",
+            "10.0.27.24"
+          ],
+          [
+            "10.0.27.25",
+            "10.0.27.25"
+          ],
+          [
+            "10.0.27.26",
+            "10.0.27.26"
+          ],
+          [
+            "10.0.27.27",
+            "10.0.27.27"
+          ],
+          [
+            "10.0.27.28",
+            "10.0.27.28"
+          ],
+          [
+            "10.0.27.29",
+            "10.0.27.29"
+          ],
+          [
+            "10.0.27.30",
+            "10.0.27.30"
+          ],
+          [
+            "10.0.27.31",
+            "10.0.27.31"
+          ],
+          [
+            "10.0.28.1",
+            "10.0.28.1"
+          ],
+          [
+            "10.0.28.2",
+            "10.0.28.2"
+          ],
+          [
+            "10.0.28.3",
+            "10.0.28.3"
+          ],
+          [
+            "10.0.28.4",
+            "10.0.28.4"
+          ],
+          [
+            "10.0.28.5",
+            "10.0.28.5"
+          ],
+          [
+            "10.0.28.6",
+            "10.0.28.6"
+          ],
+          [
+            "10.0.28.7",
+            "10.0.28.7"
+          ],
+          [
+            "10.0.28.8",
+            "10.0.28.8"
+          ],
+          [
+            "10.0.28.9",
+            "10.0.28.9"
+          ],
+          [
+            "10.0.28.10",
+            "10.0.28.10"
+          ],
+          [
+            "10.0.28.11",
+            "10.0.28.11"
+          ],
+          [
+            "10.0.28.12",
+            "10.0.28.12"
+          ],
+          [
+            "10.0.28.13",
+            "10.0.28.13"
+          ],
+          [
+            "10.0.28.14",
+            "10.0.28.14"
+          ],
+          [
+            "10.0.28.15",
+            "10.0.28.15"
+          ],
+          [
+            "10.0.28.16",
+            "10.0.28.16"
+          ],
+          [
+            "10.0.28.17",
+            "10.0.28.17"
+          ],
+          [
+            "10.0.28.18",
+            "10.0.28.18"
+          ],
+          [
+            "10.0.28.19",
+            "10.0.28.19"
+          ],
+          [
+            "10.0.28.20",
+            "10.0.28.20"
+          ],
+          [
+            "10.0.28.21",
+            "10.0.28.21"
+          ],
+          [
+            "10.0.28.22",
+            "10.0.28.22"
+          ],
+          [
+            "10.0.28.23",
+            "10.0.28.23"
+          ],
+          [
+            "10.0.28.24",
+            "10.0.28.24"
+          ],
+          [
+            "10.0.28.25",
+            "10.0.28.25"
+          ],
+          [
+            "10.0.28.26",
+            "10.0.28.26"
+          ],
+          [
+            "10.0.28.27",
+            "10.0.28.27"
+          ],
+          [
+            "10.0.28.28",
+            "10.0.28.28"
+          ],
+          [
+            "10.0.28.29",
+            "10.0.28.29"
+          ],
+          [
+            "10.0.28.30",
+            "10.0.28.30"
+          ],
+          [
+            "10.0.28.31",
+            "10.0.28.31"
+          ],
+          [
+            "10.0.29.1",
+            "10.0.29.1"
+          ],
+          [
+            "10.0.29.2",
+            "10.0.29.2"
+          ],
+          [
+            "10.0.29.3",
+            "10.0.29.3"
+          ],
+          [
+            "10.0.29.4",
+            "10.0.29.4"
+          ],
+          [
+            "10.0.29.5",
+            "10.0.29.5"
+          ],
+          [
+            "10.0.29.6",
+            "10.0.29.6"
+          ],
+          [
+            "10.0.29.7",
+            "10.0.29.7"
+          ],
+          [
+            "10.0.29.8",
+            "10.0.29.8"
+          ],
+          [
+            "10.0.29.9",
+            "10.0.29.9"
+          ],
+          [
+            "10.0.29.10",
+            "10.0.29.10"
+          ],
+          [
+            "10.0.29.11",
+            "10.0.29.11"
+          ],
+          [
+            "10.0.29.12",
+            "10.0.29.12"
+          ],
+          [
+            "10.0.29.13",
+            "10.0.29.13"
+          ],
+          [
+            "10.0.29.14",
+            "10.0.29.14"
+          ],
+          [
+            "10.0.29.15",
+            "10.0.29.15"
+          ],
+          [
+            "10.0.29.16",
+            "10.0.29.16"
+          ],
+          [
+            "10.0.29.17",
+            "10.0.29.17"
+          ],
+          [
+            "10.0.29.18",
+            "10.0.29.18"
+          ],
+          [
+            "10.0.29.19",
+            "10.0.29.19"
+          ],
+          [
+            "10.0.29.20",
+            "10.0.29.20"
+          ],
+          [
+            "10.0.29.21",
+            "10.0.29.21"
+          ],
+          [
+            "10.0.29.22",
+            "10.0.29.22"
+          ],
+          [
+            "10.0.29.23",
+            "10.0.29.23"
+          ],
+          [
+            "10.0.29.24",
+            "10.0.29.24"
+          ],
+          [
+            "10.0.29.25",
+            "10.0.29.25"
+          ],
+          [
+            "10.0.29.26",
+            "10.0.29.26"
+          ],
+          [
+            "10.0.29.27",
+            "10.0.29.27"
+          ],
+          [
+            "10.0.29.28",
+            "10.0.29.28"
+          ],
+          [
+            "10.0.29.29",
+            "10.0.29.29"
+          ],
+          [
+            "10.0.29.30",
+            "10.0.29.30"
+          ],
+          [
+            "10.0.29.31",
+            "10.0.29.31"
+          ],
+          [
+            "10.0.30.1",
+            "10.0.30.1"
+          ],
+          [
+            "10.0.30.2",
+            "10.0.30.2"
+          ],
+          [
+            "10.0.30.3",
+            "10.0.30.3"
+          ],
+          [
+            "10.0.30.4",
+            "10.0.30.4"
+          ],
+          [
+            "10.0.30.5",
+            "10.0.30.5"
+          ],
+          [
+            "10.0.30.6",
+            "10.0.30.6"
+          ],
+          [
+            "10.0.30.7",
+            "10.0.30.7"
+          ],
+          [
+            "10.0.30.8",
+            "10.0.30.8"
+          ],
+          [
+            "10.0.30.9",
+            "10.0.30.9"
+          ],
+          [
+            "10.0.30.10",
+            "10.0.30.10"
+          ],
+          [
+            "10.0.30.11",
+            "10.0.30.11"
+          ],
+          [
+            "10.0.30.12",
+            "10.0.30.12"
+          ],
+          [
+            "10.0.30.13",
+            "10.0.30.13"
+          ],
+          [
+            "10.0.30.14",
+            "10.0.30.14"
+          ],
+          [
+            "10.0.30.15",
+            "10.0.30.15"
+          ],
+          [
+            "10.0.30.16",
+            "10.0.30.16"
+          ],
+          [
+            "10.0.30.17",
+            "10.0.30.17"
+          ],
+          [
+            "10.0.30.18",
+            "10.0.30.18"
+          ],
+          [
+            "10.0.30.19",
+            "10.0.30.19"
+          ],
+          [
+            "10.0.30.20",
+            "10.0.30.20"
+          ],
+          [
+            "10.0.30.21",
+            "10.0.30.21"
+          ],
+          [
+            "10.0.30.22",
+            "10.0.30.22"
+          ],
+          [
+            "10.0.30.23",
+            "10.0.30.23"
+          ],
+          [
+            "10.0.30.24",
+            "10.0.30.24"
+          ],
+          [
+            "10.0.30.25",
+            "10.0.30.25"
+          ],
+          [
+            "10.0.30.26",
+            "10.0.30.26"
+          ],
+          [
+            "10.0.30.27",
+            "10.0.30.27"
+          ],
+          [
+            "10.0.30.28",
+            "10.0.30.28"
+          ],
+          [
+            "10.0.30.29",
+            "10.0.30.29"
+          ],
+          [
+            "10.0.30.30",
+            "10.0.30.30"
+          ],
+          [
+            "10.0.30.31",
+            "10.0.30.31"
+          ],
+          [
+            "10.0.31.1",
+            "10.0.31.1"
+          ],
+          [
+            "10.0.31.2",
+            "10.0.31.2"
+          ],
+          [
+            "10.0.31.3",
+            "10.0.31.3"
+          ],
+          [
+            "10.0.31.4",
+            "10.0.31.4"
+          ],
+          [
+            "10.0.31.5",
+            "10.0.31.5"
+          ],
+          [
+            "10.0.31.6",
+            "10.0.31.6"
+          ],
+          [
+            "10.0.31.7",
+            "10.0.31.7"
+          ],
+          [
+            "10.0.31.8",
+            "10.0.31.8"
+          ],
+          [
+            "10.0.31.9",
+            "10.0.31.9"
+          ],
+          [
+            "10.0.31.10",
+            "10.0.31.10"
+          ],
+          [
+            "10.0.31.11",
+            "10.0.31.11"
+          ],
+          [
+            "10.0.31.12",
+            "10.0.31.12"
+          ],
+          [
+            "10.0.31.13",
+            "10.0.31.13"
+          ],
+          [
+            "10.0.31.14",
+            "10.0.31.14"
+          ],
+          [
+            "10.0.31.15",
+            "10.0.31.15"
+          ],
+          [
+            "10.0.31.16",
+            "10.0.31.16"
+          ],
+          [
+            "10.0.31.17",
+            "10.0.31.17"
+          ],
+          [
+            "10.0.31.18",
+            "10.0.31.18"
+          ],
+          [
+            "10.0.31.19",
+            "10.0.31.19"
+          ],
+          [
+            "10.0.31.20",
+            "10.0.31.20"
+          ],
+          [
+            "10.0.31.21",
+            "10.0.31.21"
+          ],
+          [
+            "10.0.31.22",
+            "10.0.31.22"
+          ],
+          [
+            "10.0.31.23",
+            "10.0.31.23"
+          ],
+          [
+            "10.0.31.24",
+            "10.0.31.24"
+          ],
+          [
+            "10.0.31.25",
+            "10.0.31.25"
+          ],
+          [
+            "10.0.31.26",
+            "10.0.31.26"
+          ],
+          [
+            "10.0.31.27",
+            "10.0.31.27"
+          ],
+          [
+            "10.0.31.28",
+            "10.0.31.28"
+          ],
+          [
+            "10.0.31.29",
+            "10.0.31.29"
+          ],
+          [
+            "10.0.31.30",
+            "10.0.31.30"
+          ],
+          [
+            "10.0.31.31",
+            "10.0.31.31"
+          ]
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0005interval_map_add_many_elements_0.json-nft b/tests/shell/testcases/maps/dumps/0005interval_map_add_many_elements_0.json-nft
index d87f74b3245438f6502ea222b04832517cb34280..d1a46295005339fbe77184c7ab662d54631a374b 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0005interval_map_add_many_elements_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0005interval_map_add_many_elements_0.json-nft
@@ -1 +1,69 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr", "flags": ["interval"], "elem": [[{"prefix": {"addr": "10.1.1.0", "len": 24}}, "10.0.1.1"], [{"prefix": {"addr": "10.1.2.0", "len": 24}}, "10.0.1.2"], [{"prefix": {"addr": "10.2.1.0", "len": 24}}, "10.0.2.1"], [{"prefix": {"addr": "10.2.2.0", "len": 24}}, "10.0.2.2"]]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            {
+              "prefix": {
+                "addr": "10.1.1.0",
+                "len": 24
+              }
+            },
+            "10.0.1.1"
+          ],
+          [
+            {
+              "prefix": {
+                "addr": "10.1.2.0",
+                "len": 24
+              }
+            },
+            "10.0.1.2"
+          ],
+          [
+            {
+              "prefix": {
+                "addr": "10.2.1.0",
+                "len": 24
+              }
+            },
+            "10.0.2.1"
+          ],
+          [
+            {
+              "prefix": {
+                "addr": "10.2.2.0",
+                "len": 24
+              }
+            },
+            "10.0.2.2"
+          ]
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0006interval_map_overlap_0.json-nft b/tests/shell/testcases/maps/dumps/0006interval_map_overlap_0.json-nft
index f076e26bec98326a6cbfeafe24667b075fd595bd..1e983219ae0d42776805a61c9769aab851755983 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0006interval_map_overlap_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0006interval_map_overlap_0.json-nft
@@ -1 +1,51 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr", "flags": ["interval"], "elem": [[{"prefix": {"addr": "10.0.1.0", "len": 24}}, "10.0.0.1"], [{"prefix": {"addr": "10.0.2.0", "len": 24}}, "10.0.0.2"]]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            {
+              "prefix": {
+                "addr": "10.0.1.0",
+                "len": 24
+              }
+            },
+            "10.0.0.1"
+          ],
+          [
+            {
+              "prefix": {
+                "addr": "10.0.2.0",
+                "len": 24
+              }
+            },
+            "10.0.0.2"
+          ]
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0007named_ifname_dtype_0.json-nft b/tests/shell/testcases/maps/dumps/0007named_ifname_dtype_0.json-nft
index 691b9b80b67569664c97558645567f09b37f9d25..ec409c6cb361ab8c3e52de3aeacf9d603a0f659c 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0007named_ifname_dtype_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0007named_ifname_dtype_0.json-nft
@@ -1 +1,102 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"map": {"family": "inet", "name": "m1", "table": "t", "type": "ifname", "handle": 0, "map": "ipv4_addr", "elem": [["eth0", "1.1.1.1"]]}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"payload": {"protocol": "ip", "field": "daddr"}}, "value": {"map": {"key": {"meta": {"key": "iifname"}}, "data": "@m1"}}}}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"mangle": {"key": {"payload": {"protocol": "ip", "field": "daddr"}}, "value": {"map": {"key": {"meta": {"key": "oifname"}}, "data": "@m1"}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "inet",
+        "name": "m1",
+        "table": "t",
+        "type": "ifname",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "elem": [
+          [
+            "eth0",
+            "1.1.1.1"
+          ]
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "value": {
+                "map": {
+                  "key": {
+                    "meta": {
+                      "key": "iifname"
+                    }
+                  },
+                  "data": "@m1"
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "value": {
+                "map": {
+                  "key": {
+                    "meta": {
+                      "key": "oifname"
+                    }
+                  },
+                  "data": "@m1"
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0008interval_map_delete_0.json-nft b/tests/shell/testcases/maps/dumps/0008interval_map_delete_0.json-nft
index cf4a5fda419f0700d4397e9f195e4aabfd1a6656..0f8f25dcf77c5bfbb71bc8721c1c059fe1b48a6e 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0008interval_map_delete_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0008interval_map_delete_0.json-nft
@@ -1 +1,159 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"map": {"family": "ip", "name": "m", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "mark", "flags": ["interval"], "elem": [["127.0.0.2", 2], ["127.0.0.3", 3]]}}, {"chain": {"family": "ip", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "filter", "chain": "input", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": {"map": {"key": {"payload": {"protocol": "ip", "field": "daddr"}}, "data": "@m"}}}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "mark"}}, "right": 2}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "mark"}}, "right": 3}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "input", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "m",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "mark",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            "127.0.0.2",
+            2
+          ],
+          [
+            "127.0.0.3",
+            3
+          ]
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  },
+                  "data": "@m"
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "right": 2
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "right": 3
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0009vmap_0.json-nft b/tests/shell/testcases/maps/dumps/0009vmap_0.json-nft
index d82132da814b9d597682826e65772985766f3d45..345a2c7450e8aa9c82c71aa2fb7c4c9ec1544059 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0009vmap_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0009vmap_0.json-nft
@@ -1 +1,117 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "ssh_input", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "wan_input", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "prerouting", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -300, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "wan_input", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "tcp", "field": "dport"}}, "data": {"set": [[22, {"jump": {"target": "ssh_input"}}]]}}}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "prerouting", "handle": 0, "expr": [{"vmap": {"key": {"meta": {"key": "iif"}}, "data": {"set": [[{"elem": {"val": "lo", "counter": {"packets": 0, "bytes": 0}}}, {"jump": {"target": "wan_input"}}]]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "ssh_input",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "wan_input",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -300,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "wan_input",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    22,
+                    {
+                      "jump": {
+                        "target": "ssh_input"
+                      }
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "prerouting",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "meta": {
+                  "key": "iif"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    {
+                      "elem": {
+                        "val": "lo",
+                        "counter": {
+                          "packets": 0,
+                          "bytes": 0
+                        }
+                      }
+                    },
+                    {
+                      "jump": {
+                        "target": "wan_input"
+                      }
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0012map_concat_0.json-nft b/tests/shell/testcases/maps/dumps/0012map_concat_0.json-nft
index a8376339428209dc539fcdc07eaa95db1ca8acd8..08fce28624c01d980de461308155cf93e1211ac0 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0012map_concat_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0012map_concat_0.json-nft
@@ -1 +1,132 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "w", "table": "x", "type": ["ipv4_addr", "mark"], "handle": 0, "map": "verdict", "flags": ["interval"], "elem": [[{"elem": {"val": {"concat": [{"range": ["127.0.0.1", "127.0.0.4"]}, {"range": [1193012, 11534626]}]}, "counter": {"packets": 0, "bytes": 0}}}, {"accept": null}]], "stmt": [{"counter": null}]}}, {"chain": {"family": "ip", "table": "x", "name": "k", "handle": 0, "type": "filter", "hook": "input", "prio": 1, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "k", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": 1193012}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "k", "handle": 0, "expr": [{"vmap": {"key": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"meta": {"key": "mark"}}]}, "data": "@w"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "w",
+        "table": "x",
+        "type": [
+          "ipv4_addr",
+          "mark"
+        ],
+        "handle": 0,
+        "map": "verdict",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            {
+              "elem": {
+                "val": {
+                  "concat": [
+                    {
+                      "range": [
+                        "127.0.0.1",
+                        "127.0.0.4"
+                      ]
+                    },
+                    {
+                      "range": [
+                        1193012,
+                        11534626
+                      ]
+                    }
+                  ]
+                },
+                "counter": {
+                  "packets": 0,
+                  "bytes": 0
+                }
+              }
+            },
+            {
+              "accept": null
+            }
+          ]
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "k",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 1,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "k",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": 1193012
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "k",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "meta": {
+                      "key": "mark"
+                    }
+                  }
+                ]
+              },
+              "data": "@w"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0013map_0.json-nft b/tests/shell/testcases/maps/dumps/0013map_0.json-nft
index 872ca9bc4fe0d9468efae502b208267a4af7d75a..0379746a1e0622102d478366430a617073042397 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0013map_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0013map_0.json-nft
@@ -1 +1,128 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"map": {"family": "ip", "name": "forwport", "table": "filter", "type": ["ipv4_addr", "inet_proto", "inet_service"], "handle": 0, "map": "verdict", "flags": ["interval"], "elem": [[{"elem": {"val": {"concat": ["10.133.89.138", "tcp", 8081]}, "counter": {"packets": 0, "bytes": 0}}}, {"accept": null}]], "stmt": [{"counter": null}]}}, {"chain": {"family": "ip", "table": "filter", "name": "FORWARD", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "drop"}}, {"rule": {"family": "ip", "table": "filter", "chain": "FORWARD", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "enp0s8"}}, {"vmap": {"key": {"concat": [{"payload": {"protocol": "ip", "field": "daddr"}}, {"payload": {"protocol": "ip", "field": "protocol"}}, {"payload": {"protocol": "th", "field": "dport"}}]}, "data": "@forwport"}}, {"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "forwport",
+        "table": "filter",
+        "type": [
+          "ipv4_addr",
+          "inet_proto",
+          "inet_service"
+        ],
+        "handle": 0,
+        "map": "verdict",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            {
+              "elem": {
+                "val": {
+                  "concat": [
+                    "10.133.89.138",
+                    "tcp",
+                    8081
+                  ]
+                },
+                "counter": {
+                  "packets": 0,
+                  "bytes": 0
+                }
+              }
+            },
+            {
+              "accept": null
+            }
+          ]
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "FORWARD",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "drop"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "enp0s8"
+            }
+          },
+          {
+            "vmap": {
+              "key": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "protocol"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "th",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "data": "@forwport"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0014destroy_0.json-nft b/tests/shell/testcases/maps/dumps/0014destroy_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0014destroy_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0014destroy_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0016map_leak_0.json-nft b/tests/shell/testcases/maps/dumps/0016map_leak_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0016map_leak_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0016map_leak_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0017_map_variable_0.json-nft b/tests/shell/testcases/maps/dumps/0017_map_variable_0.json-nft
index 1893f37e099d21adcef1cae3bc7e73d044bcf6a4..725498cdcbef8e5fb5e063cab36ad14644f3f880 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0017_map_variable_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0017_map_variable_0.json-nft
@@ -1 +1,58 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "mark", "elem": [["1.1.1.1", 2], ["*", 3]]}}, {"map": {"family": "ip", "name": "z", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "mark", "elem": [["1.1.1.1", 2], ["*", 3]]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "mark",
+        "elem": [
+          [
+            "1.1.1.1",
+            2
+          ],
+          [
+            "*",
+            3
+          ]
+        ]
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "z",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "mark",
+        "elem": [
+          [
+            "1.1.1.1",
+            2
+          ],
+          [
+            "*",
+            3
+          ]
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/0018map_leak_timeout_0.json-nft b/tests/shell/testcases/maps/dumps/0018map_leak_timeout_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/maps/dumps/0018map_leak_timeout_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/0018map_leak_timeout_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/anon_objmap_concat.json-nft b/tests/shell/testcases/maps/dumps/anon_objmap_concat.json-nft
index 4b3af99daa28ab5aa92419c9c4a227ab8c9923a8..f8352344eec73f93a8f23316db4b543e8c486d55 100644 (file)
--- a/tests/shell/testcases/maps/dumps/anon_objmap_concat.json-nft
+++ b/tests/shell/testcases/maps/dumps/anon_objmap_concat.json-nft
@@ -1 +1,116 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"ct helper": {"family": "inet", "name": "sip-5060u", "table": "filter", "handle": 0, "type": "sip", "protocol": "udp", "l3proto": "ip"}}, {"ct helper": {"family": "inet", "name": "sip-5060t", "table": "filter", "handle": 0, "type": "sip", "protocol": "tcp", "l3proto": "ip"}}, {"chain": {"family": "inet", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "input", "handle": 0, "expr": [{"ct helper": {"map": {"key": {"concat": [{"payload": {"protocol": "ip", "field": "protocol"}}, {"payload": {"protocol": "th", "field": "dport"}}]}, "data": {"set": [[{"concat": ["udp", {"range": [10000, 20000]}]}, "sip-5060u"], [{"concat": ["tcp", {"range": [10000, 20000]}]}, "sip-5060t"]]}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "ct helper": {
+        "family": "inet",
+        "name": "sip-5060u",
+        "table": "filter",
+        "handle": 0,
+        "type": "sip",
+        "protocol": "udp",
+        "l3proto": "ip"
+      }
+    },
+    {
+      "ct helper": {
+        "family": "inet",
+        "name": "sip-5060t",
+        "table": "filter",
+        "handle": 0,
+        "type": "sip",
+        "protocol": "tcp",
+        "l3proto": "ip"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "ct helper": {
+              "map": {
+                "key": {
+                  "concat": [
+                    {
+                      "payload": {
+                        "protocol": "ip",
+                        "field": "protocol"
+                      }
+                    },
+                    {
+                      "payload": {
+                        "protocol": "th",
+                        "field": "dport"
+                      }
+                    }
+                  ]
+                },
+                "data": {
+                  "set": [
+                    [
+                      {
+                        "concat": [
+                          "udp",
+                          {
+                            "range": [
+                              10000,
+                              20000
+                            ]
+                          }
+                        ]
+                      },
+                      "sip-5060u"
+                    ],
+                    [
+                      {
+                        "concat": [
+                          "tcp",
+                          {
+                            "range": [
+                              10000,
+                              20000
+                            ]
+                          }
+                        ]
+                      },
+                      "sip-5060t"
+                    ]
+                  ]
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/anonymous_snat_map_0.json-nft b/tests/shell/testcases/maps/dumps/anonymous_snat_map_0.json-nft
index d102a3deee55f077f6412e01a075cb7e197859b6..f4c55706787c6d6e4c05e744d09ac7ca2c30123f 100644 (file)
--- a/tests/shell/testcases/maps/dumps/anonymous_snat_map_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/anonymous_snat_map_0.json-nft
@@ -1 +1,58 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "nat", "handle": 0}}, {"chain": {"family": "ip", "table": "nat", "name": "postrouting", "handle": 0}}, {"rule": {"family": "ip", "table": "nat", "chain": "postrouting", "handle": 0, "expr": [{"snat": {"addr": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [["1.1.1.1", "2.2.2.2"]]}}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "nat",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "nat",
+        "name": "postrouting",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "nat",
+        "chain": "postrouting",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        "1.1.1.1",
+                        "2.2.2.2"
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/different_map_types_1.json-nft b/tests/shell/testcases/maps/dumps/different_map_types_1.json-nft
index eae6d80e4ca17c9be92d2df653708436d39d1f11..ed0ce0edc4896b9d048492a0ba6ad22cc4b8f420 100644 (file)
--- a/tests/shell/testcases/maps/dumps/different_map_types_1.json-nft
+++ b/tests/shell/testcases/maps/dumps/different_map_types_1.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "output", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "output",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/map_catchall_double_deactivate.json-nft b/tests/shell/testcases/maps/dumps/map_catchall_double_deactivate.json-nft
index b9c9972d99c185fadd922365b02d6ffef987a3a2..49b8bb29d45a3c3f3625a7ac9526fab8e0d04fea 100644 (file)
--- a/tests/shell/testcases/maps/dumps/map_catchall_double_deactivate.json-nft
+++ b/tests/shell/testcases/maps/dumps/map_catchall_double_deactivate.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"chain": {"family": "ip", "table": "test", "name": "testchain", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "testchain",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/map_with_flags_0.json-nft b/tests/shell/testcases/maps/dumps/map_with_flags_0.json-nft
index ce06ee3bb9895ab8c3760ea1fb863760fce1e688..97b7e94e59fa414be50b15fd98f112e7dab20a7a 100644 (file)
--- a/tests/shell/testcases/maps/dumps/map_with_flags_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/map_with_flags_0.json-nft
@@ -1 +1,31 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr", "flags": ["timeout"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "flags": [
+          "timeout"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/named_snat_map_0.json-nft b/tests/shell/testcases/maps/dumps/named_snat_map_0.json-nft
index de40011f9b396d8a056bf95713dc9442ec76774e..ed141597f7f85007c94f42c7333adb73116d98e4 100644 (file)
--- a/tests/shell/testcases/maps/dumps/named_snat_map_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/named_snat_map_0.json-nft
@@ -1 +1,67 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "nat", "handle": 0}}, {"map": {"family": "ip", "name": "m", "table": "nat", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr", "elem": [["1.1.1.1", "2.2.2.2"]]}}, {"chain": {"family": "ip", "table": "nat", "name": "postrouting", "handle": 0}}, {"rule": {"family": "ip", "table": "nat", "chain": "postrouting", "handle": 0, "expr": [{"snat": {"addr": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": "@m"}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "nat",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "m",
+        "table": "nat",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "elem": [
+          [
+            "1.1.1.1",
+            "2.2.2.2"
+          ]
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "nat",
+        "name": "postrouting",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "nat",
+        "chain": "postrouting",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": "@m"
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.json-nft b/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.json-nft
index 475a52e39eb09cfcf01e2ad53a5b4ee35008e95c..4a58602a99cd4948d77b0ee799a2766f3db749d2 100644 (file)
--- a/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.json-nft
+++ b/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.json-nft
@@ -1 +1,283 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "dynset", "handle": 0}}, {"map": {"family": "ip", "name": "dynmark", "table": "dynset", "type": "ipv4_addr", "handle": 0, "map": "mark", "size": 64, "flags": ["timeout"], "timeout": 300, "stmt": [{"counter": null}]}}, {"chain": {"family": "ip", "table": "dynset", "name": "test_ping", "handle": 0}}, {"chain": {"family": "ip", "table": "dynset", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "dynset", "chain": "test_ping", "handle": 0, "comment": "should not increment", "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@dynmark"}}, {"counter": {"packets": 0, "bytes": 0}}]}}, {"rule": {"family": "ip", "table": "dynset", "chain": "test_ping", "handle": 0, "expr": [{"match": {"op": "!=", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@dynmark"}}, {"map": {"op": "add", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": 1, "map": "@dynmark"}}, {"counter": {"packets": 1, "bytes": 84}}]}}, {"rule": {"family": "ip", "table": "dynset", "chain": "test_ping", "handle": 0, "comment": "should increment", "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@dynmark"}}, {"counter": {"packets": 1, "bytes": 84}}]}}, {"rule": {"family": "ip", "table": "dynset", "chain": "test_ping", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@dynmark"}}, {"map": {"op": "delete", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": 1, "map": "@dynmark"}}]}}, {"rule": {"family": "ip", "table": "dynset", "chain": "test_ping", "handle": 0, "comment": "delete should be instant but might fail under memory pressure", "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@dynmark"}}, {"counter": {"packets": 0, "bytes": 0}}]}}, {"rule": {"family": "ip", "table": "dynset", "chain": "input", "handle": 0, "comment": "also check timeout-gc", "expr": [{"map": {"op": "add", "elem": {"elem": {"val": "10.2.3.4", "timeout": 1}}, "data": 2, "map": "@dynmark"}}]}}, {"rule": {"family": "ip", "table": "dynset", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "icmp"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "127.0.0.42"}}, {"jump": {"target": "test_ping"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "dynset",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "dynmark",
+        "table": "dynset",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "mark",
+        "size": 64,
+        "flags": [
+          "timeout"
+        ],
+        "timeout": 300,
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "dynset",
+        "name": "test_ping",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "dynset",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "dynset",
+        "chain": "test_ping",
+        "handle": 0,
+        "comment": "should not increment",
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@dynmark"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "dynset",
+        "chain": "test_ping",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "!=",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@dynmark"
+            }
+          },
+          {
+            "map": {
+              "op": "add",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": 1,
+              "map": "@dynmark"
+            }
+          },
+          {
+            "counter": {
+              "packets": 1,
+              "bytes": 84
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "dynset",
+        "chain": "test_ping",
+        "handle": 0,
+        "comment": "should increment",
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@dynmark"
+            }
+          },
+          {
+            "counter": {
+              "packets": 1,
+              "bytes": 84
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "dynset",
+        "chain": "test_ping",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@dynmark"
+            }
+          },
+          {
+            "map": {
+              "op": "delete",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": 1,
+              "map": "@dynmark"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "dynset",
+        "chain": "test_ping",
+        "handle": 0,
+        "comment": "delete should be instant but might fail under memory pressure",
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@dynmark"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "dynset",
+        "chain": "input",
+        "handle": 0,
+        "comment": "also check timeout-gc",
+        "expr": [
+          {
+            "map": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": "10.2.3.4",
+                  "timeout": 1
+                }
+              },
+              "data": 2,
+              "map": "@dynmark"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "dynset",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "icmp"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "127.0.0.42"
+            }
+          },
+          {
+            "jump": {
+              "target": "test_ping"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/maps/dumps/typeof_maps_update_0.json-nft b/tests/shell/testcases/maps/dumps/typeof_maps_update_0.json-nft
index 35f6518c4164de8d75463a47a42f6abf228c969a..826785d1fc04dd9eda4c5350b1865c0045c76f84 100644 (file)
--- a/tests/shell/testcases/maps/dumps/typeof_maps_update_0.json-nft
+++ b/tests/shell/testcases/maps/dumps/typeof_maps_update_0.json-nft
@@ -1 +1,110 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "kube-nfproxy-v4", "handle": 0}}, {"map": {"family": "ip", "name": "sticky-set-svc-M53CN2XYVUHRQ7UB", "table": "kube-nfproxy-v4", "type": "ipv4_addr", "handle": 0, "map": "mark", "size": 65535, "flags": ["timeout"], "timeout": 360}}, {"map": {"family": "ip", "name": "sticky-set-svc-153CN2XYVUHRQ7UB", "table": "kube-nfproxy-v4", "type": "ipv4_addr", "handle": 0, "map": "mark", "size": 65535, "flags": ["timeout"], "timeout": 60}}, {"chain": {"family": "ip", "table": "kube-nfproxy-v4", "name": "k8s-nfproxy-sep-TMVEFT7EX55F4T62", "handle": 0}}, {"chain": {"family": "ip", "table": "kube-nfproxy-v4", "name": "k8s-nfproxy-sep-GMVEFT7EX55F4T62", "handle": 0}}, {"rule": {"family": "ip", "table": "kube-nfproxy-v4", "chain": "k8s-nfproxy-sep-TMVEFT7EX55F4T62", "handle": 0, "expr": [{"map": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": 2, "map": "@sticky-set-svc-M53CN2XYVUHRQ7UB"}}]}}, {"rule": {"family": "ip", "table": "kube-nfproxy-v4", "chain": "k8s-nfproxy-sep-GMVEFT7EX55F4T62", "handle": 0, "expr": [{"map": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": 3, "map": "@sticky-set-svc-153CN2XYVUHRQ7UB"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "kube-nfproxy-v4",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "sticky-set-svc-M53CN2XYVUHRQ7UB",
+        "table": "kube-nfproxy-v4",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "mark",
+        "size": 65535,
+        "flags": [
+          "timeout"
+        ],
+        "timeout": 360
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "sticky-set-svc-153CN2XYVUHRQ7UB",
+        "table": "kube-nfproxy-v4",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "mark",
+        "size": 65535,
+        "flags": [
+          "timeout"
+        ],
+        "timeout": 60
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "kube-nfproxy-v4",
+        "name": "k8s-nfproxy-sep-TMVEFT7EX55F4T62",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "kube-nfproxy-v4",
+        "name": "k8s-nfproxy-sep-GMVEFT7EX55F4T62",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "kube-nfproxy-v4",
+        "chain": "k8s-nfproxy-sep-TMVEFT7EX55F4T62",
+        "handle": 0,
+        "expr": [
+          {
+            "map": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": 2,
+              "map": "@sticky-set-svc-M53CN2XYVUHRQ7UB"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "kube-nfproxy-v4",
+        "chain": "k8s-nfproxy-sep-GMVEFT7EX55F4T62",
+        "handle": 0,
+        "expr": [
+          {
+            "map": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": 3,
+              "map": "@sticky-set-svc-153CN2XYVUHRQ7UB"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/netns/dumps/0001nft-f_0.json-nft b/tests/shell/testcases/netns/dumps/0001nft-f_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/netns/dumps/0001nft-f_0.json-nft
+++ b/tests/shell/testcases/netns/dumps/0001nft-f_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/netns/dumps/0002loosecommands_0.json-nft b/tests/shell/testcases/netns/dumps/0002loosecommands_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/netns/dumps/0002loosecommands_0.json-nft
+++ b/tests/shell/testcases/netns/dumps/0002loosecommands_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/netns/dumps/0003many_0.json-nft b/tests/shell/testcases/netns/dumps/0003many_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/netns/dumps/0003many_0.json-nft
+++ b/tests/shell/testcases/netns/dumps/0003many_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0001define_slash_0.json-nft b/tests/shell/testcases/nft-f/dumps/0001define_slash_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0001define_slash_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0001define_slash_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0002rollback_rule_0.json-nft b/tests/shell/testcases/nft-f/dumps/0002rollback_rule_0.json-nft
index 85368b463a56543253f23589dee8fb56af675869..8d500578d998c88bcb946651a716fa4c491766e8 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0002rollback_rule_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0002rollback_rule_0.json-nft
@@ -1 +1,134 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "t", "table": "t", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1"]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "other", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22222, 33333]}}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@t"}}, {"drop": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"jump": {"target": "other"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "t",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "other",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22222,
+                  33333
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@t"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "other"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0003rollback_jump_0.json-nft b/tests/shell/testcases/nft-f/dumps/0003rollback_jump_0.json-nft
index 85368b463a56543253f23589dee8fb56af675869..8d500578d998c88bcb946651a716fa4c491766e8 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0003rollback_jump_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0003rollback_jump_0.json-nft
@@ -1 +1,134 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "t", "table": "t", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1"]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "other", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22222, 33333]}}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@t"}}, {"drop": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"jump": {"target": "other"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "t",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "other",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22222,
+                  33333
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@t"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "other"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0004rollback_set_0.json-nft b/tests/shell/testcases/nft-f/dumps/0004rollback_set_0.json-nft
index 85368b463a56543253f23589dee8fb56af675869..8d500578d998c88bcb946651a716fa4c491766e8 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0004rollback_set_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0004rollback_set_0.json-nft
@@ -1 +1,134 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "t", "table": "t", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1"]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "other", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22222, 33333]}}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@t"}}, {"drop": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"jump": {"target": "other"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "t",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "other",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22222,
+                  33333
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@t"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "other"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0005rollback_map_0.json-nft b/tests/shell/testcases/nft-f/dumps/0005rollback_map_0.json-nft
index 85368b463a56543253f23589dee8fb56af675869..8d500578d998c88bcb946651a716fa4c491766e8 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0005rollback_map_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0005rollback_map_0.json-nft
@@ -1 +1,134 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "t", "table": "t", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1"]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "other", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22222, 33333]}}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@t"}}, {"drop": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"jump": {"target": "other"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "t",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "other",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22222,
+                  33333
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@t"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "other"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0006action_object_0.json-nft b/tests/shell/testcases/nft-f/dumps/0006action_object_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0006action_object_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0006action_object_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0007action_object_set_segfault_1.json-nft b/tests/shell/testcases/nft-f/dumps/0007action_object_set_segfault_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0007action_object_set_segfault_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0007action_object_set_segfault_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0008split_tables_0.json-nft b/tests/shell/testcases/nft-f/dumps/0008split_tables_0.json-nft
index 29a0c08a835b5a5f91e71e9b9051ec6fc53c59fe..05ebed5a18addd02f30d2f579adfafffb7350797 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0008split_tables_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0008split_tables_0.json-nft
@@ -1 +1,67 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "ssh", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"chain": {"family": "inet", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 1, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "ssh", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "ssh",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 1,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "ssh",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0009variable_0.json-nft b/tests/shell/testcases/nft-f/dumps/0009variable_0.json-nft
index 685d8818907fb7f496d6710d7dcd3d6c0475ed5f..41236dbe95b6df30e76436627e83b5ad865f2900 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0009variable_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0009variable_0.json-nft
@@ -1 +1,44 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "forward", "handle": 0}}, {"set": {"family": "inet", "name": "concat-set-variable", "table": "forward", "type": ["ipv4_addr", "inet_service"], "handle": 0, "elem": [{"concat": ["10.10.10.10", 25]}, {"concat": ["10.10.10.10", 143]}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "forward",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "concat-set-variable",
+        "table": "forward",
+        "type": [
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "elem": [
+          {
+            "concat": [
+              "10.10.10.10",
+              25
+            ]
+          },
+          {
+            "concat": [
+              "10.10.10.10",
+              143
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0010variable_0.json-nft b/tests/shell/testcases/nft-f/dumps/0010variable_0.json-nft
index 87de402641b5e5284d9242a3740d65fc1164f7d1..4b4ec4fb41ecf1add17b51825d4489704b1adea7 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0010variable_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0010variable_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "whitelist_v4", "table": "filter", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "whitelist_v4",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0013defines_1.json-nft b/tests/shell/testcases/nft-f/dumps/0013defines_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0013defines_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0013defines_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0014defines_1.json-nft b/tests/shell/testcases/nft-f/dumps/0014defines_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0014defines_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0014defines_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0015defines_1.json-nft b/tests/shell/testcases/nft-f/dumps/0015defines_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0015defines_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0015defines_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0016redefines_1.json-nft b/tests/shell/testcases/nft-f/dumps/0016redefines_1.json-nft
index f183d66d2c32f749fe223a51db066e704ddc59c0..40cdb00043bd0842a40948b1cb63179ff06095a8 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0016redefines_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0016redefines_1.json-nft
@@ -1 +1,80 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": {"set": ["1.1.1.1", "2.2.2.2"]}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": {"set": ["3.3.3.3", "4.4.4.4"]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "1.1.1.1",
+                  "2.2.2.2"
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "3.3.3.3",
+                  "4.4.4.4"
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0018ct_expectation_obj_0.json-nft b/tests/shell/testcases/nft-f/dumps/0018ct_expectation_obj_0.json-nft
index 1babf28b013532656b31ca47e0b09a2399fd752c..5e2b07f0d7aced11cb5bb9a4ac2fb4aa83d9b427 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0018ct_expectation_obj_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0018ct_expectation_obj_0.json-nft
@@ -1 +1,52 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"ct expectation": {"family": "ip", "name": "ctexpect", "table": "filter", "handle": 0, "protocol": "tcp", "dport": 9876, "timeout": 60000, "size": 12, "l3proto": "ip"}}, {"chain": {"family": "ip", "table": "filter", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "filter", "chain": "c", "handle": 0, "expr": [{"ct expectation": "ctexpect"}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "ct expectation": {
+        "family": "ip",
+        "name": "ctexpect",
+        "table": "filter",
+        "handle": 0,
+        "protocol": "tcp",
+        "dport": 9876,
+        "timeout": 60000,
+        "size": 12,
+        "l3proto": "ip"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "ct expectation": "ctexpect"
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0018jump_variable_0.json-nft b/tests/shell/testcases/nft-f/dumps/0018jump_variable_0.json-nft
index 6b7d6c9105c75bd799f4e62ba395af3600568ea8..f62b48a3ad61ddea261ca1dcadea3fe23238e90e 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0018jump_variable_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0018jump_variable_0.json-nft
@@ -1 +1,49 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "foo", "handle": 0}}, {"chain": {"family": "ip", "table": "foo", "name": "bar", "handle": 0}}, {"chain": {"family": "ip", "table": "foo", "name": "ber", "handle": 0}}, {"rule": {"family": "ip", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"jump": {"target": "ber"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "foo",
+        "name": "bar",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "foo",
+        "name": "ber",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "ber"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0019jump_variable_1.json-nft b/tests/shell/testcases/nft-f/dumps/0019jump_variable_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0019jump_variable_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0019jump_variable_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0020jump_variable_1.json-nft b/tests/shell/testcases/nft-f/dumps/0020jump_variable_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0020jump_variable_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0020jump_variable_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0021list_ruleset_0.json-nft b/tests/shell/testcases/nft-f/dumps/0021list_ruleset_0.json-nft
index b072c7ef4080558073761e7a9503db173342351f..f41b1b047a75f86b463ed777307a58a5963c354e 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0021list_ruleset_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0021list_ruleset_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"chain": {"family": "ip", "table": "filter", "name": "prerouting", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -50, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -50,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0022variables_0.json-nft b/tests/shell/testcases/nft-f/dumps/0022variables_0.json-nft
index 3e0f5489e38342ea24efaf7cf972ecd99190a6a5..b971454fc3ae0a11ca0d6c34316bf9f7463e3240 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0022variables_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0022variables_0.json-nft
@@ -1 +1,115 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["timeout", "dynamic"]}}, {"chain": {"family": "ip", "table": "x", "name": "z", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "z", "handle": 0, "expr": [{"set": {"op": "add", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "set": "@y"}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "z", "handle": 0, "expr": [{"set": {"op": "update", "elem": {"elem": {"val": {"payload": {"protocol": "ip", "field": "saddr"}}, "timeout": 30}}, "set": "@y"}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "z", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@y"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "z",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "set": "@y"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "timeout": 30
+                }
+              },
+              "set": "@y"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@y"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0023check_1.json-nft b/tests/shell/testcases/nft-f/dumps/0023check_1.json-nft
index fe8603c7c3bdd6324ea71a00a4e95339c6ea27b2..ddb2a057452ed49c670b3dabe4f23cafd002d2f5 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0023check_1.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0023check_1.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "foo", "handle": 0}}, {"chain": {"family": "ip", "table": "foo", "name": "bar", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "foo",
+        "name": "bar",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0025empty_dynset_0.json-nft b/tests/shell/testcases/nft-f/dumps/0025empty_dynset_0.json-nft
index 0272e203b3cd9ebf066f1c1a0e6a051bd55d30be..0cde23b00000af30e0dee357b15265ce89371633 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0025empty_dynset_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0025empty_dynset_0.json-nft
@@ -1 +1,111 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "foo", "handle": 0}}, {"set": {"family": "ip", "name": "inflows", "table": "foo", "type": ["ipv4_addr", "inet_service", "ifname", "ipv4_addr", "inet_service"], "handle": 0, "flags": ["dynamic"], "elem": [{"elem": {"val": {"concat": ["10.1.0.3", 39466, "veth1", "10.3.0.99", 5201]}, "counter": {"packets": 0, "bytes": 0}}}]}}, {"set": {"family": "ip", "name": "inflows6", "table": "foo", "type": ["ipv6_addr", "inet_service", "ifname", "ipv6_addr", "inet_service"], "handle": 0, "flags": ["dynamic"]}}, {"set": {"family": "ip", "name": "inflows_ratelimit", "table": "foo", "type": ["ipv4_addr", "inet_service", "ifname", "ipv4_addr", "inet_service"], "handle": 0, "flags": ["dynamic"], "elem": [{"elem": {"val": {"concat": ["10.1.0.3", 39466, "veth1", "10.3.0.99", 5201]}, "limit": {"rate": 1, "burst": 5, "per": "second"}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "inflows",
+        "table": "foo",
+        "type": [
+          "ipv4_addr",
+          "inet_service",
+          "ifname",
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "flags": [
+          "dynamic"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": {
+                "concat": [
+                  "10.1.0.3",
+                  39466,
+                  "veth1",
+                  "10.3.0.99",
+                  5201
+                ]
+              },
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "inflows6",
+        "table": "foo",
+        "type": [
+          "ipv6_addr",
+          "inet_service",
+          "ifname",
+          "ipv6_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "inflows_ratelimit",
+        "table": "foo",
+        "type": [
+          "ipv4_addr",
+          "inet_service",
+          "ifname",
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "flags": [
+          "dynamic"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": {
+                "concat": [
+                  "10.1.0.3",
+                  39466,
+                  "veth1",
+                  "10.3.0.99",
+                  5201
+                ]
+              },
+              "limit": {
+                "rate": 1,
+                "burst": 5,
+                "per": "second"
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0026listing_0.json-nft b/tests/shell/testcases/nft-f/dumps/0026listing_0.json-nft
index bda56fa5731ce9e385e2a9eab1c1ad4518350e0a..8acdcdf4b11df56d65047aeefedcddf9b9a2381d 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0026listing_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0026listing_0.json-nft
@@ -1 +1,56 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "A", "handle": 0}}, {"chain": {"family": "ip", "table": "A", "name": "B", "handle": 0}}, {"rule": {"family": "ip", "table": "A", "chain": "B", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [1, 2]}}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "A",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "A",
+        "name": "B",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "A",
+        "chain": "B",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  1,
+                  2
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0027split_chains_0.json-nft b/tests/shell/testcases/nft-f/dumps/0027split_chains_0.json-nft
index 006e0ff2a234d330536d80dad39dd3625fab7f60..bda8bfc9fd78c2f8cfc4b830559409ac2405e75d 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0027split_chains_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0027split_chains_0.json-nft
@@ -1 +1,53 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "x", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "input", "handle": 0, "expr": [{"jump": {"target": "x"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "x"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.json-nft b/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.json-nft
index 3e9ac8d4838efe114382e3265799a1fe639bf4f3..69d826dfff3c4628150702ae7e71bd706b169e4c 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.json-nft
@@ -1 +1,34 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "whitelist_v4", "table": "filter", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1", "2.2.2.2", "3.3.3.3", "4.4.4.4", "5.5.5.5"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "whitelist_v4",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1",
+          "2.2.2.2",
+          "3.3.3.3",
+          "4.4.4.4",
+          "5.5.5.5"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0029split_file_0.json-nft b/tests/shell/testcases/nft-f/dumps/0029split_file_0.json-nft
index 9bd6ca1424526542a1c733bce2e238cab28282b2..c2aa400aa150f3037ba3a5129b0aef0600931cb4 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0029split_file_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0029split_file_0.json-nft
@@ -1 +1,61 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "whitelist_v4", "table": "filter", "type": "ipv4_addr", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "prerouting", "handle": 0, "type": "filter", "hook": "prerouting", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "prerouting", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "@whitelist_v4"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "whitelist_v4",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "prerouting",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "@whitelist_v4"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0030variable_reuse_0.json-nft b/tests/shell/testcases/nft-f/dumps/0030variable_reuse_0.json-nft
index 6352e757b3a39906b84c5311f72b502dd58172fd..e0704b7db7d234257be0d1195fbd77cc9b8ffdff 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0030variable_reuse_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0030variable_reuse_0.json-nft
@@ -1 +1,44 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1", "2.2.2.2"]}}, {"set": {"family": "ip", "name": "z", "table": "x", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1", "3.3.3.3"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1",
+          "2.2.2.2"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "z",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1",
+          "3.3.3.3"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0031vmap_string_0.json-nft b/tests/shell/testcases/nft-f/dumps/0031vmap_string_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0031vmap_string_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0031vmap_string_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft b/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft
index 46cc7cd706081d5655fde342fc560ff152680b85..57d57bb9ea8c364b50176afb936a7dca28fd8fc4 100644 (file)
--- a/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft
+++ b/tests/shell/testcases/nft-f/dumps/0032pknock_0.json-nft
@@ -1 +1,484 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "portknock", "handle": 0}}, {"set": {"family": "inet", "name": "clients_ipv4", "table": "portknock", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["timeout", "dynamic"]}}, {"set": {"family": "inet", "name": "candidates_ipv4", "table": "portknock", "type": ["ipv4_addr", "inet_service"], "handle": 0, "size": 65535, "flags": ["timeout", "dynamic"]}}, {"chain": {"family": "inet", "table": "portknock", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": -10, "policy": "accept"}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10001}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10002]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10002}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10003]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10003}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10004]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10004}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 10005]}, "timeout": 1}}, "set": "@candidates_ipv4"}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 10005}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": "@candidates_ipv4"}}, {"set": {"op": "add", "elem": {"elem": {"val": {"payload": {"protocol": "ip", "field": "saddr"}}, "timeout": 600}}, "set": "@clients_ipv4"}}, {"log": {"prefix": "Successful portknock: "}}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@clients_ipv4"}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["established", "related"]}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "portknock", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"reject": {"type": "tcp reset"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "portknock",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "clients_ipv4",
+        "table": "portknock",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "candidates_ipv4",
+        "table": "portknock",
+        "type": [
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "portknock",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": -10,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 10001
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "saddr"
+                        }
+                      },
+                      10002
+                    ]
+                  },
+                  "timeout": 1
+                }
+              },
+              "set": "@candidates_ipv4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 10002
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": "@candidates_ipv4"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "saddr"
+                        }
+                      },
+                      10003
+                    ]
+                  },
+                  "timeout": 1
+                }
+              },
+              "set": "@candidates_ipv4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 10003
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": "@candidates_ipv4"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "saddr"
+                        }
+                      },
+                      10004
+                    ]
+                  },
+                  "timeout": 1
+                }
+              },
+              "set": "@candidates_ipv4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 10004
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": "@candidates_ipv4"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "saddr"
+                        }
+                      },
+                      10005
+                    ]
+                  },
+                  "timeout": 1
+                }
+              },
+              "set": "@candidates_ipv4"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 10005
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": "@candidates_ipv4"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "timeout": 600
+                }
+              },
+              "set": "@clients_ipv4"
+            }
+          },
+          {
+            "log": {
+              "prefix": "Successful portknock: "
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@clients_ipv4"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "established",
+                "related"
+              ]
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "portknock",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "reject": {
+              "type": "tcp reset"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/nft-i/dumps/0001define_0.json-nft b/tests/shell/testcases/nft-i/dumps/0001define_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/nft-i/dumps/0001define_0.json-nft
+++ b/tests/shell/testcases/nft-i/dumps/0001define_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/dependency_kill.json-nft b/tests/shell/testcases/optimizations/dumps/dependency_kill.json-nft
index 7085061b98706f2bfb149106ca7484d34f4642f2..712182e9db007e5f31734350b9dcc88a94f75416 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/dependency_kill.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/dependency_kill.json-nft
@@ -1 +1,776 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "bridge", "name": "foo", "handle": 0}}, {"chain": {"family": "bridge", "table": "foo", "name": "bar", "handle": 0}}, {"rule": {"family": "bridge", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "bridge", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "bridge", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "bridge", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"table": {"family": "ip", "name": "foo", "handle": 0}}, {"chain": {"family": "ip", "table": "foo", "name": "bar", "handle": 0}}, {"rule": {"family": "ip", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "ip", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "ip", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "ip", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"table": {"family": "ip6", "name": "foo", "handle": 0}}, {"chain": {"family": "ip6", "table": "foo", "name": "bar", "handle": 0}}, {"rule": {"family": "ip6", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "ip6", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "ip6", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "ip6", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"table": {"family": "netdev", "name": "foo", "handle": 0}}, {"chain": {"family": "netdev", "table": "foo", "name": "bar", "handle": 0}}, {"rule": {"family": "netdev", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "netdev", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "netdev", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "netdev", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"table": {"family": "inet", "name": "foo", "handle": 0}}, {"chain": {"family": "inet", "table": "foo", "name": "bar", "handle": 0}}, {"rule": {"family": "inet", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "inet", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "protocol"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "inet", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "inet", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "type"}}, "right": "ip6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "inet", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "nfproto"}}, "right": "ipv4"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}, {"rule": {"family": "inet", "table": "foo", "chain": "bar", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "nfproto"}}, "right": "ipv6"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 67}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "bridge",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "bridge",
+        "table": "foo",
+        "name": "bar",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "bridge",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "bridge",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "bridge",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "bridge",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "foo",
+        "name": "bar",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "foo",
+        "name": "bar",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "foo",
+        "name": "bar",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "netdev",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "netdev",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "netdev",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "netdev",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "foo",
+        "name": "bar",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "protocol"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "type"
+                }
+              },
+              "right": "ip6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "nfproto"
+                }
+              },
+              "right": "ipv4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "foo",
+        "chain": "bar",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "nfproto"
+                }
+              },
+              "right": "ipv6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 67
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_nat.json-nft b/tests/shell/testcases/optimizations/dumps/merge_nat.json-nft
index c4e448e74ca41f35f03b1d52bd37db0611ba1552..a6cf1bfc707daac9ad50577f1274b4f3f66db2a2 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_nat.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_nat.json-nft
@@ -1 +1,379 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test1", "handle": 0}}, {"chain": {"family": "ip", "table": "test1", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "test1", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oif"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "test1", "chain": "y", "handle": 0, "expr": [{"dnat": {"addr": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [["4.4.4.4", "1.1.1.1"], ["5.5.5.5", "2.2.2.2"]]}}}}}]}}, {"table": {"family": "ip", "name": "test2", "handle": 0}}, {"chain": {"family": "ip", "table": "test2", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "test2", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oif"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "test2", "chain": "y", "handle": 0, "expr": [{"dnat": {"family": "ip", "addr": {"map": {"key": {"payload": {"protocol": "tcp", "field": "dport"}}, "data": {"set": [[80, {"concat": ["1.1.1.1", 8001]}], [81, {"concat": ["2.2.2.2", 9001]}]]}}}}}]}}, {"rule": {"family": "ip", "table": "test2", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": {"set": [{"prefix": {"addr": "10.141.11.0", "len": 24}}, {"prefix": {"addr": "10.141.13.0", "len": 24}}]}}}, {"masquerade": null}]}}, {"table": {"family": "ip", "name": "test4", "handle": 0}}, {"chain": {"family": "ip", "table": "test4", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "test4", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oif"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "test4", "chain": "y", "handle": 0, "expr": [{"dnat": {"family": "ip", "addr": {"map": {"key": {"concat": [{"payload": {"protocol": "ip", "field": "daddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "data": {"set": [[{"concat": ["1.1.1.1", 80]}, {"concat": ["4.4.4.4", 8000]}], [{"concat": ["2.2.2.2", 81]}, {"concat": ["3.3.3.3", 9000]}]]}}}}}]}}, {"rule": {"family": "ip", "table": "test4", "chain": "y", "handle": 0, "expr": [{"redirect": {"port": {"map": {"key": {"payload": {"protocol": "tcp", "field": "dport"}}, "data": {"set": [[83, 8083], [84, 8084]]}}}}}]}}, {"rule": {"family": "ip", "table": "test4", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 85}}, {"redirect": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test1",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test1",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oif"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test1",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "dnat": {
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        "4.4.4.4",
+                        "1.1.1.1"
+                      ],
+                      [
+                        "5.5.5.5",
+                        "2.2.2.2"
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test2",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test2",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oif"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test2",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "dnat": {
+              "family": "ip",
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        80,
+                        {
+                          "concat": [
+                            "1.1.1.1",
+                            8001
+                          ]
+                        }
+                      ],
+                      [
+                        81,
+                        {
+                          "concat": [
+                            "2.2.2.2",
+                            9001
+                          ]
+                        }
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test2",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "prefix": {
+                      "addr": "10.141.11.0",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "10.141.13.0",
+                      "len": 24
+                    }
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "masquerade": null
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test4",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test4",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test4",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oif"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test4",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "dnat": {
+              "family": "ip",
+              "addr": {
+                "map": {
+                  "key": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "daddr"
+                        }
+                      },
+                      {
+                        "payload": {
+                          "protocol": "tcp",
+                          "field": "dport"
+                        }
+                      }
+                    ]
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        {
+                          "concat": [
+                            "1.1.1.1",
+                            80
+                          ]
+                        },
+                        {
+                          "concat": [
+                            "4.4.4.4",
+                            8000
+                          ]
+                        }
+                      ],
+                      [
+                        {
+                          "concat": [
+                            "2.2.2.2",
+                            81
+                          ]
+                        },
+                        {
+                          "concat": [
+                            "3.3.3.3",
+                            9000
+                          ]
+                        }
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test4",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "redirect": {
+              "port": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        83,
+                        8083
+                      ],
+                      [
+                        84,
+                        8084
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test4",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 85
+            }
+          },
+          {
+            "redirect": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_nat_concat.json-nft b/tests/shell/testcases/optimizations/dumps/merge_nat_concat.json-nft
index 33f7771f1ed21ccf2d7990cc7eabe9617293f13d..dc67feeccb7f5416df8ebc1b758fcf4bbb41d715 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_nat_concat.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_nat_concat.json-nft
@@ -1 +1,200 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test3", "handle": 0}}, {"chain": {"family": "ip", "table": "test3", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "test3", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oif"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "test3", "chain": "y", "handle": 0, "expr": [{"snat": {"addr": {"map": {"key": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "sport"}}]}, "data": {"set": [[{"concat": ["1.1.1.1", {"range": [1024, 65535]}]}, "3.3.3.3"], [{"concat": ["2.2.2.2", {"range": [1024, 65535]}]}, "4.4.4.4"]]}}}}}]}}, {"rule": {"family": "ip", "table": "test3", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "enp2s0"}}, {"snat": {"family": "ip", "addr": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [[{"prefix": {"addr": "10.1.1.0", "len": 24}}, {"range": ["72.2.3.66", "72.2.3.78"]}]]}}}}}]}}, {"rule": {"family": "ip", "table": "test3", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [8888, 9999]}}}, {"redirect": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test3",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test3",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test3",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oif"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test3",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "addr": {
+                "map": {
+                  "key": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "saddr"
+                        }
+                      },
+                      {
+                        "payload": {
+                          "protocol": "tcp",
+                          "field": "sport"
+                        }
+                      }
+                    ]
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        {
+                          "concat": [
+                            "1.1.1.1",
+                            {
+                              "range": [
+                                1024,
+                                65535
+                              ]
+                            }
+                          ]
+                        },
+                        "3.3.3.3"
+                      ],
+                      [
+                        {
+                          "concat": [
+                            "2.2.2.2",
+                            {
+                              "range": [
+                                1024,
+                                65535
+                              ]
+                            }
+                          ]
+                        },
+                        "4.4.4.4"
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test3",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "enp2s0"
+            }
+          },
+          {
+            "snat": {
+              "family": "ip",
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        {
+                          "prefix": {
+                            "addr": "10.1.1.0",
+                            "len": 24
+                          }
+                        },
+                        {
+                          "range": [
+                            "72.2.3.66",
+                            "72.2.3.78"
+                          ]
+                        }
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test3",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  8888,
+                  9999
+                ]
+              }
+            }
+          },
+          {
+            "redirect": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_reject.json-nft b/tests/shell/testcases/optimizations/dumps/merge_reject.json-nft
index 0716929762e24eaa4435de9a8fd91e7d25aa2aed..46ed0677d203e453edf4ccd1a8a89c9d853eb827 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_reject.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_reject.json-nft
@@ -1 +1,320 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "172.30.33.70"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 3306}}, {"counter": {"packets": 0, "bytes": 0}}, {"drop": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"meta": {"key": "l4proto"}}, {"payload": {"protocol": "ip", "field": "daddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": {"set": [{"concat": ["tcp", "172.30.238.117", 8080]}, {"concat": ["tcp", "172.30.33.71", 3306]}, {"concat": ["tcp", "172.30.254.251", 3306]}]}}}, {"counter": {"packets": 0, "bytes": 0}}, {"reject": {"type": "icmp", "expr": "port-unreachable"}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "172.30.254.252"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 3306}}, {"counter": {"packets": 0, "bytes": 0}}, {"reject": {"type": "tcp reset"}}]}}, {"table": {"family": "ip6", "name": "x", "handle": 0}}, {"chain": {"family": "ip6", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip6", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"meta": {"key": "l4proto"}}, {"payload": {"protocol": "ip6", "field": "daddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": {"set": [{"concat": ["tcp", "aaaa::3", 8080]}, {"concat": ["tcp", "aaaa::2", 3306]}, {"concat": ["tcp", "aaaa::4", 3306]}]}}}, {"counter": {"packets": 0, "bytes": 0}}, {"reject": {"type": "icmpv6", "expr": "port-unreachable"}}]}}, {"rule": {"family": "ip6", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": "aaaa::5"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 3306}}, {"counter": {"packets": 0, "bytes": 0}}, {"reject": {"type": "tcp reset"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "172.30.33.70"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 3306
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "meta": {
+                      "key": "l4proto"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      "tcp",
+                      "172.30.238.117",
+                      8080
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "tcp",
+                      "172.30.33.71",
+                      3306
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "tcp",
+                      "172.30.254.251",
+                      3306
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "reject": {
+              "type": "icmp",
+              "expr": "port-unreachable"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "172.30.254.252"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 3306
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "reject": {
+              "type": "tcp reset"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "meta": {
+                      "key": "l4proto"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "ip6",
+                      "field": "daddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      "tcp",
+                      "aaaa::3",
+                      8080
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "tcp",
+                      "aaaa::2",
+                      3306
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "tcp",
+                      "aaaa::4",
+                      3306
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "reject": {
+              "type": "icmpv6",
+              "expr": "port-unreachable"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": "aaaa::5"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 3306
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "reject": {
+              "type": "tcp reset"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_stmts.json-nft b/tests/shell/testcases/optimizations/dumps/merge_stmts.json-nft
index b8229b40cd00909c1751505fa6bec182362555ba..c392b76ae97d7c5241078b1f4a83a35f1799f736 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_stmts.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_stmts.json-nft
@@ -1 +1,63 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": {"set": ["192.168.0.1", "192.168.0.2", "192.168.0.3"]}}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "192.168.0.1",
+                  "192.168.0.2",
+                  "192.168.0.3"
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_stmts_concat.json-nft b/tests/shell/testcases/optimizations/dumps/merge_stmts_concat.json-nft
index cc076f0efc2625c18b23806af02101971cb126f4..267d84efffa3f23f3d5e52ec65687eb39a257598 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_stmts_concat.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_stmts_concat.json-nft
@@ -1 +1,374 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "c2", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "c3", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"meta": {"key": "iifname"}}, {"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "ip", "field": "daddr"}}]}, "right": {"set": [{"concat": ["eth1", "1.1.1.1", "2.2.2.3"]}, {"concat": ["eth1", "1.1.1.2", "2.2.2.4"]}, {"concat": ["eth1", "1.1.1.2", {"prefix": {"addr": "2.2.3.0", "len": 24}}]}, {"concat": ["eth1", "1.1.1.2", {"range": ["2.2.4.0", "2.2.4.10"]}]}, {"concat": ["eth2", "1.1.1.3", "2.2.2.5"]}]}}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "protocol"}}, {"payload": {"protocol": "th", "field": "dport"}}]}, "right": {"set": [{"concat": ["tcp", 22]}, {"concat": ["udp", 67]}]}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "c1", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "udp", "field": "dport"}}, {"meta": {"key": "iifname"}}]}, "right": {"set": [{"concat": [51820, "foo"]}, {"concat": [514, "bar"]}, {"concat": [67, "bar"]}]}}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "c2", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "udp", "field": "dport"}}, {"meta": {"key": "iifname"}}]}, "right": {"set": [{"concat": [100, "foo"]}, {"concat": [51820, "foo"]}, {"concat": [514, "bar"]}, {"concat": [67, "bar"]}]}}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "c3", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "udp", "field": "dport"}}, {"meta": {"key": "iifname"}}]}, "right": {"set": [{"concat": [100, "foo"]}, {"concat": [51820, "foo"]}, {"concat": [514, "bar"]}, {"concat": [67, "bar"]}, {"concat": [100, "test"]}, {"concat": [51820, "test"]}]}}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "c3",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "meta": {
+                      "key": "iifname"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      "eth1",
+                      "1.1.1.1",
+                      "2.2.2.3"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "eth1",
+                      "1.1.1.2",
+                      "2.2.2.4"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "eth1",
+                      "1.1.1.2",
+                      {
+                        "prefix": {
+                          "addr": "2.2.3.0",
+                          "len": 24
+                        }
+                      }
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "eth1",
+                      "1.1.1.2",
+                      {
+                        "range": [
+                          "2.2.4.0",
+                          "2.2.4.10"
+                        ]
+                      }
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "eth2",
+                      "1.1.1.3",
+                      "2.2.2.5"
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "protocol"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "th",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      "tcp",
+                      22
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "udp",
+                      67
+                    ]
+                  }
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "udp",
+                      "field": "dport"
+                    }
+                  },
+                  {
+                    "meta": {
+                      "key": "iifname"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      51820,
+                      "foo"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      514,
+                      "bar"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      67,
+                      "bar"
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "udp",
+                      "field": "dport"
+                    }
+                  },
+                  {
+                    "meta": {
+                      "key": "iifname"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      100,
+                      "foo"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      51820,
+                      "foo"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      514,
+                      "bar"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      67,
+                      "bar"
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "c3",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "udp",
+                      "field": "dport"
+                    }
+                  },
+                  {
+                    "meta": {
+                      "key": "iifname"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      100,
+                      "foo"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      51820,
+                      "foo"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      514,
+                      "bar"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      67,
+                      "bar"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      100,
+                      "test"
+                    ]
+                  },
+                  {
+                    "concat": [
+                      51820,
+                      "test"
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_stmts_concat_vmap.json-nft b/tests/shell/testcases/optimizations/dumps/merge_stmts_concat_vmap.json-nft
index 2e499064c78e0b26aa8c89e53d823807be1b75bf..5dfa40a821ebe2087390845f4a28f1d7f89468f5 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_stmts_concat_vmap.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_stmts_concat_vmap.json-nft
@@ -1 +1,167 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "x", "handle": 0, "expr": [{"vmap": {"key": {"concat": [{"meta": {"key": "pkttype"}}, {"payload": {"protocol": "udp", "field": "dport"}}]}, "data": {"set": [[{"concat": ["broadcast", 547]}, {"accept": null}], [{"concat": ["broadcast", 67]}, {"accept": null}], [{"concat": ["multicast", 1900]}, {"drop": null}]]}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"vmap": {"key": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "ip", "field": "daddr"}}]}, "data": {"set": [[{"concat": ["1.1.1.1", "2.2.2.2"]}, {"accept": null}], [{"concat": ["2.2.2.2", "3.3.3.3"]}, {"drop": null}], [{"concat": ["4.4.4.4", "5.5.5.5"]}, {"accept": null}]]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "x",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "concat": [
+                  {
+                    "meta": {
+                      "key": "pkttype"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "udp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "data": {
+                "set": [
+                  [
+                    {
+                      "concat": [
+                        "broadcast",
+                        547
+                      ]
+                    },
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        "broadcast",
+                        67
+                      ]
+                    },
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        "multicast",
+                        1900
+                      ]
+                    },
+                    {
+                      "drop": null
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  }
+                ]
+              },
+              "data": {
+                "set": [
+                  [
+                    {
+                      "concat": [
+                        "1.1.1.1",
+                        "2.2.2.2"
+                      ]
+                    },
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        "2.2.2.2",
+                        "3.3.3.3"
+                      ]
+                    },
+                    {
+                      "drop": null
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        "4.4.4.4",
+                        "5.5.5.5"
+                      ]
+                    },
+                    {
+                      "accept": null
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_stmts_vmap.json-nft b/tests/shell/testcases/optimizations/dumps/merge_stmts_vmap.json-nft
index 5658927656ef5cdfd5014b5d3c8f76dead51e348..17d57b8f1d632372d6c4a30c8a2d0171e972de54 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_stmts_vmap.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_stmts_vmap.json-nft
@@ -1 +1,182 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "z", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "w", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"vmap": {"key": {"ct": {"key": "state"}}, "data": {"set": [["invalid", {"drop": null}], ["established", {"accept": null}], ["related", {"accept": null}]]}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "z", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "tcp", "field": "dport"}}, "data": {"set": [[1, {"accept": null}], [{"range": [2, 3]}, {"drop": null}], [4, {"accept": null}]]}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "w", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [[{"elem": {"val": "1.1.1.1", "counter": {"packets": 0, "bytes": 0}}}, {"accept": null}], [{"elem": {"val": "1.1.1.2", "counter": {"packets": 0, "bytes": 0}}}, {"drop": null}]]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "z",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "w",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    "invalid",
+                    {
+                      "drop": null
+                    }
+                  ],
+                  [
+                    "established",
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    "related",
+                    {
+                      "accept": null
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    1,
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    {
+                      "range": [
+                        2,
+                        3
+                      ]
+                    },
+                    {
+                      "drop": null
+                    }
+                  ],
+                  [
+                    4,
+                    {
+                      "accept": null
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "w",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    {
+                      "elem": {
+                        "val": "1.1.1.1",
+                        "counter": {
+                          "packets": 0,
+                          "bytes": 0
+                        }
+                      }
+                    },
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    {
+                      "elem": {
+                        "val": "1.1.1.2",
+                        "counter": {
+                          "packets": 0,
+                          "bytes": 0
+                        }
+                      }
+                    },
+                    {
+                      "drop": null
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_vmap_raw.json-nft b/tests/shell/testcases/optimizations/dumps/merge_vmap_raw.json-nft
index c6d7db539a5a298c0c22d6a38761dc39c2f10bac..b8ad126cd296182bed9ef4d2565fdb97ad979ced 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_vmap_raw.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_vmap_raw.json-nft
@@ -1 +1,438 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "x", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "nat_dns_dnstc", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "nat_dns_this_5301", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "nat_dns_saturn_5301", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "nat_dns_saturn_5302", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "nat_dns_saturn_5303", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "nat_dns_acme", "handle": 0}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_dnstc", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "udp"}}, {"redirect": {"port": 5300}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_dnstc", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_this_5301", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "udp"}}, {"redirect": {"port": 5301}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_this_5301", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_saturn_5301", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "nfproto"}}, "right": "ipv4"}}, {"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "udp"}}, {"dnat": {"family": "ip", "addr": "240.0.1.2", "port": 5301}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_saturn_5301", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_saturn_5302", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "nfproto"}}, "right": "ipv4"}}, {"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "udp"}}, {"dnat": {"family": "ip", "addr": "240.0.1.2", "port": 5302}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_saturn_5302", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_saturn_5303", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "nfproto"}}, "right": "ipv4"}}, {"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": "udp"}}, {"dnat": {"family": "ip", "addr": "240.0.1.2", "port": 5303}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_saturn_5303", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_acme", "handle": 0, "expr": [{"vmap": {"key": {"concat": [{"payload": {"protocol": "udp", "field": "length"}}, {"payload": {"base": "th", "offset": 160, "len": 128}}]}, "data": {"set": [[{"concat": [{"range": [47, 63]}, "0xe373135363130333131303735353203"]}, {"goto": {"target": "nat_dns_dnstc"}}], [{"concat": [{"range": [62, 78]}, "0xe31393032383939353831343037320e"]}, {"goto": {"target": "nat_dns_this_5301"}}], [{"concat": [{"range": [62, 78]}, "0xe31363436323733373931323934300e"]}, {"goto": {"target": "nat_dns_saturn_5301"}}], [{"concat": [{"range": [62, 78]}, "0xe32393535373539353636383732310e"]}, {"goto": {"target": "nat_dns_saturn_5302"}}], [{"concat": [{"range": [62, 78]}, "0xe38353439353637323038363633390e"]}, {"goto": {"target": "nat_dns_saturn_5303"}}]]}}}]}}, {"rule": {"family": "inet", "table": "x", "chain": "nat_dns_acme", "handle": 0, "expr": [{"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "nat_dns_dnstc",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "nat_dns_this_5301",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "nat_dns_saturn_5301",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "nat_dns_saturn_5302",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "nat_dns_saturn_5303",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "nat_dns_acme",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_dnstc",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "udp"
+            }
+          },
+          {
+            "redirect": {
+              "port": 5300
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_dnstc",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_this_5301",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "udp"
+            }
+          },
+          {
+            "redirect": {
+              "port": 5301
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_this_5301",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_saturn_5301",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "nfproto"
+                }
+              },
+              "right": "ipv4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "udp"
+            }
+          },
+          {
+            "dnat": {
+              "family": "ip",
+              "addr": "240.0.1.2",
+              "port": 5301
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_saturn_5301",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_saturn_5302",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "nfproto"
+                }
+              },
+              "right": "ipv4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "udp"
+            }
+          },
+          {
+            "dnat": {
+              "family": "ip",
+              "addr": "240.0.1.2",
+              "port": 5302
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_saturn_5302",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_saturn_5303",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "nfproto"
+                }
+              },
+              "right": "ipv4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": "udp"
+            }
+          },
+          {
+            "dnat": {
+              "family": "ip",
+              "addr": "240.0.1.2",
+              "port": 5303
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_saturn_5303",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_acme",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "udp",
+                      "field": "length"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "base": "th",
+                      "offset": 160,
+                      "len": 128
+                    }
+                  }
+                ]
+              },
+              "data": {
+                "set": [
+                  [
+                    {
+                      "concat": [
+                        {
+                          "range": [
+                            47,
+                            63
+                          ]
+                        },
+                        "0xe373135363130333131303735353203"
+                      ]
+                    },
+                    {
+                      "goto": {
+                        "target": "nat_dns_dnstc"
+                      }
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        {
+                          "range": [
+                            62,
+                            78
+                          ]
+                        },
+                        "0xe31393032383939353831343037320e"
+                      ]
+                    },
+                    {
+                      "goto": {
+                        "target": "nat_dns_this_5301"
+                      }
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        {
+                          "range": [
+                            62,
+                            78
+                          ]
+                        },
+                        "0xe31363436323733373931323934300e"
+                      ]
+                    },
+                    {
+                      "goto": {
+                        "target": "nat_dns_saturn_5301"
+                      }
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        {
+                          "range": [
+                            62,
+                            78
+                          ]
+                        },
+                        "0xe32393535373539353636383732310e"
+                      ]
+                    },
+                    {
+                      "goto": {
+                        "target": "nat_dns_saturn_5302"
+                      }
+                    }
+                  ],
+                  [
+                    {
+                      "concat": [
+                        {
+                          "range": [
+                            62,
+                            78
+                          ]
+                        },
+                        "0xe38353439353637323038363633390e"
+                      ]
+                    },
+                    {
+                      "goto": {
+                        "target": "nat_dns_saturn_5303"
+                      }
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "nat_dns_acme",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/merge_vmaps.json-nft b/tests/shell/testcases/optimizations/dumps/merge_vmaps.json-nft
index 3711e31e189be1c44ddf56613ed365391ad15ac8..f2ac7917cd590817cec6771c8ca7487e1c2fc246 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/merge_vmaps.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/merge_vmaps.json-nft
@@ -1 +1,205 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"chain": {"family": "ip", "table": "x", "name": "filter_in_tcp", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "filter_in_udp", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"set": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "set": "@s", "stmt": [{"limit": {"rate": 12, "burst": 30, "per": "minute"}}]}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "tcp", "field": "dport"}}, "data": {"set": [[80, {"accept": null}], [81, {"accept": null}], [443, {"accept": null}], [{"range": [8000, 8100]}, {"accept": null}], [{"range": [24000, 25000]}, {"accept": null}]]}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"vmap": {"key": {"meta": {"key": "l4proto"}}, "data": {"set": [["tcp", {"goto": {"target": "filter_in_tcp"}}], ["udp", {"goto": {"target": "filter_in_udp"}}]]}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"log": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "filter_in_tcp",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "filter_in_udp",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "set": "@s",
+              "stmt": [
+                {
+                  "limit": {
+                    "rate": 12,
+                    "burst": 30,
+                    "per": "minute"
+                  }
+                }
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    80,
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    81,
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    443,
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    {
+                      "range": [
+                        8000,
+                        8100
+                      ]
+                    },
+                    {
+                      "accept": null
+                    }
+                  ],
+                  [
+                    {
+                      "range": [
+                        24000,
+                        25000
+                      ]
+                    },
+                    {
+                      "accept": null
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    "tcp",
+                    {
+                      "goto": {
+                        "target": "filter_in_tcp"
+                      }
+                    }
+                  ],
+                  [
+                    "udp",
+                    {
+                      "goto": {
+                        "target": "filter_in_udp"
+                      }
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "log": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/not_mergeable.json-nft b/tests/shell/testcases/optimizations/dumps/not_mergeable.json-nft
index bf0745b2020bb91ef4bff15b2d25e5c66d838c1e..8e64ba1ec454090efade76e08b2b85fb9644845f 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/not_mergeable.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/not_mergeable.json-nft
@@ -1 +1,140 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "t1", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "t2", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "t3", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "t4", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"jump": {"target": "t1"}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"jump": {"target": "t2"}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "ip", "field": "version"}}, "data": {"set": [[4, {"jump": {"target": "t3"}}], [6, {"jump": {"target": "t4"}}]]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "t1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "t2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "t3",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "t4",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "jump": {
+              "target": "t1"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "jump": {
+              "target": "t2"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "version"
+                }
+              },
+              "data": {
+                "set": [
+                  [
+                    4,
+                    {
+                      "jump": {
+                        "target": "t3"
+                      }
+                    }
+                  ],
+                  [
+                    6,
+                    {
+                      "jump": {
+                        "target": "t4"
+                      }
+                    }
+                  ]
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/ruleset.json-nft b/tests/shell/testcases/optimizations/dumps/ruleset.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/ruleset.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/ruleset.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/single_anon_set_expr.json-nft b/tests/shell/testcases/optimizations/dumps/single_anon_set_expr.json-nft
index f8057cf6f62cb774cec66be4339102b92f1acf12..c8adddb1c38cf0a7719cc3083985ab40a7a0b03e 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/single_anon_set_expr.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/single_anon_set_expr.json-nft
@@ -1 +1,59 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"chain": {"family": "ip", "table": "test", "name": "test", "handle": 0}}, {"rule": {"family": "ip", "table": "test", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "mark"}}, "right": {"set": [{"elem": {"val": 10, "counter": {"packets": 0, "bytes": 0}}}]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "elem": {
+                      "val": 10,
+                      "counter": {
+                        "packets": 0,
+                        "bytes": 0
+                      }
+                    }
+                  }
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/skip_merge.json-nft b/tests/shell/testcases/optimizations/dumps/skip_merge.json-nft
index 8ac27d8dd69f9028b710904dfdcce891355011ad..3404a2e7521a60d310fba0a8c990561a53a975e6 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/skip_merge.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/skip_merge.json-nft
@@ -1 +1,235 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "udp_accepted", "table": "filter", "type": "inet_service", "handle": 0, "elem": [500, 4500]}}, {"set": {"family": "inet", "name": "tcp_accepted", "table": "filter", "type": "inet_service", "handle": 0, "elem": [80, 443]}}, {"chain": {"family": "inet", "table": "filter", "name": "udp_input", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "tcp_input", "handle": 0}}, {"rule": {"family": "inet", "table": "filter", "chain": "udp_input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": {"range": [1, 128]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "udp_input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": "@udp_accepted"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "udp_input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 53}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "tcp_input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [{"range": [1, 128]}, {"range": [8888, 9999]}]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "tcp_input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": "@tcp_accepted"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "tcp_input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"range": [1024, 65535]}}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "udp_accepted",
+        "table": "filter",
+        "type": "inet_service",
+        "handle": 0,
+        "elem": [
+          500,
+          4500
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "tcp_accepted",
+        "table": "filter",
+        "type": "inet_service",
+        "handle": 0,
+        "elem": [
+          80,
+          443
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "udp_input",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "tcp_input",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "udp_input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "range": [
+                  1,
+                  128
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "udp_input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": "@udp_accepted"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "udp_input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 53
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "tcp_input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "range": [
+                      1,
+                      128
+                    ]
+                  },
+                  {
+                    "range": [
+                      8888,
+                      9999
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "tcp_input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": "@tcp_accepted"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "tcp_input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "range": [
+                  1024,
+                  65535
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/skip_non_eq.json-nft b/tests/shell/testcases/optimizations/dumps/skip_non_eq.json-nft
index a9393c7589d8fd73ac6d08552beb6b0888bcfb8f..19296d0255f39e1d87ed0842c0024b94d0e836d3 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/skip_non_eq.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/skip_non_eq.json-nft
@@ -1 +1,108 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "x", "handle": 0}}, {"chain": {"family": "inet", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "eth0"}}, {"match": {"op": "!=", "left": {"meta": {"key": "oifname"}}, "right": "eth0"}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "eth0"}}, {"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "eth0"}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "eth0"
+            }
+          },
+          {
+            "match": {
+              "op": "!=",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "eth0"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "eth0"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "eth0"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/skip_unsupported.json-nft b/tests/shell/testcases/optimizations/dumps/skip_unsupported.json-nft
index 2600bb57dda6e7c11e5a902705d592e65036ec6d..a082020695b63095b5b2eb6179e4e4332be69374 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/skip_unsupported.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/skip_unsupported.json-nft
@@ -1 +1,256 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "x", "handle": 0}}, {"set": {"family": "inet", "name": "GEOIP_CC_wan-lan_120", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "1.32.128.0", "len": 18}}, {"range": ["1.32.200.0", "1.32.204.128"]}, {"prefix": {"addr": "1.32.207.0", "len": 24}}, {"range": ["1.32.216.118", "1.32.216.255"]}, {"range": ["1.32.219.0", "1.32.222.255"]}, {"prefix": {"addr": "1.32.226.0", "len": 23}}, {"prefix": {"addr": "1.32.231.0", "len": 24}}, {"prefix": {"addr": "1.32.233.0", "len": 24}}, {"prefix": {"addr": "1.32.238.0", "len": 23}}, {"prefix": {"addr": "1.32.240.0", "len": 24}}, {"prefix": {"addr": "223.223.220.0", "len": 22}}, {"prefix": {"addr": "223.255.254.0", "len": 24}}]}}, {"chain": {"family": "inet", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "1.2.3.4"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 80}}, {"mangle": {"key": {"meta": {"key": "mark"}}, "value": 10}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "1.2.3.4"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 81}}, {"mangle": {"key": {"meta": {"key": "mark"}}, "value": 11}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "tcp", "field": "dport"}}]}, "right": {"set": [{"concat": ["1.2.3.5", 81]}, {"concat": ["1.2.3.5", 82]}]}}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "GEOIP_CC_wan-lan_120",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "1.32.128.0",
+              "len": 18
+            }
+          },
+          {
+            "range": [
+              "1.32.200.0",
+              "1.32.204.128"
+            ]
+          },
+          {
+            "prefix": {
+              "addr": "1.32.207.0",
+              "len": 24
+            }
+          },
+          {
+            "range": [
+              "1.32.216.118",
+              "1.32.216.255"
+            ]
+          },
+          {
+            "range": [
+              "1.32.219.0",
+              "1.32.222.255"
+            ]
+          },
+          {
+            "prefix": {
+              "addr": "1.32.226.0",
+              "len": 23
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.32.231.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.32.233.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.32.238.0",
+              "len": 23
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.32.240.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "223.223.220.0",
+              "len": 22
+            }
+          },
+          {
+            "prefix": {
+              "addr": "223.255.254.0",
+              "len": 24
+            }
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "1.2.3.4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 80
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": 10
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "1.2.3.4"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 81
+            }
+          },
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": 11
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "tcp",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      "1.2.3.5",
+                      81
+                    ]
+                  },
+                  {
+                    "concat": [
+                      "1.2.3.5",
+                      82
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optimizations/dumps/variables.json-nft b/tests/shell/testcases/optimizations/dumps/variables.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/variables.json-nft
+++ b/tests/shell/testcases/optimizations/dumps/variables.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/comments_0.json-nft b/tests/shell/testcases/optionals/dumps/comments_0.json-nft
index 53d33b701704dc427a028e7f5aeeaca01e349153..aef4b3e4e4fd01c5191b6748c7ec76348b505dbe 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/comments_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/comments_0.json-nft
@@ -1 +1,58 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"chain": {"family": "ip", "table": "test", "name": "test", "handle": 0}}, {"rule": {"family": "ip", "table": "test", "chain": "test", "handle": 0, "comment": "test_comment", "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "comment": "test_comment",
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/comments_chain_0.json-nft b/tests/shell/testcases/optionals/dumps/comments_chain_0.json-nft
index c57ab0bec2523eb8242b0b195eb6e31dae7ee34d..4c752e80b61690ecedebed2542d143cf377da236 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/comments_chain_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/comments_chain_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test_table", "handle": 0}}, {"chain": {"family": "ip", "table": "test_table", "name": "test_chain", "handle": 0, "comment": "test"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test_table",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test_table",
+        "name": "test_chain",
+        "handle": 0,
+        "comment": "test"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/comments_handles_0.json-nft b/tests/shell/testcases/optionals/dumps/comments_handles_0.json-nft
index 53d33b701704dc427a028e7f5aeeaca01e349153..aef4b3e4e4fd01c5191b6748c7ec76348b505dbe 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/comments_handles_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/comments_handles_0.json-nft
@@ -1 +1,58 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"chain": {"family": "ip", "table": "test", "name": "test", "handle": 0}}, {"rule": {"family": "ip", "table": "test", "chain": "test", "handle": 0, "comment": "test_comment", "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "comment": "test_comment",
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/comments_objects_dup_0.json-nft b/tests/shell/testcases/optionals/dumps/comments_objects_dup_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/comments_objects_dup_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/comments_objects_dup_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/comments_table_0.json-nft b/tests/shell/testcases/optionals/dumps/comments_table_0.json-nft
index 5f3c759d7cdf630ca51a6643241663713c352406..8512c7de057d69fad6162b8f797d73bcf310738a 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/comments_table_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/comments_table_0.json-nft
@@ -1 +1,19 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0, "comment": "test_comment"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0,
+        "comment": "test_comment"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/delete_object_handles_0.json-nft b/tests/shell/testcases/optionals/dumps/delete_object_handles_0.json-nft
index 8961a1e6a41a5391fa47fb18fd045736177ffb2d..583ce528c797bbea9e02f904f74179de2f41d756 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/delete_object_handles_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/delete_object_handles_0.json-nft
@@ -1 +1,67 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test-ip", "handle": 0}}, {"quota": {"family": "ip", "name": "https-quota", "table": "test-ip", "handle": 0, "bytes": 26214400, "used": 0, "inv": false}}, {"map": {"family": "ip", "name": "ports", "table": "test-ip", "type": "inet_service", "handle": 0, "map": "quota"}}, {"table": {"family": "ip6", "name": "test-ip6", "handle": 0}}, {"quota": {"family": "ip6", "name": "http-quota", "table": "test-ip6", "handle": 0, "bytes": 26214400, "used": 0, "inv": true}}, {"counter": {"family": "ip6", "name": "http-traffic", "table": "test-ip6", "handle": 0, "packets": 0, "bytes": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test-ip",
+        "handle": 0
+      }
+    },
+    {
+      "quota": {
+        "family": "ip",
+        "name": "https-quota",
+        "table": "test-ip",
+        "handle": 0,
+        "bytes": 26214400,
+        "used": 0,
+        "inv": false
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "ports",
+        "table": "test-ip",
+        "type": "inet_service",
+        "handle": 0,
+        "map": "quota"
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "test-ip6",
+        "handle": 0
+      }
+    },
+    {
+      "quota": {
+        "family": "ip6",
+        "name": "http-quota",
+        "table": "test-ip6",
+        "handle": 0,
+        "bytes": 26214400,
+        "used": 0,
+        "inv": true
+      }
+    },
+    {
+      "counter": {
+        "family": "ip6",
+        "name": "http-traffic",
+        "table": "test-ip6",
+        "handle": 0,
+        "packets": 0,
+        "bytes": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/handles_0.json-nft b/tests/shell/testcases/optionals/dumps/handles_0.json-nft
index bd3fd867e4026a7dd5318d8fa6b6a33ee02493ca..ff06af3041c0b9f1345e54bfd5b17b8bfd6d39bd 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/handles_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/handles_0.json-nft
@@ -1 +1,57 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"chain": {"family": "ip", "table": "test", "name": "test", "handle": 0}}, {"rule": {"family": "ip", "table": "test", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/handles_1.json-nft b/tests/shell/testcases/optionals/dumps/handles_1.json-nft
index bd3fd867e4026a7dd5318d8fa6b6a33ee02493ca..ff06af3041c0b9f1345e54bfd5b17b8bfd6d39bd 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/handles_1.json-nft
+++ b/tests/shell/testcases/optionals/dumps/handles_1.json-nft
@@ -1 +1,57 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"chain": {"family": "ip", "table": "test", "name": "test", "handle": 0}}, {"rule": {"family": "ip", "table": "test", "chain": "test", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/log_prefix_0.json-nft b/tests/shell/testcases/optionals/dumps/log_prefix_0.json-nft
index 86b5be269e6a26cae126df1f55eb437f7f8e21f3..161a58d4584634178dd4b16ea4dc22fde9f2b251 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/log_prefix_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/log_prefix_0.json-nft
@@ -1 +1,52 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "invalid"}}, {"log": {"prefix": "invalid state match, logging:"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "invalid"
+            }
+          },
+          {
+            "log": {
+              "prefix": "invalid state match, logging:"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/optionals/dumps/update_object_handles_0.json-nft b/tests/shell/testcases/optionals/dumps/update_object_handles_0.json-nft
index 4ba1692a9a9ca36683a73fd73dd689976951838b..ba78f8d71aa0377e15ff263d7212fed96b37ff80 100644 (file)
--- a/tests/shell/testcases/optionals/dumps/update_object_handles_0.json-nft
+++ b/tests/shell/testcases/optionals/dumps/update_object_handles_0.json-nft
@@ -1 +1,39 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test-ip", "handle": 0}}, {"counter": {"family": "ip", "name": "traffic-counter", "table": "test-ip", "handle": 0, "packets": 0, "bytes": 0}}, {"quota": {"family": "ip", "name": "traffic-quota", "table": "test-ip", "handle": 0, "bytes": 52428800, "used": 0, "inv": false}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test-ip",
+        "handle": 0
+      }
+    },
+    {
+      "counter": {
+        "family": "ip",
+        "name": "traffic-counter",
+        "table": "test-ip",
+        "handle": 0,
+        "packets": 0,
+        "bytes": 0
+      }
+    },
+    {
+      "quota": {
+        "family": "ip",
+        "name": "traffic-quota",
+        "table": "test-ip",
+        "handle": 0,
+        "bytes": 52428800,
+        "used": 0,
+        "inv": false
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/owner/dumps/0001-flowtable-uaf.json-nft b/tests/shell/testcases/owner/dumps/0001-flowtable-uaf.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/owner/dumps/0001-flowtable-uaf.json-nft
+++ b/tests/shell/testcases/owner/dumps/0001-flowtable-uaf.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/parsing/dumps/describe.json-nft b/tests/shell/testcases/parsing/dumps/describe.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/parsing/dumps/describe.json-nft
+++ b/tests/shell/testcases/parsing/dumps/describe.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/parsing/dumps/large_rule_pipe.json-nft b/tests/shell/testcases/parsing/dumps/large_rule_pipe.json-nft
index 54531990802e97949c17ffe494e3c2f75bb51b17..bf5dc65fe1ddd653a7986d73ec4011598a2e75f5 100644 (file)
--- a/tests/shell/testcases/parsing/dumps/large_rule_pipe.json-nft
+++ b/tests/shell/testcases/parsing/dumps/large_rule_pipe.json-nft
@@ -1 +1,4079 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "firewalld", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PREROUTING", "handle": 0, "type": "nat", "hook": "prerouting", "prio": -90, "policy": "accept"}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PREROUTING_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POSTROUTING", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 110, "policy": "accept"}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POSTROUTING_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POSTROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_home", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_home_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_home_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_home_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_home", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_home_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_home_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_home_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_allow", "handle": 0}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_PREROUTING_ZONES_SOURCE"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_PREROUTING_ZONES"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "enp0s25"}}, {"goto": {"target": "nat_PRE_home"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_PRE_public"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_POSTROUTING_ZONES_SOURCE"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_POSTROUTING_ZONES"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "enp0s25"}}, {"goto": {"target": "nat_POST_home"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_POST_public"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_home", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_home_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_home", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_home_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_home", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_home_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_home", "handle": 0, "expr": [{"jump": {"target": "nat_POST_home_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_home", "handle": 0, "expr": [{"jump": {"target": "nat_POST_home_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_home", "handle": 0, "expr": [{"jump": {"target": "nat_POST_home_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_allow"}}]}}, {"table": {"family": "ip6", "name": "firewalld", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PREROUTING", "handle": 0, "type": "nat", "hook": "prerouting", "prio": -90, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PREROUTING_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POSTROUTING", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 110, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POSTROUTING_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POSTROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_home", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_home_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_home_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_home_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_home", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_home_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_home_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_home_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_allow", "handle": 0}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_PREROUTING_ZONES_SOURCE"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_PREROUTING_ZONES"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "enp0s25"}}, {"goto": {"target": "nat_PRE_home"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_PRE_public"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_POSTROUTING_ZONES_SOURCE"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_POSTROUTING_ZONES"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "enp0s25"}}, {"goto": {"target": "nat_POST_home"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_POST_public"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_home", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_home_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_home", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_home_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_home", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_home_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_home", "handle": 0, "expr": [{"jump": {"target": "nat_POST_home_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_home", "handle": 0, "expr": [{"jump": {"target": "nat_POST_home_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_home", "handle": 0, "expr": [{"jump": {"target": "nat_POST_home_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_allow"}}]}}, {"table": {"family": "inet", "name": "firewalld", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PREROUTING", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PREROUTING_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PREROUTING", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PREROUTING_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_INPUT", "handle": 0, "type": "filter", "hook": "input", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD", "handle": 0, "type": "filter", "hook": "forward", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_INPUT_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_INPUT_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD_IN_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD_IN_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD_OUT_ZONES_SOURCE", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD_OUT_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_home", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_home_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_home_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_home_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_home", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_home_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_home_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_home_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_home", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_home_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_home_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_home_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_home", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_home_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_home_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_home_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_home", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_home_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_home_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_home_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_allow", "handle": 0}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "icmpv6", "field": "type"}}, "right": {"set": ["nd-router-advert", "nd-neighbor-solicit"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "nfproto"}}, "right": "ipv6"}}, {"match": {"op": "==", "left": {"fib": {"result": "oif", "flags": ["saddr", "iif"]}}, "right": false}}, {"drop": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "raw_PREROUTING_ZONES_SOURCE"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "raw_PREROUTING_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "enp0s25"}}, {"goto": {"target": "raw_PRE_home"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "raw_PRE_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "mangle_PREROUTING_ZONES_SOURCE"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "mangle_PREROUTING_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "enp0s25"}}, {"goto": {"target": "mangle_PRE_home"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "mangle_PRE_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["established", "related"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"jump": {"target": "filter_INPUT_ZONES_SOURCE"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"jump": {"target": "filter_INPUT_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "invalid"}}, {"drop": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"reject": {"type": "icmpx", "expr": "admin-prohibited"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["established", "related"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"jump": {"target": "filter_FORWARD_IN_ZONES_SOURCE"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"jump": {"target": "filter_FORWARD_IN_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"jump": {"target": "filter_FORWARD_OUT_ZONES_SOURCE"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"jump": {"target": "filter_FORWARD_OUT_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "invalid"}}, {"drop": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"reject": {"type": "icmpx", "expr": "admin-prohibited"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "enp0s25"}}, {"goto": {"target": "filter_IN_home"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT_ZONES", "handle": 0, "expr": [{"goto": {"target": "filter_IN_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_IN_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "enp0s25"}}, {"goto": {"target": "filter_FWDI_home"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_IN_ZONES", "handle": 0, "expr": [{"goto": {"target": "filter_FWDI_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_OUT_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "enp0s25"}}, {"goto": {"target": "filter_FWDO_home"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_OUT_ZONES", "handle": 0, "expr": [{"goto": {"target": "filter_FWDO_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": {"prefix": {"addr": "fe80::", "len": 64}}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 546}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_home", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_home_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_home", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_home_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_home", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_home_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 137}}, {"match": {"op": "==", "left": {"ct": {"key": "helper"}}, "right": "netbios-ns"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home", "handle": 0, "expr": [{"jump": {"target": "filter_IN_home_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home", "handle": 0, "expr": [{"jump": {"target": "filter_IN_home_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home", "handle": 0, "expr": [{"jump": {"target": "filter_IN_home_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "224.0.0.251"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 5353}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": "ff02::fb"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 5353}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": {"range": [1714, 1764]}}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"range": [1714, 1764]}}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": {"prefix": {"addr": "fe80::", "len": 64}}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 546}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 137}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 138}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 139}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_home_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 445}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_home", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_home_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_home", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_home_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_home", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_home_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_home", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_home", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_home_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_home", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_home_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_home", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_home_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_home", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_home_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_home", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_home_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_home", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_home_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": {"prefix": {"addr": "fe80::", "len": 64}}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 546}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["new", "untracked"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_allow"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "firewalld",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PREROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "prerouting",
+        "prio": -90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PREROUTING_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PREROUTING_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_PRE_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POSTROUTING_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POSTROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_POST_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_POST_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "firewalld",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PREROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "prerouting",
+        "prio": -90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PREROUTING_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PREROUTING_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_PRE_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POSTROUTING_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POSTROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_POST_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_POST_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "firewalld",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PREROUTING",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PREROUTING_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PREROUTING",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PREROUTING_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_INPUT",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_INPUT_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_INPUT_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD_IN_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD_IN_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD_OUT_ZONES_SOURCE",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD_OUT_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_home",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_home_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_home_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_home_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "icmpv6",
+                  "field": "type"
+                }
+              },
+              "right": {
+                "set": [
+                  "nd-router-advert",
+                  "nd-neighbor-solicit"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "nfproto"
+                }
+              },
+              "right": "ipv6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "fib": {
+                  "result": "oif",
+                  "flags": [
+                    "saddr",
+                    "iif"
+                  ]
+                }
+              },
+              "right": false
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PREROUTING_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "raw_PRE_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "raw_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PREROUTING_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "mangle_PRE_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "mangle_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "established",
+                "related"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_INPUT_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_INPUT_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "invalid"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "reject": {
+              "type": "icmpx",
+              "expr": "admin-prohibited"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "established",
+                "related"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FORWARD_IN_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FORWARD_IN_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FORWARD_OUT_ZONES_SOURCE"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FORWARD_OUT_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "invalid"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "reject": {
+              "type": "icmpx",
+              "expr": "admin-prohibited"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_IN_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "filter_IN_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_IN_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_FWDI_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_IN_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "filter_FWDI_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_OUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "enp0s25"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_FWDO_home"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_OUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "filter_FWDO_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "prefix": {
+                  "addr": "fe80::",
+                  "len": 64
+                }
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 546
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 137
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "ct": {
+                  "key": "helper"
+                }
+              },
+              "right": "netbios-ns"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "224.0.0.251"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 5353
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": "ff02::fb"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 5353
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "range": [
+                  1714,
+                  1764
+                ]
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "range": [
+                  1714,
+                  1764
+                ]
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "prefix": {
+                  "addr": "fe80::",
+                  "len": 64
+                }
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 546
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 137
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 138
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 139
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_home_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 445
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_home",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_home_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_home_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_home",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_home_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "prefix": {
+                  "addr": "fe80::",
+                  "len": 64
+                }
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 546
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "new",
+                "untracked"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_allow"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/parsing/dumps/log.json-nft b/tests/shell/testcases/parsing/dumps/log.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/parsing/dumps/log.json-nft
+++ b/tests/shell/testcases/parsing/dumps/log.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/parsing/dumps/octal.json-nft b/tests/shell/testcases/parsing/dumps/octal.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/parsing/dumps/octal.json-nft
+++ b/tests/shell/testcases/parsing/dumps/octal.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0001addinsertposition_0.json-nft b/tests/shell/testcases/rule_management/dumps/0001addinsertposition_0.json-nft
index 64b7093dba7c72334f54624bda10f988b50d3de3..83dfee0db92f61fabc82d53aac9e173649f28291 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0001addinsertposition_0.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0001addinsertposition_0.json-nft
@@ -1 +1,65 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"accept": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0002addinsertlocation_1.json-nft b/tests/shell/testcases/rule_management/dumps/0002addinsertlocation_1.json-nft
index 83d7ba4b91392e599b3bd60cf5eb4c8cbd933dcc..b3808ce24f5c858700842d251ce732b185b49a4b 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0002addinsertlocation_1.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0002addinsertlocation_1.json-nft
@@ -1 +1,52 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"accept": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0003insert_0.json-nft b/tests/shell/testcases/rule_management/dumps/0003insert_0.json-nft
index 45e3c374cec4217f0518baf3f4fe50fce93bd898..9216cabf67d311d3545cafd7efdb1cce1487343c 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0003insert_0.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0003insert_0.json-nft
@@ -1 +1,102 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "sport"}}, "right": {"set": [{"range": [3478, 3497]}, {"range": [16384, 16387]}]}}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"masquerade": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"drop": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "sport"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "range": [
+                      3478,
+                      3497
+                    ]
+                  },
+                  {
+                    "range": [
+                      16384,
+                      16387
+                    ]
+                  }
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "masquerade": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0004replace_0.json-nft b/tests/shell/testcases/rule_management/dumps/0004replace_0.json-nft
index 4971d1347b72041b311080a72cb2517e9fb5ac68..5d0b7d066e83a622dab5dd4c643964a5b8452a46 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0004replace_0.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0004replace_0.json-nft
@@ -1 +1,39 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0005replace_1.json-nft b/tests/shell/testcases/rule_management/dumps/0005replace_1.json-nft
index 7d04e01076e7cce8f6e8b51f7d9fa434a740ef41..db64cdbcc44786a8014af6911c766429da20f544 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0005replace_1.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0005replace_1.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0006replace_1.json-nft b/tests/shell/testcases/rule_management/dumps/0006replace_1.json-nft
index 7d04e01076e7cce8f6e8b51f7d9fa434a740ef41..db64cdbcc44786a8014af6911c766429da20f544 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0006replace_1.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0006replace_1.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0007delete_0.json-nft b/tests/shell/testcases/rule_management/dumps/0007delete_0.json-nft
index 4971d1347b72041b311080a72cb2517e9fb5ac68..5d0b7d066e83a622dab5dd4c643964a5b8452a46 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0007delete_0.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0007delete_0.json-nft
@@ -1 +1,39 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0008delete_1.json-nft b/tests/shell/testcases/rule_management/dumps/0008delete_1.json-nft
index 7d04e01076e7cce8f6e8b51f7d9fa434a740ef41..db64cdbcc44786a8014af6911c766429da20f544 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0008delete_1.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0008delete_1.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0009delete_1.json-nft b/tests/shell/testcases/rule_management/dumps/0009delete_1.json-nft
index 7d04e01076e7cce8f6e8b51f7d9fa434a740ef41..db64cdbcc44786a8014af6911c766429da20f544 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0009delete_1.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0009delete_1.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0010replace_0.json-nft b/tests/shell/testcases/rule_management/dumps/0010replace_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0010replace_0.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0010replace_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0011reset_0.json-nft b/tests/shell/testcases/rule_management/dumps/0011reset_0.json-nft
index a7437a317da356ac9c160c302da5f6725d47ee2b..94203517cedb3f851721e65196e507339e0d5c49 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0011reset_0.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0011reset_0.json-nft
@@ -1 +1,257 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"], "elem": [{"elem": {"val": "1.1.1.1", "counter": {"packets": 1, "bytes": 11}}}], "stmt": [{"counter": null}]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"set": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "saddr"}}, "set": "@s"}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"drop": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c2", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c2", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"drop": null}]}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"drop": null}]}}, {"table": {"family": "ip", "name": "t2", "handle": 0}}, {"chain": {"family": "ip", "table": "t2", "name": "c2", "handle": 0}}, {"rule": {"family": "ip", "table": "t2", "chain": "c2", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}, {"rule": {"family": "ip", "table": "t2", "chain": "c2", "handle": 0, "expr": [{"counter": {"packets": 0, "bytes": 0}}, {"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": "1.1.1.1",
+              "counter": {
+                "packets": 1,
+                "bytes": 11
+              }
+            }
+          }
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "set": "@s"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t2",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t2",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t2",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t2",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0012destroy_0.json-nft b/tests/shell/testcases/rule_management/dumps/0012destroy_0.json-nft
index 7d04e01076e7cce8f6e8b51f7d9fa434a740ef41..db64cdbcc44786a8014af6911c766429da20f544 100644 (file)
--- a/tests/shell/testcases/rule_management/dumps/0012destroy_0.json-nft
+++ b/tests/shell/testcases/rule_management/dumps/0012destroy_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0001named_interval_0.json-nft b/tests/shell/testcases/sets/dumps/0001named_interval_0.json-nft
index 81daa733e7b0703b26e9fd1c31915657aa310053..c48f3a9c918f41c488cf58f391ca7db1e389555e 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0001named_interval_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0001named_interval_0.json-nft
@@ -1 +1,261 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s1", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"range": ["10.0.0.0", "11.0.0.0"]}, {"prefix": {"addr": "172.16.0.0", "len": 16}}]}}, {"set": {"family": "inet", "name": "s2", "table": "t", "type": "ipv6_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "fe00::", "len": 64}}, {"range": ["fe11::", "fe22::"]}]}}, {"set": {"family": "inet", "name": "s3", "table": "t", "type": "inet_proto", "handle": 0, "flags": ["interval"], "elem": [{"range": [10, 20]}, {"range": [50, 60]}]}}, {"set": {"family": "inet", "name": "s4", "table": "t", "type": "inet_service", "handle": 0, "flags": ["interval"], "elem": [{"range": [0, 1024]}, {"range": [8080, 8082]}, {"range": [10000, 40000]}]}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@s1"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": "@s2"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "protocol"}}, "right": "@s3"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "nexthdr"}}, "right": "@s3"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": "@s4"}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s1",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "range": [
+              "10.0.0.0",
+              "11.0.0.0"
+            ]
+          },
+          {
+            "prefix": {
+              "addr": "172.16.0.0",
+              "len": 16
+            }
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s2",
+        "table": "t",
+        "type": "ipv6_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "fe00::",
+              "len": 64
+            }
+          },
+          {
+            "range": [
+              "fe11::",
+              "fe22::"
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s3",
+        "table": "t",
+        "type": "inet_proto",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "range": [
+              10,
+              20
+            ]
+          },
+          {
+            "range": [
+              50,
+              60
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s4",
+        "table": "t",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "range": [
+              0,
+              1024
+            ]
+          },
+          {
+            "range": [
+              8080,
+              8082
+            ]
+          },
+          {
+            "range": [
+              10000,
+              40000
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@s1"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": "@s2"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "protocol"
+                }
+              },
+              "right": "@s3"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "nexthdr"
+                }
+              },
+              "right": "@s3"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": "@s4"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0002named_interval_automerging_0.json-nft b/tests/shell/testcases/sets/dumps/0002named_interval_automerging_0.json-nft
index 9e75f4bbef44003418acdd6cd6243e922a19129b..4c0be67000a023d4ff49870da9ea010af8a64788 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0002named_interval_automerging_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0002named_interval_automerging_0.json-nft
@@ -1 +1,44 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "192.168.0.0", "len": 24}}, {"prefix": {"addr": "192.168.1.0", "len": 24}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "192.168.0.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "192.168.1.0",
+              "len": 24
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0003named_interval_missing_flag_0.json-nft b/tests/shell/testcases/sets/dumps/0003named_interval_missing_flag_0.json-nft
index a138a95258c9497e23f9720b0c40ac149fa8ff9c..b6173e9f33ea64688b7939b3854d8cc7053885ff 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0003named_interval_missing_flag_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0003named_interval_missing_flag_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0004named_interval_shadow_0.json-nft b/tests/shell/testcases/sets/dumps/0004named_interval_shadow_0.json-nft
index 61c85f0cb9dcb6496eccec3e5d58c980c7bc683d..c55858fa9c9b93cec5b7edc59bf5e8a9c5a6bb90 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0004named_interval_shadow_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0004named_interval_shadow_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s", "table": "t", "type": "ipv6_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "fe00::", "len": 64}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s",
+        "table": "t",
+        "type": "ipv6_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "fe00::",
+              "len": 64
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0005named_interval_shadow_0.json-nft b/tests/shell/testcases/sets/dumps/0005named_interval_shadow_0.json-nft
index 5b984ec287dfef30b0fe70e5af1c7fe906b60ae3..a75681f36cb8e117fd5cdc2e9477c6fe96aa871a 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0005named_interval_shadow_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0005named_interval_shadow_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s", "table": "t", "type": "ipv6_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "fe00::", "len": 48}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s",
+        "table": "t",
+        "type": "ipv6_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "fe00::",
+              "len": 48
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0006create_set_0.json-nft b/tests/shell/testcases/sets/dumps/0006create_set_0.json-nft
index a138a95258c9497e23f9720b0c40ac149fa8ff9c..b6173e9f33ea64688b7939b3854d8cc7053885ff 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0006create_set_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0006create_set_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0007create_element_0.json-nft b/tests/shell/testcases/sets/dumps/0007create_element_0.json-nft
index 5a17d786df24e95691865927a508a5cfe3769aa4..f5a9ac19c1a889a8d563ed1fc26372313e509b2d 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0007create_element_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0007create_element_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "elem": ["1.1.1.1"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0008comments_interval_0.json-nft b/tests/shell/testcases/sets/dumps/0008comments_interval_0.json-nft
index 4ba3757d95b25a86df0fc69f7e02cf8d8b294c1c..c6f5aa68837cee4a79a10293c1c8c9833e8af14b 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0008comments_interval_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0008comments_interval_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"elem": {"val": "1.1.1.1", "comment": "test"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": "1.1.1.1",
+              "comment": "test"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0009comments_timeout_0.json-nft b/tests/shell/testcases/sets/dumps/0009comments_timeout_0.json-nft
index 2f6dc8ae10d7d71968cc86083940ea645e404b34..2418b39a76a060f520e66afea862c21a80b1d5c7 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0009comments_timeout_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0009comments_timeout_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["timeout"], "elem": [{"elem": {"val": "1.1.1.1", "comment": "test"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "timeout"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": "1.1.1.1",
+              "comment": "test"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0010comments_0.json-nft b/tests/shell/testcases/sets/dumps/0010comments_0.json-nft
index 8d2a892643fc34d644acd26b0073739a0630b9d5..7ea3c602d6700795cd5cfbb06508052e3cd96e01 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0010comments_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0010comments_0.json-nft
@@ -1 +1,35 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s", "table": "t", "type": "ipv6_addr", "handle": 0, "elem": [{"elem": {"val": "::1", "comment": "test"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s",
+        "table": "t",
+        "type": "ipv6_addr",
+        "handle": 0,
+        "elem": [
+          {
+            "elem": {
+              "val": "::1",
+              "comment": "test"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0012add_delete_many_elements_0.json-nft b/tests/shell/testcases/sets/dumps/0012add_delete_many_elements_0.json-nft
index c965d03e13bd9811053fadb56d907d0f42711718..c1b7639dc8436b2b8837fdb40ce321c11c5fc388 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0012add_delete_many_elements_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0012add_delete_many_elements_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0013add_delete_many_elements_0.json-nft b/tests/shell/testcases/sets/dumps/0013add_delete_many_elements_0.json-nft
index c965d03e13bd9811053fadb56d907d0f42711718..c1b7639dc8436b2b8837fdb40ce321c11c5fc388 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0013add_delete_many_elements_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0013add_delete_many_elements_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0014malformed_set_is_not_defined_0.json-nft b/tests/shell/testcases/sets/dumps/0014malformed_set_is_not_defined_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0014malformed_set_is_not_defined_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0014malformed_set_is_not_defined_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0015rulesetflush_0.json-nft b/tests/shell/testcases/sets/dumps/0015rulesetflush_0.json-nft
index e4f1c10c35a25289925f580c4e3d72213c0b5422..6268e216aa03c53d60fdb613a600f70a9150bb2f 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0015rulesetflush_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0015rulesetflush_0.json-nft
@@ -1 +1,53 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "blacklist_v4", "table": "filter", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "192.168.0.0", "len": 24}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "blacklist_v4",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "192.168.0.0",
+              "len": 24
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0016element_leak_0.json-nft b/tests/shell/testcases/sets/dumps/0016element_leak_0.json-nft
index b3f3aec8de787a8a90479f455d9629d3bc95090e..96b9714a0046cb914e82512ce2c651424291f89d 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0016element_leak_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0016element_leak_0.json-nft
@@ -1 +1,31 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 2, "elem": ["1.1.1.1"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 2,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0017add_after_flush_0.json-nft b/tests/shell/testcases/sets/dumps/0017add_after_flush_0.json-nft
index b3f3aec8de787a8a90479f455d9629d3bc95090e..96b9714a0046cb914e82512ce2c651424291f89d 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0017add_after_flush_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0017add_after_flush_0.json-nft
@@ -1 +1,31 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 2, "elem": ["1.1.1.1"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 2,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0018set_check_size_1.json-nft b/tests/shell/testcases/sets/dumps/0018set_check_size_1.json-nft
index cbf77ffb0cbd80897dbc8a1f82038fc46761f879..d226811cc95a5f606033dc804c6a45e5c9ca64d1 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0018set_check_size_1.json-nft
+++ b/tests/shell/testcases/sets/dumps/0018set_check_size_1.json-nft
@@ -1 +1,32 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 2, "elem": ["1.1.1.1", "1.1.1.2"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 2,
+        "elem": [
+          "1.1.1.1",
+          "1.1.1.2"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0019set_check_size_0.json-nft b/tests/shell/testcases/sets/dumps/0019set_check_size_0.json-nft
index cbf77ffb0cbd80897dbc8a1f82038fc46761f879..d226811cc95a5f606033dc804c6a45e5c9ca64d1 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0019set_check_size_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0019set_check_size_0.json-nft
@@ -1 +1,32 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 2, "elem": ["1.1.1.1", "1.1.1.2"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 2,
+        "elem": [
+          "1.1.1.1",
+          "1.1.1.2"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0020comments_0.json-nft b/tests/shell/testcases/sets/dumps/0020comments_0.json-nft
index eabbfa0809c7d1807378f0b4ef6889071af164b7..401a8f23529171ca92d2133a98eef65b1c136271 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0020comments_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0020comments_0.json-nft
@@ -1 +1,35 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s", "table": "t", "type": "inet_service", "handle": 0, "elem": [{"elem": {"val": 22, "comment": "test"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s",
+        "table": "t",
+        "type": "inet_service",
+        "handle": 0,
+        "elem": [
+          {
+            "elem": {
+              "val": 22,
+              "comment": "test"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0021nesting_0.json-nft b/tests/shell/testcases/sets/dumps/0021nesting_0.json-nft
index 449ce01a62bf8baa2db85420283ddae1d004ea60..5ed089dc18f92a499d0a0f7f1940cc01bd424c8a 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0021nesting_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0021nesting_0.json-nft
@@ -1 +1,69 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": {"set": [{"prefix": {"addr": "1.1.1.0", "len": 24}}, {"prefix": {"addr": "2.2.2.0", "len": 24}}, {"prefix": {"addr": "3.3.3.0", "len": 24}}]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "prefix": {
+                      "addr": "1.1.1.0",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2.2.2.0",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "3.3.3.0",
+                      "len": 24
+                    }
+                  }
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0022type_selective_flush_0.json-nft b/tests/shell/testcases/sets/dumps/0022type_selective_flush_0.json-nft
index 39b30741c669f29e8e1c0f17f5b37ce3eef78d81..c82c12a171a54a07a3748666735dc686b372cd6e 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0022type_selective_flush_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0022type_selective_flush_0.json-nft
@@ -1 +1,86 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0}}, {"map": {"family": "ip", "name": "m", "table": "t", "type": "ipv4_addr", "handle": 0, "map": "inet_service"}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 80}}, {"meter": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "stmt": {"limit": {"rate": 10, "burst": 5, "per": "second"}}, "size": 1024, "name": "f"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "m",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "inet_service"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 80
+            }
+          },
+          {
+            "meter": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "stmt": {
+                "limit": {
+                  "rate": 10,
+                  "burst": 5,
+                  "per": "second"
+                }
+              },
+              "size": 1024,
+              "name": "f"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0023incomplete_add_set_command_0.json-nft b/tests/shell/testcases/sets/dumps/0023incomplete_add_set_command_0.json-nft
index 5696ef2835b999a589cfb5b7b73f96cf6d9ac66a..e0e56fec062362ffbabf62d08a46432095331767 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0023incomplete_add_set_command_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0023incomplete_add_set_command_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0025anonymous_set_0.json-nft b/tests/shell/testcases/sets/dumps/0025anonymous_set_0.json-nft
index bdcccfbdfb1ad00f98667d15bee63a87c2d1e63f..9d56d0251e067d88673edc21484e7c2ddb1c54fe 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0025anonymous_set_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0025anonymous_set_0.json-nft
@@ -1 +1,102 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": {"set": ["192.168.0.1", "192.168.0.2", "192.168.0.3"]}}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "doesntexist"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22, 23]}}}, {"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "set": [
+                  "192.168.0.1",
+                  "192.168.0.2",
+                  "192.168.0.3"
+                ]
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "doesntexist"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22,
+                  23
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0026named_limit_0.json-nft b/tests/shell/testcases/sets/dumps/0026named_limit_0.json-nft
index a515c263128789572ad8362bd9253f118ba04325..5307e26567f16d6b61c7b052f2ed6fa52a50b095 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0026named_limit_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0026named_limit_0.json-nft
@@ -1 +1,75 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"limit": {"family": "ip", "name": "http-traffic", "table": "filter", "handle": 0, "rate": 1, "per": "second", "burst": 5}}, {"chain": {"family": "ip", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "filter", "chain": "input", "handle": 0, "expr": [{"limit": {"map": {"key": {"payload": {"protocol": "tcp", "field": "dport"}}, "data": {"set": [[80, "http-traffic"], [443, "http-traffic"]]}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "limit": {
+        "family": "ip",
+        "name": "http-traffic",
+        "table": "filter",
+        "handle": 0,
+        "rate": 1,
+        "per": "second",
+        "burst": 5
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "limit": {
+              "map": {
+                "key": {
+                  "payload": {
+                    "protocol": "tcp",
+                    "field": "dport"
+                  }
+                },
+                "data": {
+                  "set": [
+                    [
+                      80,
+                      "http-traffic"
+                    ],
+                    [
+                      443,
+                      "http-traffic"
+                    ]
+                  ]
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0027ipv6_maps_ipv4_0.json-nft b/tests/shell/testcases/sets/dumps/0027ipv6_maps_ipv4_0.json-nft
index 48ccd1ce637676d4ab0d9f783b520b01bb15473b..b9251ffa589001316abc48e20c9d370d66abb793 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0027ipv6_maps_ipv4_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0027ipv6_maps_ipv4_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s", "table": "t", "type": "ipv6_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "::ffff:0.0.0.0", "len": 96}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s",
+        "table": "t",
+        "type": "ipv6_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "::ffff:0.0.0.0",
+              "len": 96
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0028autoselect_0.json-nft b/tests/shell/testcases/sets/dumps/0028autoselect_0.json-nft
index eceeb39ed22ada93847e785b730ea567cc1d86cd..682496a71c5c5a16a0990baa9e95c77332f97c9d 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0028autoselect_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0028autoselect_0.json-nft
@@ -1 +1,168 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s1", "table": "t", "type": "inet_proto", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"set": {"family": "ip", "name": "s2", "table": "t", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"set": {"family": "ip", "name": "s3", "table": "t", "type": "ipv4_addr", "handle": 0, "size": 1024, "flags": ["dynamic"]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "foobar"}}, {"set": {"op": "add", "elem": {"payload": {"protocol": "ip", "field": "protocol"}}, "set": "@s1"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "foobar"}}, {"set": {"op": "add", "elem": {"payload": {"protocol": "ip", "field": "daddr"}}, "set": "@s2"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "foobar"}}, {"set": {"op": "add", "elem": {"payload": {"protocol": "ip", "field": "daddr"}}, "set": "@s3"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s1",
+        "table": "t",
+        "type": "inet_proto",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s2",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s3",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 1024,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "foobar"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "protocol"
+                }
+              },
+              "set": "@s1"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "foobar"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "set": "@s2"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "foobar"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "set": "@s3"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0028delete_handle_0.json-nft b/tests/shell/testcases/sets/dumps/0028delete_handle_0.json-nft
index 9e88e53c427adac50a21418e55fa9bd0223afd6a..96314141bc0848a559ca668712e2a3f9c4e9a624 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0028delete_handle_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0028delete_handle_0.json-nft
@@ -1 +1,53 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test-ip", "handle": 0}}, {"set": {"family": "ip", "name": "x", "table": "test-ip", "type": "ipv4_addr", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "test-ip", "type": "inet_service", "handle": 0, "flags": ["timeout"], "timeout": 10845}}, {"set": {"family": "ip", "name": "z", "table": "test-ip", "type": "ipv4_addr", "handle": 0, "flags": ["constant", "interval"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test-ip",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "x",
+        "table": "test-ip",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "test-ip",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "timeout"
+        ],
+        "timeout": 10845
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "z",
+        "table": "test-ip",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "constant",
+          "interval"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0032restore_set_simple_0.json-nft b/tests/shell/testcases/sets/dumps/0032restore_set_simple_0.json-nft
index 03b28c23d1fccf6b10ce59ea41e8ed055ba51edc..4d194bff1b164847b634ba40a5a6eee4fd3d5f84 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0032restore_set_simple_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0032restore_set_simple_0.json-nft
@@ -1 +1,49 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"set": {"family": "ip", "name": "setA", "table": "filter", "type": ["ipv4_addr", "inet_service", "ipv4_addr"], "handle": 0, "flags": ["timeout"]}}, {"set": {"family": "ip", "name": "setB", "table": "filter", "type": ["ipv4_addr", "inet_service"], "handle": 0, "flags": ["timeout"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "setA",
+        "table": "filter",
+        "type": [
+          "ipv4_addr",
+          "inet_service",
+          "ipv4_addr"
+        ],
+        "handle": 0,
+        "flags": [
+          "timeout"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "setB",
+        "table": "filter",
+        "type": [
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "flags": [
+          "timeout"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0033add_set_simple_flat_0.json-nft b/tests/shell/testcases/sets/dumps/0033add_set_simple_flat_0.json-nft
index a3712c8dc0414c6a6165f159a6caab5bd326a238..16684438c37f2f444d8101834b9192ef90ac98de 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0033add_set_simple_flat_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0033add_set_simple_flat_0.json-nft
@@ -1 +1,49 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "setA", "table": "x", "type": ["ipv4_addr", "inet_service", "ipv4_addr"], "handle": 0, "flags": ["timeout"]}}, {"set": {"family": "ip", "name": "setB", "table": "x", "type": ["ipv4_addr", "inet_service"], "handle": 0, "flags": ["timeout"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "setA",
+        "table": "x",
+        "type": [
+          "ipv4_addr",
+          "inet_service",
+          "ipv4_addr"
+        ],
+        "handle": 0,
+        "flags": [
+          "timeout"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "setB",
+        "table": "x",
+        "type": [
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "flags": [
+          "timeout"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0034get_element_0.json-nft b/tests/shell/testcases/sets/dumps/0034get_element_0.json-nft
index 7c1e874a160399bf6ed46b0ff0a9b483544f8181..bfc0e4a0f5886ec4db7a82e477e267dfb756eec1 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0034get_element_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0034get_element_0.json-nft
@@ -1 +1,140 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "inet_service", "handle": 0, "flags": ["interval"], "elem": [10, {"range": [20, 30]}, 40, {"range": [50, 60]}]}}, {"set": {"family": "ip", "name": "ips", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": ["10.0.0.1", {"range": ["10.0.0.5", "10.0.0.8"]}, {"prefix": {"addr": "10.0.0.128", "len": 25}}, {"prefix": {"addr": "10.0.1.0", "len": 24}}, {"range": ["10.0.2.3", "10.0.2.12"]}]}}, {"set": {"family": "ip", "name": "cs", "table": "t", "type": ["ipv4_addr", "inet_service"], "handle": 0, "flags": ["interval"], "elem": [{"concat": ["10.0.0.1", 22]}, {"concat": [{"prefix": {"addr": "10.1.0.0", "len": 16}}, {"range": [1, 1024]}]}, {"concat": [{"range": ["10.2.0.1", "10.2.0.8"]}, {"range": [1024, 65535]}]}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          10,
+          {
+            "range": [
+              20,
+              30
+            ]
+          },
+          40,
+          {
+            "range": [
+              50,
+              60
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "ips",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          "10.0.0.1",
+          {
+            "range": [
+              "10.0.0.5",
+              "10.0.0.8"
+            ]
+          },
+          {
+            "prefix": {
+              "addr": "10.0.0.128",
+              "len": 25
+            }
+          },
+          {
+            "prefix": {
+              "addr": "10.0.1.0",
+              "len": 24
+            }
+          },
+          {
+            "range": [
+              "10.0.2.3",
+              "10.0.2.12"
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "cs",
+        "table": "t",
+        "type": [
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "concat": [
+              "10.0.0.1",
+              22
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "10.1.0.0",
+                  "len": 16
+                }
+              },
+              {
+                "range": [
+                  1,
+                  1024
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "range": [
+                  "10.2.0.1",
+                  "10.2.0.8"
+                ]
+              },
+              {
+                "range": [
+                  1024,
+                  65535
+                ]
+              }
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0035add_set_elements_flat_0.json-nft b/tests/shell/testcases/sets/dumps/0035add_set_elements_flat_0.json-nft
index ad0b9f9fb91f4d2a0da64a89815cd12b3ae8dc9d..e4c77147b88f66d57193f8721ff1e3f6cd487227 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0035add_set_elements_flat_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0035add_set_elements_flat_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0037_set_with_inet_service_0.json-nft b/tests/shell/testcases/sets/dumps/0037_set_with_inet_service_0.json-nft
index 62cd1945ee43e359738f7bcff7038c41efc473f8..3305f040e69cde98415d0affe45c9f3636f48ad1 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0037_set_with_inet_service_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0037_set_with_inet_service_0.json-nft
@@ -1 +1,159 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "myset", "table": "filter", "type": ["ipv4_addr", "inet_proto", "inet_service"], "handle": 0, "elem": [{"concat": ["192.168.0.113", "tcp", 22]}, {"concat": ["192.168.0.12", "tcp", 53]}, {"concat": ["192.168.0.12", "udp", 53]}, {"concat": ["192.168.0.12", "tcp", 80]}, {"concat": ["192.168.0.13", "tcp", 80]}]}}, {"chain": {"family": "inet", "table": "filter", "name": "forward", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "drop"}}, {"rule": {"family": "inet", "table": "filter", "chain": "forward", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": ["established", "related"]}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "filter", "chain": "forward", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "daddr"}}, {"payload": {"protocol": "ip", "field": "protocol"}}, {"payload": {"protocol": "th", "field": "dport"}}]}, "right": "@myset"}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "myset",
+        "table": "filter",
+        "type": [
+          "ipv4_addr",
+          "inet_proto",
+          "inet_service"
+        ],
+        "handle": 0,
+        "elem": [
+          {
+            "concat": [
+              "192.168.0.113",
+              "tcp",
+              22
+            ]
+          },
+          {
+            "concat": [
+              "192.168.0.12",
+              "tcp",
+              53
+            ]
+          },
+          {
+            "concat": [
+              "192.168.0.12",
+              "udp",
+              53
+            ]
+          },
+          {
+            "concat": [
+              "192.168.0.12",
+              "tcp",
+              80
+            ]
+          },
+          {
+            "concat": [
+              "192.168.0.13",
+              "tcp",
+              80
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "forward",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "drop"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "forward",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": [
+                "established",
+                "related"
+              ]
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "forward",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "protocol"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "protocol": "th",
+                      "field": "dport"
+                    }
+                  }
+                ]
+              },
+              "right": "@myset"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0038meter_list_0.json-nft b/tests/shell/testcases/sets/dumps/0038meter_list_0.json-nft
index f0735754bfd147626d7516be884735289db5f7c8..be24687c96d79857c292a6f45e025d7f7ba3faa4 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0038meter_list_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0038meter_list_0.json-nft
@@ -1 +1,81 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "size": 256, "flags": ["timeout", "dynamic"]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 80}}, {"meter": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "stmt": {"limit": {"rate": 10, "burst": 5, "per": "second"}}, "size": 128, "name": "m"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 256,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 80
+            }
+          },
+          {
+            "meter": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "stmt": {
+                "limit": {
+                  "rate": 10,
+                  "burst": 5,
+                  "per": "second"
+                }
+              },
+              "size": 128,
+              "name": "m"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0039delete_interval_0.json-nft b/tests/shell/testcases/sets/dumps/0039delete_interval_0.json-nft
index 93a65b012f7ee694fa3f72f551981c58d2b0cec8..d6e46aad20a5084dcdaee5dcfe9b4777e1abb4f6 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0039delete_interval_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0039delete_interval_0.json-nft
@@ -1 +1,39 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"range": ["192.168.1.0", "192.168.1.254"]}, "192.168.1.255"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "range": [
+              "192.168.1.0",
+              "192.168.1.254"
+            ]
+          },
+          "192.168.1.255"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0040get_host_endian_elements_0.json-nft b/tests/shell/testcases/sets/dumps/0040get_host_endian_elements_0.json-nft
index 043bc11dbef1142d83b0dfd06a92bd7312cc016d..4b6cf03c4596137ee8ed0dfbe2eb06e71969b444 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0040get_host_endian_elements_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0040get_host_endian_elements_0.json-nft
@@ -1 +1,39 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "mark", "handle": 0, "flags": ["interval"], "elem": [{"range": [35, 66]}, 4919]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "mark",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "range": [
+              35,
+              66
+            ]
+          },
+          4919
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0041interval_0.json-nft b/tests/shell/testcases/sets/dumps/0041interval_0.json-nft
index 46db130649c7108e024d0f128a9d01da571f46c4..14a393305a3f3ffa4bd610ce3ce0c2a7e0b8657e 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0041interval_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0041interval_0.json-nft
@@ -1 +1,33 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": ["192.168.2.196"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          "192.168.2.196"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0042update_set_0.json-nft b/tests/shell/testcases/sets/dumps/0042update_set_0.json-nft
index 35ea6001284a590b6f223d89e1b7ed1b8620cb8f..8521adb8283d122fbb1920dedbfde01f78969f73 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0042update_set_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0042update_set_0.json-nft
@@ -1 +1,87 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "set1", "table": "t", "type": "ether_addr", "handle": 0}}, {"set": {"family": "ip", "name": "set2", "table": "t", "type": "ether_addr", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ether", "field": "daddr"}}, "right": "@set1"}}, {"set": {"op": "add", "elem": {"payload": {"protocol": "ether", "field": "daddr"}}, "set": "@set2", "stmt": [{"counter": null}]}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "set1",
+        "table": "t",
+        "type": "ether_addr",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "set2",
+        "table": "t",
+        "type": "ether_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "daddr"
+                }
+              },
+              "right": "@set1"
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "payload": {
+                  "protocol": "ether",
+                  "field": "daddr"
+                }
+              },
+              "set": "@set2",
+              "stmt": [
+                {
+                  "counter": null
+                }
+              ]
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0043concatenated_ranges_0.json-nft b/tests/shell/testcases/sets/dumps/0043concatenated_ranges_0.json-nft
index 95c5791ad05727542eadceeaea0ace34583ce96e..d51db884528724bb6dfcc346b96b06fc9bf05f6f 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0043concatenated_ranges_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0043concatenated_ranges_0.json-nft
@@ -1 +1,98 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"map": {"family": "inet", "name": "test", "table": "filter", "type": ["mark", "inet_service", "inet_proto"], "handle": 0, "map": "mark", "flags": ["interval", "timeout"]}}, {"chain": {"family": "inet", "table": "filter", "name": "output", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "output", "handle": 0, "expr": [{"mangle": {"key": {"meta": {"key": "mark"}}, "value": {"map": {"key": {"concat": [{"meta": {"key": "mark"}}, {"payload": {"protocol": "tcp", "field": "dport"}}, {"meta": {"key": "l4proto"}}]}, "data": "@test"}}}}, {"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "inet",
+        "name": "test",
+        "table": "filter",
+        "type": [
+          "mark",
+          "inet_service",
+          "inet_proto"
+        ],
+        "handle": 0,
+        "map": "mark",
+        "flags": [
+          "interval",
+          "timeout"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "output",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "output",
+        "handle": 0,
+        "expr": [
+          {
+            "mangle": {
+              "key": {
+                "meta": {
+                  "key": "mark"
+                }
+              },
+              "value": {
+                "map": {
+                  "key": {
+                    "concat": [
+                      {
+                        "meta": {
+                          "key": "mark"
+                        }
+                      },
+                      {
+                        "payload": {
+                          "protocol": "tcp",
+                          "field": "dport"
+                        }
+                      },
+                      {
+                        "meta": {
+                          "key": "l4proto"
+                        }
+                      }
+                    ]
+                  },
+                  "data": "@test"
+                }
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0043concatenated_ranges_1.json-nft b/tests/shell/testcases/sets/dumps/0043concatenated_ranges_1.json-nft
index b232a01cac29ca73ea8bc76ee1e6fc0abaf2ae57..92b59c861de1043a1718b37bbbd7908c0febc3da 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0043concatenated_ranges_1.json-nft
+++ b/tests/shell/testcases/sets/dumps/0043concatenated_ranges_1.json-nft
@@ -1 +1,1723 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip6", "name": "t", "handle": 0}}, {"set": {"family": "ip6", "name": "s", "table": "t", "type": ["ipv6_addr", "ipv6_addr"], "handle": 0, "flags": ["interval"], "elem": [{"concat": [{"prefix": {"addr": "2001:db8::", "len": 32}}, {"range": ["2001:db8:20::", "2001:db8:20::20:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 33}}, {"range": ["2001:db8:21::", "2001:db8:21::21:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 34}}, {"range": ["2001:db8:22::", "2001:db8:22::22:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 35}}, {"range": ["2001:db8:23::", "2001:db8:23::23:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 36}}, {"range": ["2001:db8:24::", "2001:db8:24::24:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 37}}, {"range": ["2001:db8:25::", "2001:db8:25::25:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 38}}, {"range": ["2001:db8:26::", "2001:db8:26::26:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 39}}, {"range": ["2001:db8:27::", "2001:db8:27::27:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 40}}, {"range": ["2001:db8:28::", "2001:db8:28::28:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 41}}, {"range": ["2001:db8:29::", "2001:db8:29::29:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 42}}, {"range": ["2001:db8:2a::", "2001:db8:2a::2a:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 43}}, {"range": ["2001:db8:2b::", "2001:db8:2b::2b:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 44}}, {"range": ["2001:db8:2c::", "2001:db8:2c::2c:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 45}}, {"range": ["2001:db8:2d::", "2001:db8:2d::2d:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 46}}, {"range": ["2001:db8:2e::", "2001:db8:2e::2e:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 47}}, {"range": ["2001:db8:2f::", "2001:db8:2f::2f:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 48}}, {"range": ["2001:db8:30::", "2001:db8:30::30:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 49}}, {"range": ["2001:db8:31::", "2001:db8:31::31:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 50}}, {"range": ["2001:db8:32::", "2001:db8:32::32:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 51}}, {"range": ["2001:db8:33::", "2001:db8:33::33:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 52}}, {"range": ["2001:db8:34::", "2001:db8:34::34:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 53}}, {"range": ["2001:db8:35::", "2001:db8:35::35:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 54}}, {"range": ["2001:db8:36::", "2001:db8:36::36:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 55}}, {"range": ["2001:db8:37::", "2001:db8:37::37:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 56}}, {"range": ["2001:db8:38::", "2001:db8:38::38:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 57}}, {"range": ["2001:db8:39::", "2001:db8:39::39:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 58}}, {"range": ["2001:db8:3a::", "2001:db8:3a::3a:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 59}}, {"range": ["2001:db8:3b::", "2001:db8:3b::3b:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 60}}, {"range": ["2001:db8:3c::", "2001:db8:3c::3c:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 61}}, {"range": ["2001:db8:3d::", "2001:db8:3d::3d:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 62}}, {"range": ["2001:db8:3e::", "2001:db8:3e::3e:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 63}}, {"range": ["2001:db8:3f::", "2001:db8:3f::3f:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 64}}, {"range": ["2001:db8:40::", "2001:db8:40::40:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 65}}, {"range": ["2001:db8:41::", "2001:db8:41::41:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 66}}, {"range": ["2001:db8:42::", "2001:db8:42::42:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 67}}, {"range": ["2001:db8:43::", "2001:db8:43::43:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 68}}, {"range": ["2001:db8:44::", "2001:db8:44::44:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 69}}, {"range": ["2001:db8:45::", "2001:db8:45::45:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 70}}, {"range": ["2001:db8:46::", "2001:db8:46::46:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 71}}, {"range": ["2001:db8:47::", "2001:db8:47::47:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 72}}, {"range": ["2001:db8:48::", "2001:db8:48::48:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 73}}, {"range": ["2001:db8:49::", "2001:db8:49::49:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 74}}, {"range": ["2001:db8:4a::", "2001:db8:4a::4a:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 75}}, {"range": ["2001:db8:4b::", "2001:db8:4b::4b:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 76}}, {"range": ["2001:db8:4c::", "2001:db8:4c::4c:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 77}}, {"range": ["2001:db8:4d::", "2001:db8:4d::4d:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 78}}, {"range": ["2001:db8:4e::", "2001:db8:4e::4e:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 79}}, {"range": ["2001:db8:4f::", "2001:db8:4f::4f:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 80}}, {"range": ["2001:db8:50::", "2001:db8:50::50:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 81}}, {"range": ["2001:db8:51::", "2001:db8:51::51:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 82}}, {"range": ["2001:db8:52::", "2001:db8:52::52:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 83}}, {"range": ["2001:db8:53::", "2001:db8:53::53:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 84}}, {"range": ["2001:db8:54::", "2001:db8:54::54:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 85}}, {"range": ["2001:db8:55::", "2001:db8:55::55:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 86}}, {"range": ["2001:db8:56::", "2001:db8:56::56:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 87}}, {"range": ["2001:db8:57::", "2001:db8:57::57:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 88}}, {"range": ["2001:db8:58::", "2001:db8:58::58:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 89}}, {"range": ["2001:db8:59::", "2001:db8:59::59:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 90}}, {"range": ["2001:db8:5a::", "2001:db8:5a::5a:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 91}}, {"range": ["2001:db8:5b::", "2001:db8:5b::5b:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 92}}, {"range": ["2001:db8:5c::", "2001:db8:5c::5c:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 93}}, {"range": ["2001:db8:5d::", "2001:db8:5d::5d:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 94}}, {"range": ["2001:db8:5e::", "2001:db8:5e::5e:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 95}}, {"range": ["2001:db8:5f::", "2001:db8:5f::5f:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 96}}, {"range": ["2001:db8:60::", "2001:db8:60::60:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 97}}, {"range": ["2001:db8:61::", "2001:db8:61::61:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 98}}, {"range": ["2001:db8:62::", "2001:db8:62::62:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 99}}, {"range": ["2001:db8:63::", "2001:db8:63::63:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 100}}, {"range": ["2001:db8:64::", "2001:db8:64::64:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 101}}, {"range": ["2001:db8:65::", "2001:db8:65::65:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 102}}, {"range": ["2001:db8:66::", "2001:db8:66::66:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 103}}, {"range": ["2001:db8:67::", "2001:db8:67::67:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 104}}, {"range": ["2001:db8:68::", "2001:db8:68::68:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 105}}, {"range": ["2001:db8:69::", "2001:db8:69::69:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 106}}, {"range": ["2001:db8:6a::", "2001:db8:6a::6a:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 107}}, {"range": ["2001:db8:6b::", "2001:db8:6b::6b:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 108}}, {"range": ["2001:db8:6c::", "2001:db8:6c::6c:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 109}}, {"range": ["2001:db8:6d::", "2001:db8:6d::6d:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 110}}, {"range": ["2001:db8:6e::", "2001:db8:6e::6e:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 111}}, {"range": ["2001:db8:6f::", "2001:db8:6f::6f:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 112}}, {"range": ["2001:db8:70::", "2001:db8:70::70:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 113}}, {"range": ["2001:db8:71::", "2001:db8:71::71:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 114}}, {"range": ["2001:db8:72::", "2001:db8:72::72:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 115}}, {"range": ["2001:db8:73::", "2001:db8:73::73:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 116}}, {"range": ["2001:db8:74::", "2001:db8:74::74:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 117}}, {"range": ["2001:db8:75::", "2001:db8:75::75:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 118}}, {"range": ["2001:db8:76::", "2001:db8:76::76:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 119}}, {"range": ["2001:db8:77::", "2001:db8:77::77:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 120}}, {"range": ["2001:db8:78::", "2001:db8:78::78:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 121}}, {"range": ["2001:db8:79::", "2001:db8:79::79:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 122}}, {"range": ["2001:db8:7a::", "2001:db8:7a::7a:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 123}}, {"range": ["2001:db8:7b::", "2001:db8:7b::7b:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 124}}, {"range": ["2001:db8:7c::", "2001:db8:7c::7c:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 125}}, {"range": ["2001:db8:7d::", "2001:db8:7d::7d:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 126}}, {"range": ["2001:db8:7e::", "2001:db8:7e::7e:1"]}]}, {"concat": [{"prefix": {"addr": "2001:db8::", "len": 127}}, {"range": ["2001:db8:7f::", "2001:db8:7f::7f:1"]}]}]}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": ["ipv4_addr", "ipv4_addr"], "handle": 0, "flags": ["interval"], "elem": [{"concat": [{"prefix": {"addr": "192.0.2.0", "len": 24}}, {"range": ["192.0.2.72", "192.0.2.74"]}]}, {"concat": [{"prefix": {"addr": "192.0.2.0", "len": 25}}, {"range": ["192.0.2.75", "192.0.2.77"]}]}, {"concat": [{"prefix": {"addr": "192.0.2.0", "len": 26}}, {"range": ["192.0.2.78", "192.0.2.80"]}]}, {"concat": [{"prefix": {"addr": "192.0.2.0", "len": 27}}, {"range": ["192.0.2.81", "192.0.2.83"]}]}, {"concat": [{"prefix": {"addr": "192.0.2.0", "len": 28}}, {"range": ["192.0.2.84", "192.0.2.86"]}]}, {"concat": [{"prefix": {"addr": "192.0.2.0", "len": 29}}, {"range": ["192.0.2.87", "192.0.2.89"]}]}, {"concat": [{"prefix": {"addr": "192.0.2.0", "len": 30}}, {"range": ["192.0.2.90", "192.0.2.92"]}]}, {"concat": [{"prefix": {"addr": "192.0.2.0", "len": 31}}, {"range": ["192.0.2.93", "192.0.2.95"]}]}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip6",
+        "name": "s",
+        "table": "t",
+        "type": [
+          "ipv6_addr",
+          "ipv6_addr"
+        ],
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 32
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:20::",
+                  "2001:db8:20::20:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 33
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:21::",
+                  "2001:db8:21::21:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 34
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:22::",
+                  "2001:db8:22::22:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 35
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:23::",
+                  "2001:db8:23::23:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 36
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:24::",
+                  "2001:db8:24::24:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 37
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:25::",
+                  "2001:db8:25::25:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 38
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:26::",
+                  "2001:db8:26::26:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 39
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:27::",
+                  "2001:db8:27::27:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 40
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:28::",
+                  "2001:db8:28::28:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 41
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:29::",
+                  "2001:db8:29::29:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 42
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:2a::",
+                  "2001:db8:2a::2a:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 43
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:2b::",
+                  "2001:db8:2b::2b:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 44
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:2c::",
+                  "2001:db8:2c::2c:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 45
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:2d::",
+                  "2001:db8:2d::2d:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 46
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:2e::",
+                  "2001:db8:2e::2e:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 47
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:2f::",
+                  "2001:db8:2f::2f:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 48
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:30::",
+                  "2001:db8:30::30:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 49
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:31::",
+                  "2001:db8:31::31:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 50
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:32::",
+                  "2001:db8:32::32:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 51
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:33::",
+                  "2001:db8:33::33:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 52
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:34::",
+                  "2001:db8:34::34:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 53
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:35::",
+                  "2001:db8:35::35:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 54
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:36::",
+                  "2001:db8:36::36:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 55
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:37::",
+                  "2001:db8:37::37:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 56
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:38::",
+                  "2001:db8:38::38:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 57
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:39::",
+                  "2001:db8:39::39:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 58
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:3a::",
+                  "2001:db8:3a::3a:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 59
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:3b::",
+                  "2001:db8:3b::3b:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 60
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:3c::",
+                  "2001:db8:3c::3c:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 61
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:3d::",
+                  "2001:db8:3d::3d:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 62
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:3e::",
+                  "2001:db8:3e::3e:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 63
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:3f::",
+                  "2001:db8:3f::3f:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 64
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:40::",
+                  "2001:db8:40::40:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 65
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:41::",
+                  "2001:db8:41::41:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 66
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:42::",
+                  "2001:db8:42::42:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 67
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:43::",
+                  "2001:db8:43::43:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 68
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:44::",
+                  "2001:db8:44::44:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 69
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:45::",
+                  "2001:db8:45::45:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 70
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:46::",
+                  "2001:db8:46::46:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 71
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:47::",
+                  "2001:db8:47::47:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 72
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:48::",
+                  "2001:db8:48::48:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 73
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:49::",
+                  "2001:db8:49::49:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 74
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:4a::",
+                  "2001:db8:4a::4a:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 75
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:4b::",
+                  "2001:db8:4b::4b:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 76
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:4c::",
+                  "2001:db8:4c::4c:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 77
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:4d::",
+                  "2001:db8:4d::4d:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 78
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:4e::",
+                  "2001:db8:4e::4e:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 79
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:4f::",
+                  "2001:db8:4f::4f:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 80
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:50::",
+                  "2001:db8:50::50:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 81
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:51::",
+                  "2001:db8:51::51:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 82
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:52::",
+                  "2001:db8:52::52:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 83
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:53::",
+                  "2001:db8:53::53:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 84
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:54::",
+                  "2001:db8:54::54:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 85
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:55::",
+                  "2001:db8:55::55:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 86
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:56::",
+                  "2001:db8:56::56:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 87
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:57::",
+                  "2001:db8:57::57:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 88
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:58::",
+                  "2001:db8:58::58:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 89
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:59::",
+                  "2001:db8:59::59:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 90
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:5a::",
+                  "2001:db8:5a::5a:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 91
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:5b::",
+                  "2001:db8:5b::5b:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 92
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:5c::",
+                  "2001:db8:5c::5c:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 93
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:5d::",
+                  "2001:db8:5d::5d:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 94
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:5e::",
+                  "2001:db8:5e::5e:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 95
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:5f::",
+                  "2001:db8:5f::5f:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 96
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:60::",
+                  "2001:db8:60::60:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 97
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:61::",
+                  "2001:db8:61::61:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 98
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:62::",
+                  "2001:db8:62::62:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 99
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:63::",
+                  "2001:db8:63::63:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 100
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:64::",
+                  "2001:db8:64::64:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 101
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:65::",
+                  "2001:db8:65::65:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 102
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:66::",
+                  "2001:db8:66::66:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 103
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:67::",
+                  "2001:db8:67::67:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 104
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:68::",
+                  "2001:db8:68::68:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 105
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:69::",
+                  "2001:db8:69::69:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 106
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:6a::",
+                  "2001:db8:6a::6a:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 107
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:6b::",
+                  "2001:db8:6b::6b:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 108
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:6c::",
+                  "2001:db8:6c::6c:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 109
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:6d::",
+                  "2001:db8:6d::6d:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 110
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:6e::",
+                  "2001:db8:6e::6e:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 111
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:6f::",
+                  "2001:db8:6f::6f:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 112
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:70::",
+                  "2001:db8:70::70:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 113
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:71::",
+                  "2001:db8:71::71:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 114
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:72::",
+                  "2001:db8:72::72:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 115
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:73::",
+                  "2001:db8:73::73:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 116
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:74::",
+                  "2001:db8:74::74:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 117
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:75::",
+                  "2001:db8:75::75:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 118
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:76::",
+                  "2001:db8:76::76:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 119
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:77::",
+                  "2001:db8:77::77:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 120
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:78::",
+                  "2001:db8:78::78:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 121
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:79::",
+                  "2001:db8:79::79:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 122
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:7a::",
+                  "2001:db8:7a::7a:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 123
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:7b::",
+                  "2001:db8:7b::7b:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 124
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:7c::",
+                  "2001:db8:7c::7c:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 125
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:7d::",
+                  "2001:db8:7d::7d:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 126
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:7e::",
+                  "2001:db8:7e::7e:1"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "2001:db8::",
+                  "len": 127
+                }
+              },
+              {
+                "range": [
+                  "2001:db8:7f::",
+                  "2001:db8:7f::7f:1"
+                ]
+              }
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": [
+          "ipv4_addr",
+          "ipv4_addr"
+        ],
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 24
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.72",
+                  "192.0.2.74"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 25
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.75",
+                  "192.0.2.77"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 26
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.78",
+                  "192.0.2.80"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 27
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.81",
+                  "192.0.2.83"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 28
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.84",
+                  "192.0.2.86"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 29
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.87",
+                  "192.0.2.89"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 30
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.90",
+                  "192.0.2.92"
+                ]
+              }
+            ]
+          },
+          {
+            "concat": [
+              {
+                "prefix": {
+                  "addr": "192.0.2.0",
+                  "len": 31
+                }
+              },
+              {
+                "range": [
+                  "192.0.2.93",
+                  "192.0.2.95"
+                ]
+              }
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0044interval_overlap_1.json-nft b/tests/shell/testcases/sets/dumps/0044interval_overlap_1.json-nft
index f3ba37e996694611d92040f67debed4d23e4fc2e..f4aae383524ffce3e413200a0430bf1e366edaf7 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0044interval_overlap_1.json-nft
+++ b/tests/shell/testcases/sets/dumps/0044interval_overlap_1.json-nft
@@ -1 +1,529 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "inet_service", "handle": 0, "flags": ["interval"], "elem": [25, 30, 82, 119, 349, 745, 748, 1165, 1233, 1476, 1550, 1562, 1743, 1745, 1882, 2070, 2194, 2238, 2450, 2455, 2642, 2671, 2906, 3093, 3203, 3287, 3348, 3411, 3540, 3892, 3943, 4133, 4205, 4317, 4733, 5095, 5156, 5223, 5230, 5432, 5826, 5828, 6044, 6377, 6388, 6491, 6952, 6986, 7012, 7187, 7300, 7305, 7549, 7664, 8111, 8206, 8396, 8782, 8920, 8981, 9067, 9216, 9245, 9315, 9432, 9587, 9689, 9844, 9991, 10045, 10252, 10328, 10670, 10907, 11021, 11337, 11427, 11497, 11502, 11523, 11552, 11577, 11721, 11943, 12474, 12718, 12764, 12794, 12922, 13186, 13232, 13383, 13431, 13551, 13676, 13685, 13747, 13925, 13935, 14015, 14090, 14320, 14392, 14515, 14647, 14911, 15096, 15105, 15154, 15440, 15583, 15623, 15677, 15710, 15926, 15934, 15960, 16068, 16166, 16486, 16489, 16528, 16646, 16650, 16770, 16882, 17052, 17237, 17387, 17431, 17886, 17939, 17999, 18092, 18123, 18238, 18562, 18698, 19004, 19229, 19237, 19585, 19879, 19938, 19950, 19958, 20031, 20138, 20157, 20205, 20368, 20682, 20687, 20873, 20910, 20919, 21019, 21068, 21115, 21188, 21236, 21319, 21563, 21734, 21806, 21810, 21959, 21982, 22078, 22181, 22308, 22480, 22643, 22854, 22879, 22961, 23397, 23534, 23845, 23893, 24130, 24406, 24794, 24997, 25019, 25143, 25179, 25439, 25603, 25718, 25859, 25949, 26006, 26022, 26047, 26170, 26193, 26725, 26747, 26924, 27023, 27040, 27233, 27344, 27478, 27593, 27600, 27664, 27678, 27818, 27822, 28003, 28038, 28709, 28808, 29010, 29057, 29228, 29485, 30132, 30160, 30415, 30469, 30673, 30736, 30776, 30780, 31450, 31537, 31669, 31839, 31873, 32019, 32229, 32685, 32879, 33318, 33337, 33404, 33517, 33906, 34214, 34346, 34416, 34727, 34848, 35325, 35400, 35451, 35501, 35637, 35653, 35710, 35761, 35767, 36238, 36258, 36279, 36464, 36586, 36603, 36770, 36774, 36805, 36851, 37079, 37189, 37209, 37565, 37570, 37585, 37832, 37931, 37954, 38006, 38015, 38045, 38109, 38114, 38200, 38209, 38214, 38277, 38306, 38402, 38606, 38697, 38960, 39004, 39006, 39197, 39217, 39265, 39319, 39460, 39550, 39615, 39871, 39886, 40088, 40135, 40244, 40323, 40339, 40355, 40385, 40428, 40538, 40791, 40848, 40959, 41003, 41131, 41349, 41643, 41710, 41826, 41904, 42027, 42148, 42235, 42255, 42498, 42680, 42973, 43118, 43135, 43233, 43349, 43411, 43487, 43840, 43843, 43870, 44040, 44204, 44817, 44883, 44894, 44958, 45201, 45259, 45283, 45357, 45423, 45473, 45498, 45519, 45561, 45611, 45627, 45831, 46043, 46105, 46116, 46147, 46169, 46349, 47147, 47252, 47314, 47335, 47360, 47546, 47617, 47648, 47772, 47793, 47846, 47913, 47952, 48095, 48325, 48334, 48412, 48419, 48540, 48569, 48628, 48751, 48944, 48971, 49008, 49025, 49503, 49505, 49613, 49767, 49839, 49925, 50022, 50028, 50238, 51057, 51477, 51617, 51910, 52044, 52482, 52550, 52643, 52832, 53382, 53690, 53809, 53858, 54001, 54198, 54280, 54327, 54376, 54609, 54776, 54983, 54984, 55019, 55038, 55094, 55368, 55737, 55793, 55904, 55941, 55960, 55978, 56063, 56121, 56314, 56505, 56548, 56568, 56696, 56798, 56855, 57102, 57236, 57333, 57334, 57441, 57574, 57659, 57987, 58325, 58404, 58509, 58782, 58876, 59116, 59544, 59685, 59700, 59750, 59799, 59866, 59870, 59894, 59984, 60343, 60481, 60564, 60731, 61075, 61087, 61148, 61174, 61655, 61679, 61691, 61723, 61730, 61758, 61824, 62035, 62056, 62661, 62768, 62946, 63059, 63116, 63338, 63387, 63672, 63719, 63881, 63995, 64197, 64374, 64377, 64472, 64606, 64662, 64777, 64795, 64906, 65049, 65122, 65318]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "inet_service",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          25,
+          30,
+          82,
+          119,
+          349,
+          745,
+          748,
+          1165,
+          1233,
+          1476,
+          1550,
+          1562,
+          1743,
+          1745,
+          1882,
+          2070,
+          2194,
+          2238,
+          2450,
+          2455,
+          2642,
+          2671,
+          2906,
+          3093,
+          3203,
+          3287,
+          3348,
+          3411,
+          3540,
+          3892,
+          3943,
+          4133,
+          4205,
+          4317,
+          4733,
+          5095,
+          5156,
+          5223,
+          5230,
+          5432,
+          5826,
+          5828,
+          6044,
+          6377,
+          6388,
+          6491,
+          6952,
+          6986,
+          7012,
+          7187,
+          7300,
+          7305,
+          7549,
+          7664,
+          8111,
+          8206,
+          8396,
+          8782,
+          8920,
+          8981,
+          9067,
+          9216,
+          9245,
+          9315,
+          9432,
+          9587,
+          9689,
+          9844,
+          9991,
+          10045,
+          10252,
+          10328,
+          10670,
+          10907,
+          11021,
+          11337,
+          11427,
+          11497,
+          11502,
+          11523,
+          11552,
+          11577,
+          11721,
+          11943,
+          12474,
+          12718,
+          12764,
+          12794,
+          12922,
+          13186,
+          13232,
+          13383,
+          13431,
+          13551,
+          13676,
+          13685,
+          13747,
+          13925,
+          13935,
+          14015,
+          14090,
+          14320,
+          14392,
+          14515,
+          14647,
+          14911,
+          15096,
+          15105,
+          15154,
+          15440,
+          15583,
+          15623,
+          15677,
+          15710,
+          15926,
+          15934,
+          15960,
+          16068,
+          16166,
+          16486,
+          16489,
+          16528,
+          16646,
+          16650,
+          16770,
+          16882,
+          17052,
+          17237,
+          17387,
+          17431,
+          17886,
+          17939,
+          17999,
+          18092,
+          18123,
+          18238,
+          18562,
+          18698,
+          19004,
+          19229,
+          19237,
+          19585,
+          19879,
+          19938,
+          19950,
+          19958,
+          20031,
+          20138,
+          20157,
+          20205,
+          20368,
+          20682,
+          20687,
+          20873,
+          20910,
+          20919,
+          21019,
+          21068,
+          21115,
+          21188,
+          21236,
+          21319,
+          21563,
+          21734,
+          21806,
+          21810,
+          21959,
+          21982,
+          22078,
+          22181,
+          22308,
+          22480,
+          22643,
+          22854,
+          22879,
+          22961,
+          23397,
+          23534,
+          23845,
+          23893,
+          24130,
+          24406,
+          24794,
+          24997,
+          25019,
+          25143,
+          25179,
+          25439,
+          25603,
+          25718,
+          25859,
+          25949,
+          26006,
+          26022,
+          26047,
+          26170,
+          26193,
+          26725,
+          26747,
+          26924,
+          27023,
+          27040,
+          27233,
+          27344,
+          27478,
+          27593,
+          27600,
+          27664,
+          27678,
+          27818,
+          27822,
+          28003,
+          28038,
+          28709,
+          28808,
+          29010,
+          29057,
+          29228,
+          29485,
+          30132,
+          30160,
+          30415,
+          30469,
+          30673,
+          30736,
+          30776,
+          30780,
+          31450,
+          31537,
+          31669,
+          31839,
+          31873,
+          32019,
+          32229,
+          32685,
+          32879,
+          33318,
+          33337,
+          33404,
+          33517,
+          33906,
+          34214,
+          34346,
+          34416,
+          34727,
+          34848,
+          35325,
+          35400,
+          35451,
+          35501,
+          35637,
+          35653,
+          35710,
+          35761,
+          35767,
+          36238,
+          36258,
+          36279,
+          36464,
+          36586,
+          36603,
+          36770,
+          36774,
+          36805,
+          36851,
+          37079,
+          37189,
+          37209,
+          37565,
+          37570,
+          37585,
+          37832,
+          37931,
+          37954,
+          38006,
+          38015,
+          38045,
+          38109,
+          38114,
+          38200,
+          38209,
+          38214,
+          38277,
+          38306,
+          38402,
+          38606,
+          38697,
+          38960,
+          39004,
+          39006,
+          39197,
+          39217,
+          39265,
+          39319,
+          39460,
+          39550,
+          39615,
+          39871,
+          39886,
+          40088,
+          40135,
+          40244,
+          40323,
+          40339,
+          40355,
+          40385,
+          40428,
+          40538,
+          40791,
+          40848,
+          40959,
+          41003,
+          41131,
+          41349,
+          41643,
+          41710,
+          41826,
+          41904,
+          42027,
+          42148,
+          42235,
+          42255,
+          42498,
+          42680,
+          42973,
+          43118,
+          43135,
+          43233,
+          43349,
+          43411,
+          43487,
+          43840,
+          43843,
+          43870,
+          44040,
+          44204,
+          44817,
+          44883,
+          44894,
+          44958,
+          45201,
+          45259,
+          45283,
+          45357,
+          45423,
+          45473,
+          45498,
+          45519,
+          45561,
+          45611,
+          45627,
+          45831,
+          46043,
+          46105,
+          46116,
+          46147,
+          46169,
+          46349,
+          47147,
+          47252,
+          47314,
+          47335,
+          47360,
+          47546,
+          47617,
+          47648,
+          47772,
+          47793,
+          47846,
+          47913,
+          47952,
+          48095,
+          48325,
+          48334,
+          48412,
+          48419,
+          48540,
+          48569,
+          48628,
+          48751,
+          48944,
+          48971,
+          49008,
+          49025,
+          49503,
+          49505,
+          49613,
+          49767,
+          49839,
+          49925,
+          50022,
+          50028,
+          50238,
+          51057,
+          51477,
+          51617,
+          51910,
+          52044,
+          52482,
+          52550,
+          52643,
+          52832,
+          53382,
+          53690,
+          53809,
+          53858,
+          54001,
+          54198,
+          54280,
+          54327,
+          54376,
+          54609,
+          54776,
+          54983,
+          54984,
+          55019,
+          55038,
+          55094,
+          55368,
+          55737,
+          55793,
+          55904,
+          55941,
+          55960,
+          55978,
+          56063,
+          56121,
+          56314,
+          56505,
+          56548,
+          56568,
+          56696,
+          56798,
+          56855,
+          57102,
+          57236,
+          57333,
+          57334,
+          57441,
+          57574,
+          57659,
+          57987,
+          58325,
+          58404,
+          58509,
+          58782,
+          58876,
+          59116,
+          59544,
+          59685,
+          59700,
+          59750,
+          59799,
+          59866,
+          59870,
+          59894,
+          59984,
+          60343,
+          60481,
+          60564,
+          60731,
+          61075,
+          61087,
+          61148,
+          61174,
+          61655,
+          61679,
+          61691,
+          61723,
+          61730,
+          61758,
+          61824,
+          62035,
+          62056,
+          62661,
+          62768,
+          62946,
+          63059,
+          63116,
+          63338,
+          63387,
+          63672,
+          63719,
+          63881,
+          63995,
+          64197,
+          64374,
+          64377,
+          64472,
+          64606,
+          64662,
+          64777,
+          64795,
+          64906,
+          65049,
+          65122,
+          65318
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0045concat_ipv4_service.json-nft b/tests/shell/testcases/sets/dumps/0045concat_ipv4_service.json-nft
index 9ced84c24dd4a1e6f4a4fba3cad26f6a7cd70494..211942c9ae63ad7ea195a9701241ea7465d83ff8 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0045concat_ipv4_service.json-nft
+++ b/tests/shell/testcases/sets/dumps/0045concat_ipv4_service.json-nft
@@ -1 +1,95 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s", "table": "t", "type": ["ipv4_addr", "inet_service"], "handle": 0, "size": 65536, "flags": ["timeout", "dynamic"], "elem": [{"concat": ["192.168.7.1", 22]}]}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 21}}, {"set": {"op": "add", "elem": {"elem": {"val": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, 22]}, "timeout": 60}}, "set": "@s"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s",
+        "table": "t",
+        "type": [
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "size": 65536,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ],
+        "elem": [
+          {
+            "concat": [
+              "192.168.7.1",
+              22
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 21
+            }
+          },
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "saddr"
+                        }
+                      },
+                      22
+                    ]
+                  },
+                  "timeout": 60
+                }
+              },
+              "set": "@s"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0046netmap_0.json-nft b/tests/shell/testcases/sets/dumps/0046netmap_0.json-nft
index 2572b5e3f154e03ec62112cef9301e5d29a3b830..55f1a2ad28c76659e6874eae467b7672f808b2cd 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0046netmap_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0046netmap_0.json-nft
@@ -1 +1,167 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 100, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"snat": {"family": "ip", "addr": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [[{"prefix": {"addr": "10.141.11.0", "len": 24}}, {"prefix": {"addr": "192.168.2.0", "len": 24}}], [{"prefix": {"addr": "10.141.12.0", "len": 24}}, {"prefix": {"addr": "192.168.3.0", "len": 24}}], [{"prefix": {"addr": "10.141.13.0", "len": 24}}, {"prefix": {"addr": "192.168.4.0", "len": 24}}]]}}}, "flags": "netmap", "type_flags": "prefix"}}]}}, {"table": {"family": "ip6", "name": "x", "handle": 0}}, {"chain": {"family": "ip6", "table": "x", "name": "y", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 100, "policy": "accept"}}, {"rule": {"family": "ip6", "table": "x", "chain": "y", "handle": 0, "expr": [{"snat": {"family": "ip6", "addr": {"map": {"key": {"payload": {"protocol": "ip6", "field": "saddr"}}, "data": {"set": [[{"prefix": {"addr": "2001:db8:1111::", "len": 64}}, {"prefix": {"addr": "2001:db8:2222::", "len": 64}}]]}}}, "flags": "netmap", "type_flags": "prefix"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 100,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "family": "ip",
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        {
+                          "prefix": {
+                            "addr": "10.141.11.0",
+                            "len": 24
+                          }
+                        },
+                        {
+                          "prefix": {
+                            "addr": "192.168.2.0",
+                            "len": 24
+                          }
+                        }
+                      ],
+                      [
+                        {
+                          "prefix": {
+                            "addr": "10.141.12.0",
+                            "len": 24
+                          }
+                        },
+                        {
+                          "prefix": {
+                            "addr": "192.168.3.0",
+                            "len": 24
+                          }
+                        }
+                      ],
+                      [
+                        {
+                          "prefix": {
+                            "addr": "10.141.13.0",
+                            "len": 24
+                          }
+                        },
+                        {
+                          "prefix": {
+                            "addr": "192.168.4.0",
+                            "len": 24
+                          }
+                        }
+                      ]
+                    ]
+                  }
+                }
+              },
+              "flags": "netmap",
+              "type_flags": "prefix"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 100,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "family": "ip6",
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip6",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        {
+                          "prefix": {
+                            "addr": "2001:db8:1111::",
+                            "len": 64
+                          }
+                        },
+                        {
+                          "prefix": {
+                            "addr": "2001:db8:2222::",
+                            "len": 64
+                          }
+                        }
+                      ]
+                    ]
+                  }
+                }
+              },
+              "flags": "netmap",
+              "type_flags": "prefix"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0048set_counters_0.json-nft b/tests/shell/testcases/sets/dumps/0048set_counters_0.json-nft
index 15605bd8d05824bcd88ab5179aadeeeea828c668..2fa0e788483084e8ad18fb4c4f64d810e3c1c1a5 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0048set_counters_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0048set_counters_0.json-nft
@@ -1 +1,95 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "elem": [{"elem": {"val": "192.168.10.35", "counter": {"packets": 0, "bytes": 0}}}, {"elem": {"val": "192.168.10.101", "counter": {"packets": 0, "bytes": 0}}}, {"elem": {"val": "192.168.10.135", "counter": {"packets": 0, "bytes": 0}}}], "stmt": [{"counter": null}]}}, {"chain": {"family": "ip", "table": "x", "name": "z", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "z", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "@y"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          {
+            "elem": {
+              "val": "192.168.10.35",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "192.168.10.101",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "192.168.10.135",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          }
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "z",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "@y"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0049set_define_0.json-nft b/tests/shell/testcases/sets/dumps/0049set_define_0.json-nft
index b95c831bc4d5bc9822bdc84e1ba3bd774728981d..79e376b6e29315666a9ff7810fd0a3f5b560c9f6 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0049set_define_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0049set_define_0.json-nft
@@ -1 +1,94 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "ip-block-4-test", "table": "filter", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "auto-merge": true, "elem": ["1.1.1.1"]}}, {"chain": {"family": "inet", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "drop"}}, {"rule": {"family": "inet", "table": "filter", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [22, 80, 443]}}}, {"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "new"}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "ip-block-4-test",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "auto-merge": true,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "drop"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": {
+                "set": [
+                  22,
+                  80,
+                  443
+                ]
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "new"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0050set_define_1.json-nft b/tests/shell/testcases/sets/dumps/0050set_define_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0050set_define_1.json-nft
+++ b/tests/shell/testcases/sets/dumps/0050set_define_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0051set_interval_counter_0.json-nft b/tests/shell/testcases/sets/dumps/0051set_interval_counter_0.json-nft
index 1149c74658bb2400f5ee41ff52115445d44135fc..0e67375999382719c7f610d9ee54473e09c60d1b 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0051set_interval_counter_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0051set_interval_counter_0.json-nft
@@ -1 +1,85 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"elem": {"val": {"prefix": {"addr": "192.168.2.0", "len": 24}}, "counter": {"packets": 0, "bytes": 0}}}], "stmt": [{"counter": null}]}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "@s"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": {
+                "prefix": {
+                  "addr": "192.168.2.0",
+                  "len": 24
+                }
+              },
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          }
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "@s"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0052overlap_0.json-nft b/tests/shell/testcases/sets/dumps/0052overlap_0.json-nft
index 2ff3f23482c949071a2edb45466053117e7d604b..96d5fbccd7d4099d27624c0f1cdc534cb1d1edf2 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0052overlap_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0052overlap_0.json-nft
@@ -1 +1,35 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"set": {"family": "ip", "name": "w_all", "table": "filter", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "auto-merge": true, "elem": ["10.10.10.10", "10.10.10.253"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "w_all",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "auto-merge": true,
+        "elem": [
+          "10.10.10.10",
+          "10.10.10.253"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0053echo_0.json-nft b/tests/shell/testcases/sets/dumps/0053echo_0.json-nft
index 8658e41259c0a9a9b6032ff15fec600732bc0a6d..12a5c4b4810e0e6fda39ee687d203aa1b6684e10 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0053echo_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0053echo_0.json-nft
@@ -1 +1,101 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"chain": {"family": "inet", "table": "filter", "name": "input", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "drop"}}, {"rule": {"family": "inet", "table": "filter", "chain": "input", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "lo"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": {"prefix": {"addr": "10.0.0.0", "len": 8}}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "192.168.100.62"}}, {"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 2001}}, {"counter": {"packets": 0, "bytes": 0}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "input",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "drop"
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "input",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": {
+                "prefix": {
+                  "addr": "10.0.0.0",
+                  "len": 8
+                }
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "192.168.100.62"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 2001
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0054comments_set_0.json-nft b/tests/shell/testcases/sets/dumps/0054comments_set_0.json-nft
index 85fd50720658115ed616e3cc715ea3aeb61a62c3..3fd6d37e181033fe82b0bda5499ee67b5ddc9239 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0054comments_set_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0054comments_set_0.json-nft
@@ -1 +1,45 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "comment": "test", "flags": ["interval"]}}, {"map": {"family": "ip", "name": "m", "table": "t", "type": "ipv4_addr", "handle": 0, "comment": "another test", "map": "ipv4_addr", "flags": ["interval"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "comment": "test",
+        "flags": [
+          "interval"
+        ]
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "m",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "comment": "another test",
+        "map": "ipv4_addr",
+        "flags": [
+          "interval"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0055tcpflags_0.json-nft b/tests/shell/testcases/sets/dumps/0055tcpflags_0.json-nft
index e5ad23386ca4164f5a1d5b89386e68bb5601e322..cd39f0909e120850c354e34427c4c597d92d08e6 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0055tcpflags_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0055tcpflags_0.json-nft
@@ -1 +1,190 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"set": {"family": "ip", "name": "tcp_good_flags", "table": "test", "type": "tcp_flag", "handle": 0, "flags": ["constant"], "elem": [{"|": [{"|": [{"|": ["fin", "psh"]}, "ack"]}, "urg"]}, {"|": [{"|": ["fin", "psh"]}, "ack"]}, {"|": [{"|": ["fin", "ack"]}, "urg"]}, {"|": ["fin", "ack"]}, {"|": [{"|": [{"|": ["syn", "psh"]}, "ack"]}, "urg"]}, {"|": [{"|": ["syn", "psh"]}, "ack"]}, {"|": [{"|": ["syn", "ack"]}, "urg"]}, {"|": ["syn", "ack"]}, "syn", {"|": [{"|": [{"|": ["rst", "psh"]}, "ack"]}, "urg"]}, {"|": [{"|": ["rst", "psh"]}, "ack"]}, {"|": [{"|": ["rst", "ack"]}, "urg"]}, {"|": ["rst", "ack"]}, "rst", {"|": [{"|": ["psh", "ack"]}, "urg"]}, {"|": ["psh", "ack"]}, {"|": ["ack", "urg"]}, "ack"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "tcp_good_flags",
+        "table": "test",
+        "type": "tcp_flag",
+        "handle": 0,
+        "flags": [
+          "constant"
+        ],
+        "elem": [
+          {
+            "|": [
+              {
+                "|": [
+                  {
+                    "|": [
+                      "fin",
+                      "psh"
+                    ]
+                  },
+                  "ack"
+                ]
+              },
+              "urg"
+            ]
+          },
+          {
+            "|": [
+              {
+                "|": [
+                  "fin",
+                  "psh"
+                ]
+              },
+              "ack"
+            ]
+          },
+          {
+            "|": [
+              {
+                "|": [
+                  "fin",
+                  "ack"
+                ]
+              },
+              "urg"
+            ]
+          },
+          {
+            "|": [
+              "fin",
+              "ack"
+            ]
+          },
+          {
+            "|": [
+              {
+                "|": [
+                  {
+                    "|": [
+                      "syn",
+                      "psh"
+                    ]
+                  },
+                  "ack"
+                ]
+              },
+              "urg"
+            ]
+          },
+          {
+            "|": [
+              {
+                "|": [
+                  "syn",
+                  "psh"
+                ]
+              },
+              "ack"
+            ]
+          },
+          {
+            "|": [
+              {
+                "|": [
+                  "syn",
+                  "ack"
+                ]
+              },
+              "urg"
+            ]
+          },
+          {
+            "|": [
+              "syn",
+              "ack"
+            ]
+          },
+          "syn",
+          {
+            "|": [
+              {
+                "|": [
+                  {
+                    "|": [
+                      "rst",
+                      "psh"
+                    ]
+                  },
+                  "ack"
+                ]
+              },
+              "urg"
+            ]
+          },
+          {
+            "|": [
+              {
+                "|": [
+                  "rst",
+                  "psh"
+                ]
+              },
+              "ack"
+            ]
+          },
+          {
+            "|": [
+              {
+                "|": [
+                  "rst",
+                  "ack"
+                ]
+              },
+              "urg"
+            ]
+          },
+          {
+            "|": [
+              "rst",
+              "ack"
+            ]
+          },
+          "rst",
+          {
+            "|": [
+              {
+                "|": [
+                  "psh",
+                  "ack"
+                ]
+              },
+              "urg"
+            ]
+          },
+          {
+            "|": [
+              "psh",
+              "ack"
+            ]
+          },
+          {
+            "|": [
+              "ack",
+              "urg"
+            ]
+          },
+          "ack"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0056dynamic_limit_0.json-nft b/tests/shell/testcases/sets/dumps/0056dynamic_limit_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0056dynamic_limit_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0056dynamic_limit_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0057set_create_fails_0.json-nft b/tests/shell/testcases/sets/dumps/0057set_create_fails_0.json-nft
index 2500f803bb6bf42d4ba33a180b603b2920729847..79d7257edb1b013dd39a74be7cbe48cdb5656aec 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0057set_create_fails_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0057set_create_fails_0.json-nft
@@ -1 +1,31 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "test", "table": "filter", "type": "ipv4_addr", "handle": 0, "size": 65535, "elem": ["1.1.1.1"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "test",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "elem": [
+          "1.1.1.1"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0058_setupdate_timeout_0.json-nft b/tests/shell/testcases/sets/dumps/0058_setupdate_timeout_0.json-nft
index 5472ec09ffe460463c3d1935b94b55da19bc0978..a727b25bdcb1bb321318506a3526828e1df04846 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0058_setupdate_timeout_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0058_setupdate_timeout_0.json-nft
@@ -1 +1,68 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"set": {"family": "inet", "name": "ssh_meter", "table": "filter", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["timeout", "dynamic"], "timeout": 2592000}}, {"chain": {"family": "inet", "table": "filter", "name": "test", "handle": 0}}, {"rule": {"family": "inet", "table": "filter", "chain": "test", "handle": 0, "expr": [{"set": {"op": "add", "elem": {"elem": {"val": {"payload": {"protocol": "ip", "field": "saddr"}}, "timeout": 2592000}}, "set": "@ssh_meter"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "ssh_meter",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ],
+        "timeout": 2592000
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "filter",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "filter",
+        "chain": "test",
+        "handle": 0,
+        "expr": [
+          {
+            "set": {
+              "op": "add",
+              "elem": {
+                "elem": {
+                  "val": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "timeout": 2592000
+                }
+              },
+              "set": "@ssh_meter"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0059set_update_multistmt_0.json-nft b/tests/shell/testcases/sets/dumps/0059set_update_multistmt_0.json-nft
index 51952f4ea4bc65b865d7dc29a9b5f7eb530e0759..9e5fae761fd702b3abf2bfd7038f8779a5916679 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0059set_update_multistmt_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0059set_update_multistmt_0.json-nft
@@ -1 +1,79 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["timeout", "dynamic"], "timeout": 3600}}, {"chain": {"family": "ip", "table": "x", "name": "z", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "z", "handle": 0, "expr": [{"set": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "daddr"}}, "set": "@y", "stmt": [{"limit": {"rate": 1, "burst": 5, "per": "second"}}, {"counter": null}]}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ],
+        "timeout": 3600
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "z",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "z",
+        "handle": 0,
+        "expr": [
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "set": "@y",
+              "stmt": [
+                {
+                  "limit": {
+                    "rate": 1,
+                    "burst": 5,
+                    "per": "second"
+                  }
+                },
+                {
+                  "counter": null
+                }
+              ]
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0060set_multistmt_0.json-nft b/tests/shell/testcases/sets/dumps/0060set_multistmt_0.json-nft
index 6068f4e03fd73489a3c92e470c12b65a59e0f7bf..0026ba915af109c0c8ffe8bb387f559436a91f5f 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0060set_multistmt_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0060set_multistmt_0.json-nft
@@ -1 +1,105 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "elem": [{"elem": {"val": "1.1.1.1", "limit": {"rate": 1, "burst": 5, "per": "second"}}}, {"elem": {"val": "4.4.4.4", "limit": {"rate": 1, "burst": 5, "per": "second"}}}, {"elem": {"val": "5.5.5.5", "limit": {"rate": 1, "burst": 5, "per": "second"}}}], "stmt": [{"limit": {"rate": 1, "burst": 5, "per": "second"}}, {"counter": null}]}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "@y"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          {
+            "elem": {
+              "val": "1.1.1.1",
+              "limit": {
+                "rate": 1,
+                "burst": 5,
+                "per": "second"
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "4.4.4.4",
+              "limit": {
+                "rate": 1,
+                "burst": 5,
+                "per": "second"
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "5.5.5.5",
+              "limit": {
+                "rate": 1,
+                "burst": 5,
+                "per": "second"
+              }
+            }
+          }
+        ],
+        "stmt": [
+          {
+            "limit": {
+              "rate": 1,
+              "burst": 5,
+              "per": "second"
+            }
+          },
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "@y"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0060set_multistmt_1.json-nft b/tests/shell/testcases/sets/dumps/0060set_multistmt_1.json-nft
index a2c6116e200680da4260067fc5e0014b5ff0262b..86b70b20c42c687ee3aa42d982119c19eee22b79 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0060set_multistmt_1.json-nft
+++ b/tests/shell/testcases/sets/dumps/0060set_multistmt_1.json-nft
@@ -1 +1,105 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"], "elem": [{"elem": {"val": "1.1.1.1", "counter": {"packets": 0, "bytes": 0}}}, {"elem": {"val": "1.2.3.4", "counter": {"packets": 9, "bytes": 756}}}, {"elem": {"val": "2.2.2.2", "counter": {"packets": 0, "bytes": 0}}}], "stmt": [{"counter": null}, {"quota": {"val": 500, "val_unit": "bytes"}}]}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"set": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "daddr"}}, "set": "@y"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": "1.1.1.1",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "1.2.3.4",
+              "counter": {
+                "packets": 9,
+                "bytes": 756
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "2.2.2.2",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          }
+        ],
+        "stmt": [
+          {
+            "counter": null
+          },
+          {
+            "quota": {
+              "val": 500,
+              "val_unit": "bytes"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "set": "@y"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0061anonymous_automerge_0.json-nft b/tests/shell/testcases/sets/dumps/0061anonymous_automerge_0.json-nft
index 2d193b3809d3412f1ae7793399a18309ef1a1e73..c559150565daa26040dbeaf57311d7325cabe6ab 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0061anonymous_automerge_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0061anonymous_automerge_0.json-nft
@@ -1 +1,57 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": {"set": [{"range": ["1.1.1.1", "1.1.1.2"]}]}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "range": [
+                      "1.1.1.1",
+                      "1.1.1.2"
+                    ]
+                  }
+                ]
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0062set_connlimit_0.json-nft b/tests/shell/testcases/sets/dumps/0062set_connlimit_0.json-nft
index f14de257d7d1a1f5bbf92a059280c9af6f070df1..c5e60e36c89ea75cb8ca31e621d165b8ae45e66f 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0062set_connlimit_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0062set_connlimit_0.json-nft
@@ -1 +1,52 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "est-connlimit", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"set": {"family": "ip", "name": "new-connlimit", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"], "stmt": [{"ct count": {"val": 20, "inv": true}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "est-connlimit",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "new-connlimit",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ],
+        "stmt": [
+          {
+            "ct count": {
+              "val": 20,
+              "inv": true
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0063set_catchall_0.json-nft b/tests/shell/testcases/sets/dumps/0063set_catchall_0.json-nft
index 3ea18e5dbe4056a6174d19ba468efc42efbd15fa..3006f75a8fcc6a38863261fda18cd6b9486d8839 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0063set_catchall_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0063set_catchall_0.json-nft
@@ -1 +1,94 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "elem": [{"elem": {"val": "1.1.1.1", "counter": {"packets": 0, "bytes": 0}}}, {"elem": {"val": "*", "counter": {"packets": 0, "bytes": 0}}}], "stmt": [{"counter": null}]}}, {"set": {"family": "ip", "name": "z", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"elem": {"val": {"prefix": {"addr": "1.1.1.0", "len": 24}}, "counter": {"packets": 0, "bytes": 0}}}, {"elem": {"val": "*", "counter": {"packets": 0, "bytes": 0}}}], "stmt": [{"counter": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          {
+            "elem": {
+              "val": "1.1.1.1",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "*",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          }
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "z",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "elem": {
+              "val": {
+                "prefix": {
+                  "addr": "1.1.1.0",
+                  "len": 24
+                }
+              },
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          },
+          {
+            "elem": {
+              "val": "*",
+              "counter": {
+                "packets": 0,
+                "bytes": 0
+              }
+            }
+          }
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0064map_catchall_0.json-nft b/tests/shell/testcases/sets/dumps/0064map_catchall_0.json-nft
index 68913db687faffdd48325e7dad2c2aa63f0df318..eba5d40ef5645cc4b8c234e817656b900bd8ada4 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0064map_catchall_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0064map_catchall_0.json-nft
@@ -1 +1,220 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"map": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr", "elem": [["10.141.0.1", "192.168.0.2"], ["*", "192.168.0.4"]]}}, {"map": {"family": "ip", "name": "z", "table": "x", "type": "ipv4_addr", "handle": 0, "map": "ipv4_addr", "flags": ["interval"], "elem": [[{"prefix": {"addr": "10.141.0.0", "len": 24}}, "192.168.0.2"], ["*", "192.168.0.3"]]}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"snat": {"addr": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": "@z"}}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"snat": {"addr": {"map": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": {"set": [[{"prefix": {"addr": "10.141.0.0", "len": 24}}, "192.168.0.2"], ["*", "192.168.0.3"]]}}}}}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"snat": {"addr": {"map": {"key": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, {"payload": {"protocol": "ip", "field": "daddr"}}]}, "data": {"set": [[{"concat": [{"prefix": {"addr": "10.141.0.0", "len": 24}}, {"prefix": {"addr": "10.0.0.0", "len": 8}}]}, "192.168.0.2"], [{"concat": [{"prefix": {"addr": "192.168.9.0", "len": 24}}, {"prefix": {"addr": "192.168.10.0", "len": 24}}]}, "192.168.0.4"], ["*", "192.168.0.3"]]}}}}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "elem": [
+          [
+            "10.141.0.1",
+            "192.168.0.2"
+          ],
+          [
+            "*",
+            "192.168.0.4"
+          ]
+        ]
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "z",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "ipv4_addr",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            {
+              "prefix": {
+                "addr": "10.141.0.0",
+                "len": 24
+              }
+            },
+            "192.168.0.2"
+          ],
+          [
+            "*",
+            "192.168.0.3"
+          ]
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": "@z"
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "addr": {
+                "map": {
+                  "key": {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        {
+                          "prefix": {
+                            "addr": "10.141.0.0",
+                            "len": 24
+                          }
+                        },
+                        "192.168.0.2"
+                      ],
+                      [
+                        "*",
+                        "192.168.0.3"
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "snat": {
+              "addr": {
+                "map": {
+                  "key": {
+                    "concat": [
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "saddr"
+                        }
+                      },
+                      {
+                        "payload": {
+                          "protocol": "ip",
+                          "field": "daddr"
+                        }
+                      }
+                    ]
+                  },
+                  "data": {
+                    "set": [
+                      [
+                        {
+                          "concat": [
+                            {
+                              "prefix": {
+                                "addr": "10.141.0.0",
+                                "len": 24
+                              }
+                            },
+                            {
+                              "prefix": {
+                                "addr": "10.0.0.0",
+                                "len": 8
+                              }
+                            }
+                          ]
+                        },
+                        "192.168.0.2"
+                      ],
+                      [
+                        {
+                          "concat": [
+                            {
+                              "prefix": {
+                                "addr": "192.168.9.0",
+                                "len": 24
+                              }
+                            },
+                            {
+                              "prefix": {
+                                "addr": "192.168.10.0",
+                                "len": 24
+                              }
+                            }
+                          ]
+                        },
+                        "192.168.0.4"
+                      ],
+                      [
+                        "*",
+                        "192.168.0.3"
+                      ]
+                    ]
+                  }
+                }
+              }
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0065_icmp_postprocessing.json-nft b/tests/shell/testcases/sets/dumps/0065_icmp_postprocessing.json-nft
index 519c93ddd116de783c926ff6a00bb4ccb518d734..f470adf3711b18086b003d0a9d4e3a85c5998a3b 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0065_icmp_postprocessing.json-nft
+++ b/tests/shell/testcases/sets/dumps/0065_icmp_postprocessing.json-nft
@@ -1 +1,78 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "foo", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "foo", "handle": 0, "expr": [{"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "foo", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "icmp", "field": "type"}}, "right": {"set": ["echo-reply", "echo-request"]}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "icmp", "field": "id"}}, "right": 42}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "foo",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "foo",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "foo",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "icmp",
+                  "field": "type"
+                }
+              },
+              "right": {
+                "set": [
+                  "echo-reply",
+                  "echo-request"
+                ]
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "icmp",
+                  "field": "id"
+                }
+              },
+              "right": 42
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0069interval_merge_0.json-nft b/tests/shell/testcases/sets/dumps/0069interval_merge_0.json-nft
index 054aa0d8dfc97848c497ca1d013668fd03be46bf..d7b32f8cc0e2492390dd2cf60d8267bc9584f8be 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0069interval_merge_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0069interval_merge_0.json-nft
@@ -1 +1,51 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "auto-merge": true, "elem": [{"range": ["1.2.3.0", "1.2.4.255"]}, {"range": ["3.3.3.3", "3.3.3.6"]}, {"range": ["4.4.4.0", "4.4.5.0"]}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "auto-merge": true,
+        "elem": [
+          {
+            "range": [
+              "1.2.3.0",
+              "1.2.4.255"
+            ]
+          },
+          {
+            "range": [
+              "3.3.3.3",
+              "3.3.3.6"
+            ]
+          },
+          {
+            "range": [
+              "4.4.4.0",
+              "4.4.5.0"
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0071unclosed_prefix_interval_0.json-nft b/tests/shell/testcases/sets/dumps/0071unclosed_prefix_interval_0.json-nft
index e0d3b135f1eda222145a34537793e86519155d9f..426bf2d1e1577f9ac1a1abdb20e72c30fa373c0a 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0071unclosed_prefix_interval_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0071unclosed_prefix_interval_0.json-nft
@@ -1 +1,128 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 0}}, {"set": {"family": "inet", "name": "s1", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "10.0.0.0", "len": 8}}, {"prefix": {"addr": "192.0.0.0", "len": 2}}]}}, {"set": {"family": "inet", "name": "s2", "table": "t", "type": "ipv6_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "fe80::", "len": 10}}, {"prefix": {"addr": "ff00::", "len": 8}}]}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 0}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "@s1"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": "@s2"}}, {"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s1",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "10.0.0.0",
+              "len": 8
+            }
+          },
+          {
+            "prefix": {
+              "addr": "192.0.0.0",
+              "len": 2
+            }
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "inet",
+        "name": "s2",
+        "table": "t",
+        "type": "ipv6_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "fe80::",
+              "len": 10
+            }
+          },
+          {
+            "prefix": {
+              "addr": "ff00::",
+              "len": 8
+            }
+          }
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "t",
+        "name": "c",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "@s1"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": "@s2"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0072destroy_0.json-nft b/tests/shell/testcases/sets/dumps/0072destroy_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0072destroy_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/0072destroy_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0073flat_interval_set.json-nft b/tests/shell/testcases/sets/dumps/0073flat_interval_set.json-nft
index d4547f138fec30b68f2f20bbc4a3e61033766cc4..e2fb6214238fa77878b8ec12177ecdc1417b55db 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0073flat_interval_set.json-nft
+++ b/tests/shell/testcases/sets/dumps/0073flat_interval_set.json-nft
@@ -1 +1,52 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"counter": {"family": "inet", "name": "TEST", "table": "filter", "handle": 0, "packets": 0, "bytes": 0}}, {"map": {"family": "inet", "name": "testmap", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "counter", "flags": ["interval"], "elem": [[{"prefix": {"addr": "192.168.0.0", "len": 24}}, "TEST"]]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "counter": {
+        "family": "inet",
+        "name": "TEST",
+        "table": "filter",
+        "handle": 0,
+        "packets": 0,
+        "bytes": 0
+      }
+    },
+    {
+      "map": {
+        "family": "inet",
+        "name": "testmap",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "counter",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            {
+              "prefix": {
+                "addr": "192.168.0.0",
+                "len": 24
+              }
+            },
+            "TEST"
+          ]
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/0074nested_interval_set.json-nft b/tests/shell/testcases/sets/dumps/0074nested_interval_set.json-nft
index d4547f138fec30b68f2f20bbc4a3e61033766cc4..e2fb6214238fa77878b8ec12177ecdc1417b55db 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0074nested_interval_set.json-nft
+++ b/tests/shell/testcases/sets/dumps/0074nested_interval_set.json-nft
@@ -1 +1,52 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 0}}, {"counter": {"family": "inet", "name": "TEST", "table": "filter", "handle": 0, "packets": 0, "bytes": 0}}, {"map": {"family": "inet", "name": "testmap", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "counter", "flags": ["interval"], "elem": [[{"prefix": {"addr": "192.168.0.0", "len": 24}}, "TEST"]]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "counter": {
+        "family": "inet",
+        "name": "TEST",
+        "table": "filter",
+        "handle": 0,
+        "packets": 0,
+        "bytes": 0
+      }
+    },
+    {
+      "map": {
+        "family": "inet",
+        "name": "testmap",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "counter",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            {
+              "prefix": {
+                "addr": "192.168.0.0",
+                "len": 24
+              }
+            },
+            "TEST"
+          ]
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/collapse_elem_0.json-nft b/tests/shell/testcases/sets/dumps/collapse_elem_0.json-nft
index 2f92570de4080d8de4d0bc81ff775dbdd2a50e62..c713828d2843607677e501c5da3363bf885ace8f 100644 (file)
--- a/tests/shell/testcases/sets/dumps/collapse_elem_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/collapse_elem_0.json-nft
@@ -1 +1,50 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "a", "handle": 0}}, {"set": {"family": "ip", "name": "x", "table": "a", "type": "inet_service", "handle": 0, "elem": [1, 2]}}, {"table": {"family": "ip6", "name": "a", "handle": 0}}, {"set": {"family": "ip6", "name": "x", "table": "a", "type": "inet_service", "handle": 0, "elem": [2]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "a",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "x",
+        "table": "a",
+        "type": "inet_service",
+        "handle": 0,
+        "elem": [
+          1,
+          2
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "a",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip6",
+        "name": "x",
+        "table": "a",
+        "type": "inet_service",
+        "handle": 0,
+        "elem": [
+          2
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/concat_interval_0.json-nft b/tests/shell/testcases/sets/dumps/concat_interval_0.json-nft
index a5076cb5b5352fb75689355b02c7d542adfbef91..d65065e4f0947a4eee012c5c46dd6b01676c7f01 100644 (file)
--- a/tests/shell/testcases/sets/dumps/concat_interval_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/concat_interval_0.json-nft
@@ -1 +1,68 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": ["ipv4_addr", "inet_proto", "inet_service"], "handle": 0, "flags": ["interval"], "stmt": [{"counter": null}]}}, {"set": {"family": "ip", "name": "s2", "table": "t", "type": ["ipv4_addr", "mark"], "handle": 0, "flags": ["interval"], "elem": [{"concat": ["10.10.10.10", 256]}, {"concat": ["20.20.20.20", 512]}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": [
+          "ipv4_addr",
+          "inet_proto",
+          "inet_service"
+        ],
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "stmt": [
+          {
+            "counter": null
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s2",
+        "table": "t",
+        "type": [
+          "ipv4_addr",
+          "mark"
+        ],
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "concat": [
+              "10.10.10.10",
+              256
+            ]
+          },
+          {
+            "concat": [
+              "20.20.20.20",
+              512
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/dynset_missing.json-nft b/tests/shell/testcases/sets/dumps/dynset_missing.json-nft
index 285d19f68be52ac6b83e3b711fa69fcf874397e3..3462d67f05562a1a9fbc8725ee2887e7aad35265 100644 (file)
--- a/tests/shell/testcases/sets/dumps/dynset_missing.json-nft
+++ b/tests/shell/testcases/sets/dumps/dynset_missing.json-nft
@@ -1 +1,83 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "test", "handle": 0}}, {"set": {"family": "ip", "name": "dlist", "table": "test", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"chain": {"family": "ip", "table": "test", "name": "output", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "test", "chain": "output", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 1234}}, {"set": {"op": "update", "elem": {"payload": {"protocol": "ip", "field": "daddr"}}, "set": "@dlist"}}, {"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "test",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "dlist",
+        "table": "test",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "test",
+        "name": "output",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "test",
+        "chain": "output",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 1234
+            }
+          },
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "set": "@dlist"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/errors_0.json-nft b/tests/shell/testcases/sets/dumps/errors_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/sets/dumps/errors_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/errors_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/exact_overlap_0.json-nft b/tests/shell/testcases/sets/dumps/exact_overlap_0.json-nft
index 30ace7aac30f618b04c700f3517e51222eb144b6..958d1e5cf6caf55b2e628c7b4156ff78febad67b 100644 (file)
--- a/tests/shell/testcases/sets/dumps/exact_overlap_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/exact_overlap_0.json-nft
@@ -1 +1,110 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "1.0.1.0", "len": 24}}, {"prefix": {"addr": "1.0.2.0", "len": 23}}, {"prefix": {"addr": "1.0.8.0", "len": 21}}, {"prefix": {"addr": "1.0.32.0", "len": 19}}, {"prefix": {"addr": "1.1.0.0", "len": 24}}, {"prefix": {"addr": "1.1.2.0", "len": 23}}, {"prefix": {"addr": "1.1.4.0", "len": 22}}, {"prefix": {"addr": "1.1.8.0", "len": 24}}, {"prefix": {"addr": "1.1.9.0", "len": 24}}, {"prefix": {"addr": "1.1.10.0", "len": 23}}, {"prefix": {"addr": "1.1.12.0", "len": 22}}, {"prefix": {"addr": "1.1.16.0", "len": 20}}, {"prefix": {"addr": "1.1.32.0", "len": 19}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "1.0.1.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.0.2.0",
+              "len": 23
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.0.8.0",
+              "len": 21
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.0.32.0",
+              "len": 19
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.0.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.2.0",
+              "len": 23
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.4.0",
+              "len": 22
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.8.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.9.0",
+              "len": 24
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.10.0",
+              "len": 23
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.12.0",
+              "len": 22
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.16.0",
+              "len": 20
+            }
+          },
+          {
+            "prefix": {
+              "addr": "1.1.32.0",
+              "len": 19
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/inner_0.json-nft b/tests/shell/testcases/sets/dumps/inner_0.json-nft
index f1e1ff3a60af38fb7c9e10240739862ee16c4a39..cc48de6b4f47fa9ad149014f5f6b5c5bdc84520b 100644 (file)
--- a/tests/shell/testcases/sets/dumps/inner_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/inner_0.json-nft
@@ -1 +1,207 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "netdev", "name": "x", "handle": 0}}, {"set": {"family": "netdev", "name": "x", "table": "x", "type": ["ipv4_addr", "ipv4_addr"], "handle": 0, "elem": [{"concat": ["3.3.3.3", "4.4.4.4"]}]}}, {"set": {"family": "netdev", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "size": 65535, "flags": ["dynamic"]}}, {"chain": {"family": "netdev", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "netdev", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 4789}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"tunnel": "vxlan", "protocol": "ip", "field": "saddr"}}, {"payload": {"tunnel": "vxlan", "protocol": "ip", "field": "daddr"}}]}, "right": {"set": [{"concat": ["1.1.1.1", "2.2.2.2"]}]}}}, {"counter": {"packets": 0, "bytes": 0}}]}}, {"rule": {"family": "netdev", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 4789}}, {"match": {"op": "==", "left": {"concat": [{"payload": {"tunnel": "vxlan", "protocol": "ip", "field": "saddr"}}, {"payload": {"tunnel": "vxlan", "protocol": "ip", "field": "daddr"}}]}, "right": "@x"}}, {"counter": {"packets": 0, "bytes": 0}}]}}, {"rule": {"family": "netdev", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 4789}}, {"set": {"op": "update", "elem": {"payload": {"tunnel": "vxlan", "protocol": "ip", "field": "saddr"}}, "set": "@y"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "netdev",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "netdev",
+        "name": "x",
+        "table": "x",
+        "type": [
+          "ipv4_addr",
+          "ipv4_addr"
+        ],
+        "handle": 0,
+        "elem": [
+          {
+            "concat": [
+              "3.3.3.3",
+              "4.4.4.4"
+            ]
+          }
+        ]
+      }
+    },
+    {
+      "set": {
+        "family": "netdev",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "dynamic"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "netdev",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "netdev",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 4789
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "tunnel": "vxlan",
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "tunnel": "vxlan",
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  }
+                ]
+              },
+              "right": {
+                "set": [
+                  {
+                    "concat": [
+                      "1.1.1.1",
+                      "2.2.2.2"
+                    ]
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "netdev",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 4789
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "tunnel": "vxlan",
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  {
+                    "payload": {
+                      "tunnel": "vxlan",
+                      "protocol": "ip",
+                      "field": "daddr"
+                    }
+                  }
+                ]
+              },
+              "right": "@x"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "netdev",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 4789
+            }
+          },
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "payload": {
+                  "tunnel": "vxlan",
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "set": "@y"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/set_eval_0.json-nft b/tests/shell/testcases/sets/dumps/set_eval_0.json-nft
index 3a9d9263017e3754a53001c04c9d3ea4f7705b68..4590b8840398548eec34e73626adc3a1079b331e 100644 (file)
--- a/tests/shell/testcases/sets/dumps/set_eval_0.json-nft
+++ b/tests/shell/testcases/sets/dumps/set_eval_0.json-nft
@@ -1 +1,85 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "nat", "handle": 0}}, {"set": {"family": "ip", "name": "set_with_interval", "table": "nat", "type": "ipv4_addr", "handle": 0, "flags": ["interval"]}}, {"chain": {"family": "ip", "table": "nat", "name": "prerouting", "handle": 0, "type": "nat", "hook": "prerouting", "prio": -100, "policy": "accept"}}, {"rule": {"family": "ip", "table": "nat", "chain": "prerouting", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["tcp", "udp"]}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "th", "field": "dport"}}, "right": 443}}, {"dnat": {"addr": "10.0.0.1"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "nat",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "set_with_interval",
+        "table": "nat",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ]
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "nat",
+        "name": "prerouting",
+        "handle": 0,
+        "type": "nat",
+        "hook": "prerouting",
+        "prio": -100,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "nat",
+        "chain": "prerouting",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "tcp",
+                  "udp"
+                ]
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "th",
+                  "field": "dport"
+                }
+              },
+              "right": 443
+            }
+          },
+          {
+            "dnat": {
+              "addr": "10.0.0.1"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/sets/dumps/type_set_symbol.json-nft b/tests/shell/testcases/sets/dumps/type_set_symbol.json-nft
index c4485f34ce7d481482ee9b612155293cbd5ecf05..e4ae0a2e3df241dbcb403a7fe236876db211df86 100644 (file)
--- a/tests/shell/testcases/sets/dumps/type_set_symbol.json-nft
+++ b/tests/shell/testcases/sets/dumps/type_set_symbol.json-nft
@@ -1 +1,114 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s1", "table": "t", "type": ["ipv4_addr", "ipv4_addr", "inet_service"], "handle": 0, "size": 65535, "flags": ["timeout", "dynamic"], "timeout": 10800}}, {"chain": {"family": "ip", "table": "t", "name": "c1", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c2", "handle": 0}}, {"rule": {"family": "ip", "table": "t", "chain": "c1", "handle": 0, "expr": [{"set": {"op": "update", "elem": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, "10.180.0.4", 80]}, "set": "@s1"}}]}}, {"rule": {"family": "ip", "table": "t", "chain": "c2", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ip", "field": "saddr"}}, "1.2.3.4", 80]}, "right": "@s1"}}, {"goto": {"target": "c1"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s1",
+        "table": "t",
+        "type": [
+          "ipv4_addr",
+          "ipv4_addr",
+          "inet_service"
+        ],
+        "handle": 0,
+        "size": 65535,
+        "flags": [
+          "timeout",
+          "dynamic"
+        ],
+        "timeout": 10800
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c1",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c2",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c1",
+        "handle": 0,
+        "expr": [
+          {
+            "set": {
+              "op": "update",
+              "elem": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "10.180.0.4",
+                  80
+                ]
+              },
+              "set": "@s1"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c2",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "concat": [
+                  {
+                    "payload": {
+                      "protocol": "ip",
+                      "field": "saddr"
+                    }
+                  },
+                  "1.2.3.4",
+                  80
+                ]
+              },
+              "right": "@s1"
+            }
+          },
+          {
+            "goto": {
+              "target": "c1"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0001table_0.json-nft b/tests/shell/testcases/transactions/dumps/0001table_0.json-nft
index d5340905877c4571f8132508ed600344258320cd..ea75b43fb2b9ba060325c9e6081b933992b39418 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0001table_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0001table_0.json-nft
@@ -1 +1,25 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"table": {"family": "ip", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0002table_0.json-nft b/tests/shell/testcases/transactions/dumps/0002table_0.json-nft
index 3184e72d654eee82652bcb391ea127b6307395f3..b1fefc31e1f0a4b86af2a0d71b36a20881fe148d 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0002table_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0002table_0.json-nft
@@ -1 +1,31 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0, "flags": "dormant"}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0, "type": "nat", "hook": "prerouting", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0,
+        "flags": "dormant"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "nat",
+        "hook": "prerouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0003table_0.json-nft b/tests/shell/testcases/transactions/dumps/0003table_0.json-nft
index d5340905877c4571f8132508ed600344258320cd..ea75b43fb2b9ba060325c9e6081b933992b39418 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0003table_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0003table_0.json-nft
@@ -1 +1,25 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"table": {"family": "ip", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0010chain_0.json-nft b/tests/shell/testcases/transactions/dumps/0010chain_0.json-nft
index 6095ac01bf390e026fdcb827381616f1ec8b4109..85947674d8841d440128de57b37c79d9faf99c76 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0010chain_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0010chain_0.json-nft
@@ -1 +1,26 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "w", "handle": 0}}, {"chain": {"family": "ip", "table": "w", "name": "y", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "w",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "w",
+        "name": "y",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0011chain_0.json-nft b/tests/shell/testcases/transactions/dumps/0011chain_0.json-nft
index d8e414fbf6b2f6274fe8df8eb08d1c2a7ec94fcf..12cf0bbfea57c6c8a1de5e00adeee86e99d744d5 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0011chain_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0011chain_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "drop"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "drop"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0012chain_0.json-nft b/tests/shell/testcases/transactions/dumps/0012chain_0.json-nft
index dbd66d21f21b345aeeae8482f44bc1f8c739d429..dc5eaa61c550c886b3ca15a7ccb347dd801e4d2c 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0012chain_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0012chain_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "w", "handle": 0}}, {"chain": {"family": "ip", "table": "w", "name": "y", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "w",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "w",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0013chain_0.json-nft b/tests/shell/testcases/transactions/dumps/0013chain_0.json-nft
index dbd66d21f21b345aeeae8482f44bc1f8c739d429..dc5eaa61c550c886b3ca15a7ccb347dd801e4d2c 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0013chain_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0013chain_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "w", "handle": 0}}, {"chain": {"family": "ip", "table": "w", "name": "y", "handle": 0, "type": "filter", "hook": "output", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "w",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "w",
+        "name": "y",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0014chain_1.json-nft b/tests/shell/testcases/transactions/dumps/0014chain_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0014chain_1.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0014chain_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0015chain_0.json-nft b/tests/shell/testcases/transactions/dumps/0015chain_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0015chain_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0015chain_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0020rule_0.json-nft b/tests/shell/testcases/transactions/dumps/0020rule_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0020rule_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0020rule_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0021rule_0.json-nft b/tests/shell/testcases/transactions/dumps/0021rule_0.json-nft
index ca6c43d500e3b2e4252679ce9143818d94497e85..4c5500cc3b94d7d2e909edabe266b42788723180 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0021rule_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0021rule_0.json-nft
@@ -1 +1,54 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "saddr"}}, "right": "2.2.2.2"}}, {"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "right": "2.2.2.2"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0022rule_1.json-nft b/tests/shell/testcases/transactions/dumps/0022rule_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0022rule_1.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0022rule_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0023rule_1.json-nft b/tests/shell/testcases/transactions/dumps/0023rule_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0023rule_1.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0023rule_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0024rule_0.json-nft b/tests/shell/testcases/transactions/dumps/0024rule_0.json-nft
index b8513006202a8b6f91b169839ee86a475cb4965b..1e37f7d98389e1053ecb373283ecf0a8509b04f2 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0024rule_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0024rule_0.json-nft
@@ -1 +1,82 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "comment": "rule1", "expr": [{"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "comment": "rule2", "expr": [{"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "comment": "rule3", "expr": [{"accept": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "comment": "rule4", "expr": [{"accept": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "comment": "rule1",
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "comment": "rule2",
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "comment": "rule3",
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "comment": "rule4",
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0025rule_0.json-nft b/tests/shell/testcases/transactions/dumps/0025rule_0.json-nft
index 84de2abe1e408465f948a8e2cd8abe9f1224a6e3..623d9765937bc1e3142be9cc5f8c2d753fa82a1e 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0025rule_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0025rule_0.json-nft
@@ -1 +1,52 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 0}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"log": null}]}}, {"rule": {"family": "ip", "table": "x", "chain": "y", "handle": 0, "expr": [{"drop": null}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "x",
+        "name": "y",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "log": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "x",
+        "chain": "y",
+        "handle": 0,
+        "expr": [
+          {
+            "drop": null
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0030set_0.json-nft b/tests/shell/testcases/transactions/dumps/0030set_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0030set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0030set_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0031set_0.json-nft b/tests/shell/testcases/transactions/dumps/0031set_0.json-nft
index c965d03e13bd9811053fadb56d907d0f42711718..c1b7639dc8436b2b8837fdb40ce321c11c5fc388 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0031set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0031set_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0032set_0.json-nft b/tests/shell/testcases/transactions/dumps/0032set_0.json-nft
index 71d7f4ca4814128d51ee8af92b64bab3aa87e132..66bbf0ebed80a0a270fc2de055fe31f687982a5b 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0032set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0032set_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "w", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "w", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "w",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "w",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0033set_0.json-nft b/tests/shell/testcases/transactions/dumps/0033set_0.json-nft
index 0de45a8a10dc2f6b1c3673afffaba90432e7c461..15ec0aacd57feef33d0a2335a91d44dafc55a0b5 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0033set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0033set_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0034set_0.json-nft b/tests/shell/testcases/transactions/dumps/0034set_0.json-nft
index c965d03e13bd9811053fadb56d907d0f42711718..c1b7639dc8436b2b8837fdb40ce321c11c5fc388 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0034set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0034set_0.json-nft
@@ -1 +1,27 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0035set_0.json-nft b/tests/shell/testcases/transactions/dumps/0035set_0.json-nft
index f5475f3954d48f0062a705e146c7b99460f1914c..6b8f671c5143bc47aa84c830bdabe711295eb881 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0035set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0035set_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "elem": ["3.3.3.3"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "elem": [
+          "3.3.3.3"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0036set_1.json-nft b/tests/shell/testcases/transactions/dumps/0036set_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0036set_1.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0036set_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0037set_0.json-nft b/tests/shell/testcases/transactions/dumps/0037set_0.json-nft
index ad0b9f9fb91f4d2a0da64a89815cd12b3ae8dc9d..e4c77147b88f66d57193f8721ff1e3f6cd487227 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0037set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0037set_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0038set_0.json-nft b/tests/shell/testcases/transactions/dumps/0038set_0.json-nft
index 9d4d3dadecb227281f880d4fbfe453f6902b3152..0a36f4a809a0dd522a5353aedd4cdb4af4846c02 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0038set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0038set_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "192.168.4.0", "len": 24}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "192.168.4.0",
+              "len": 24
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0039set_0.json-nft b/tests/shell/testcases/transactions/dumps/0039set_0.json-nft
index 9d4d3dadecb227281f880d4fbfe453f6902b3152..0a36f4a809a0dd522a5353aedd4cdb4af4846c02 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0039set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0039set_0.json-nft
@@ -1 +1,38 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 0}}, {"set": {"family": "ip", "name": "y", "table": "x", "type": "ipv4_addr", "handle": 0, "flags": ["interval"], "elem": [{"prefix": {"addr": "192.168.4.0", "len": 24}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "x",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "y",
+        "table": "x",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "prefix": {
+              "addr": "192.168.4.0",
+              "len": 24
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0040set_0.json-nft b/tests/shell/testcases/transactions/dumps/0040set_0.json-nft
index 44e087858dac6bee43d74271748da451276be455..f8130d95a0fc58fee0f1890bad6b51cc1d47e137 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0040set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0040set_0.json-nft
@@ -1 +1,84 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"map": {"family": "ip", "name": "client_to_any", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "verdict"}}, {"chain": {"family": "ip", "table": "filter", "name": "FORWARD", "handle": 0, "type": "filter", "hook": "forward", "prio": 0, "policy": "accept"}}, {"chain": {"family": "ip", "table": "filter", "name": "client_to_any", "handle": 0}}, {"rule": {"family": "ip", "table": "filter", "chain": "FORWARD", "handle": 0, "expr": [{"goto": {"target": "client_to_any"}}]}}, {"rule": {"family": "ip", "table": "filter", "chain": "client_to_any", "handle": 0, "expr": [{"vmap": {"key": {"payload": {"protocol": "ip", "field": "saddr"}}, "data": "@client_to_any"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "client_to_any",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "verdict"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "FORWARD",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "filter",
+        "name": "client_to_any",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "client_to_any"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "filter",
+        "chain": "client_to_any",
+        "handle": 0,
+        "expr": [
+          {
+            "vmap": {
+              "key": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "saddr"
+                }
+              },
+              "data": "@client_to_any"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0041nat_restore_0.json-nft b/tests/shell/testcases/transactions/dumps/0041nat_restore_0.json-nft
index c6a518495661a27b13eaa04346858c8cf6996184..32fce943e27c5f1b2977c2a42eb89250d2a65479 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0041nat_restore_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0041nat_restore_0.json-nft
@@ -1 +1,30 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 0, "policy": "accept"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 0,
+        "policy": "accept"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0042_stateful_expr_0.json-nft b/tests/shell/testcases/transactions/dumps/0042_stateful_expr_0.json-nft
index 044ecb68e3118a8769d9881dab92e1785fd8c6db..ea3b5d3c5dbe095f5a3f91c865460e9ec9c69fe6 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0042_stateful_expr_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0042_stateful_expr_0.json-nft
@@ -1 +1,28 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"map": {"family": "ip", "name": "m1", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "counter"}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "m1",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "counter"
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0043set_1.json-nft b/tests/shell/testcases/transactions/dumps/0043set_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0043set_1.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0043set_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0044rule_0.json-nft b/tests/shell/testcases/transactions/dumps/0044rule_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0044rule_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0044rule_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0045anon-unbind_0.json-nft b/tests/shell/testcases/transactions/dumps/0045anon-unbind_0.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0045anon-unbind_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0045anon-unbind_0.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0046set_0.json-nft b/tests/shell/testcases/transactions/dumps/0046set_0.json-nft
index 2cc270ecc70ada6591d56fa332c56d023960d712..f9b488e78a5d3f90a3318e9aedf86be0645cca64 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0046set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0046set_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0047set_0.json-nft b/tests/shell/testcases/transactions/dumps/0047set_0.json-nft
index d192d830a39a42b5d3d32a9ca6e9693cd4873bc6..a7e677b2e702c15789f158276a1317f83c14eb7b 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0047set_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0047set_0.json-nft
@@ -1 +1,73 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}, {"map": {"family": "ip", "name": "group_10060", "table": "filter", "type": "ipv4_addr", "handle": 0, "map": "classid", "flags": ["interval"], "elem": [["10.1.26.2", "1:bbf8"], ["10.1.26.3", "1:c1ad"], ["10.1.26.4", "1:b2d7"], ["10.1.26.5", "1:f705"], ["10.1.26.6", "1:b895"], ["10.1.26.7", "1:ec4c"], ["10.1.26.8", "1:de78"], ["10.1.26.9", "1:b4f3"], ["10.1.26.10", "1:dec6"], ["10.1.26.11", "1:b4c0"]]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    },
+    {
+      "map": {
+        "family": "ip",
+        "name": "group_10060",
+        "table": "filter",
+        "type": "ipv4_addr",
+        "handle": 0,
+        "map": "classid",
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          [
+            "10.1.26.2",
+            "1:bbf8"
+          ],
+          [
+            "10.1.26.3",
+            "1:c1ad"
+          ],
+          [
+            "10.1.26.4",
+            "1:b2d7"
+          ],
+          [
+            "10.1.26.5",
+            "1:f705"
+          ],
+          [
+            "10.1.26.6",
+            "1:b895"
+          ],
+          [
+            "10.1.26.7",
+            "1:ec4c"
+          ],
+          [
+            "10.1.26.8",
+            "1:de78"
+          ],
+          [
+            "10.1.26.9",
+            "1:b4f3"
+          ],
+          [
+            "10.1.26.10",
+            "1:dec6"
+          ],
+          [
+            "10.1.26.11",
+            "1:b4c0"
+          ]
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0048helpers_0.json-nft b/tests/shell/testcases/transactions/dumps/0048helpers_0.json-nft
index 2cc270ecc70ada6591d56fa332c56d023960d712..f9b488e78a5d3f90a3318e9aedf86be0645cca64 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0048helpers_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0048helpers_0.json-nft
@@ -1 +1,18 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter", "handle": 0}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter",
+        "handle": 0
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0049huge_0.json-nft b/tests/shell/testcases/transactions/dumps/0049huge_0.json-nft
index 4626cea39aae3144949d1870dfd3e6f673695d55..456ada9401709b7c57ba422546137f1801da0e21 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0049huge_0.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0049huge_0.json-nft
@@ -1 +1,5121 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "firewalld", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PREROUTING", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -290, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PREROUTING", "handle": 0, "type": "filter", "hook": "prerouting", "prio": -140, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_INPUT", "handle": 0, "type": "filter", "hook": "input", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD", "handle": 0, "type": "filter", "hook": "forward", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_OUTPUT", "handle": 0, "type": "filter", "hook": "output", "prio": 10, "policy": "accept"}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_INPUT_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD_IN_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FORWARD_OUT_ZONES", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_public_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_public_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_public_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_public_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_public_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_trusted", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_trusted_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_trusted_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_trusted_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_trusted_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_trusted_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_trusted", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_trusted_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_trusted_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_trusted_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_trusted_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_trusted_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_trusted", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_trusted_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_trusted_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_trusted_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_trusted_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_trusted_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_trusted", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_trusted_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_trusted_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_trusted_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_trusted_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_trusted_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_trusted", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_trusted_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_trusted_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_trusted_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_trusted_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_trusted_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "raw_PRE_work_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_IN_work_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "mangle_PRE_work_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDI_work_post", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_pre", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_log", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_deny", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_allow", "handle": 0}}, {"chain": {"family": "inet", "table": "firewalld", "name": "filter_FWDO_work_post", "handle": 0}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "icmpv6", "field": "type"}}, "right": {"set": ["nd-router-advert", "nd-neighbor-solicit"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "nfproto"}}, "right": "ipv6"}}, {"match": {"op": "==", "left": {"fib": {"result": "oif", "flags": ["saddr", "iif"]}}, "right": false}}, {"drop": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "raw_PREROUTING_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "raw_PRE_work"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "raw_PRE_trusted"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "raw_PRE_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "mangle_PREROUTING_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "mangle_PRE_work"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "mangle_PRE_trusted"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "mangle_PRE_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"match": {"op": "==", "left": {"ct": {"key": "state"}}, "right": {"set": ["established", "related"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "status"}}, "right": "dnat"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"jump": {"target": "filter_INPUT_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "invalid"}}, {"drop": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT", "handle": 0, "expr": [{"reject": {"type": "icmpx", "expr": "admin-prohibited"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "==", "left": {"ct": {"key": "state"}}, "right": {"set": ["established", "related"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "status"}}, "right": "dnat"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": {"set": [{"prefix": {"addr": "::", "len": 96}}, {"prefix": {"addr": "::ffff:0.0.0.0", "len": 96}}, {"prefix": {"addr": "2002::", "len": 24}}, {"prefix": {"addr": "2002:a00::", "len": 24}}, {"prefix": {"addr": "2002:7f00::", "len": 24}}, {"prefix": {"addr": "2002:a9fe::", "len": 32}}, {"prefix": {"addr": "2002:ac10::", "len": 28}}, {"prefix": {"addr": "2002:c0a8::", "len": 32}}, {"prefix": {"addr": "2002:e000::", "len": 19}}]}}}, {"reject": {"type": "icmpv6", "expr": "addr-unreachable"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"jump": {"target": "filter_FORWARD_IN_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"jump": {"target": "filter_FORWARD_OUT_ZONES"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"match": {"op": "in", "left": {"ct": {"key": "state"}}, "right": "invalid"}}, {"drop": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD", "handle": 0, "expr": [{"reject": {"type": "icmpx", "expr": "admin-prohibited"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_OUTPUT", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "lo"}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_OUTPUT", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": {"set": [{"prefix": {"addr": "::", "len": 96}}, {"prefix": {"addr": "::ffff:0.0.0.0", "len": 96}}, {"prefix": {"addr": "2002::", "len": 24}}, {"prefix": {"addr": "2002:a00::", "len": 24}}, {"prefix": {"addr": "2002:7f00::", "len": 24}}, {"prefix": {"addr": "2002:a9fe::", "len": 32}}, {"prefix": {"addr": "2002:ac10::", "len": 28}}, {"prefix": {"addr": "2002:c0a8::", "len": 32}}, {"prefix": {"addr": "2002:e000::", "len": 19}}]}}}, {"reject": {"type": "icmpv6", "expr": "addr-unreachable"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "filter_IN_work"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "filter_IN_trusted"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_INPUT_ZONES", "handle": 0, "expr": [{"goto": {"target": "filter_IN_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_IN_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "filter_FWDI_work"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_IN_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "filter_FWDI_trusted"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_IN_ZONES", "handle": 0, "expr": [{"goto": {"target": "filter_FWDI_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_OUT_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "filter_FWDO_work"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_OUT_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "filter_FWDO_trusted"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FORWARD_OUT_ZONES", "handle": 0, "expr": [{"goto": {"target": "filter_FWDO_public"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_public", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_public_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"jump": {"target": "filter_IN_public_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "==", "left": {"ct": {"key": "state"}}, "right": {"set": ["new", "untracked"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_public_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": {"prefix": {"addr": "fe80::", "len": 64}}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 546}}, {"match": {"op": "==", "left": {"ct": {"key": "state"}}, "right": {"set": ["new", "untracked"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_public_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_public", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_public", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_public_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_public", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_public_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_trusted_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_trusted_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_trusted_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_trusted_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_trusted_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_trusted_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_trusted_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_trusted_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_trusted_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_trusted_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_IN_trusted_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_IN_trusted_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_IN_trusted_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_IN_trusted_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_IN_trusted_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_trusted", "handle": 0, "expr": [{"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_trusted_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_trusted_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_trusted_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_trusted_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_trusted_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_trusted", "handle": 0, "expr": [{"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_trusted_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_trusted_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_trusted_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_trusted_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_trusted", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_trusted_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_trusted", "handle": 0, "expr": [{"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "raw_PRE_work", "handle": 0, "expr": [{"jump": {"target": "raw_PRE_work_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"jump": {"target": "filter_IN_work_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": 22}}, {"match": {"op": "==", "left": {"ct": {"key": "state"}}, "right": {"set": ["new", "untracked"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_IN_work_allow", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip6", "field": "daddr"}}, "right": {"prefix": {"addr": "fe80::", "len": 64}}}}, {"match": {"op": "==", "left": {"payload": {"protocol": "udp", "field": "dport"}}, "right": 546}}, {"match": {"op": "==", "left": {"ct": {"key": "state"}}, "right": {"set": ["new", "untracked"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "mangle_PRE_work", "handle": 0, "expr": [{"jump": {"target": "mangle_PRE_work_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDI_work_post"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_work", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "l4proto"}}, "right": {"set": ["icmp", "ipv6-icmp"]}}}, {"accept": null}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_pre"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_log"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_deny"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_allow"}}]}}, {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDO_work", "handle": 0, "expr": [{"jump": {"target": "filter_FWDO_work_post"}}]}}, {"table": {"family": "ip", "name": "firewalld", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PREROUTING", "handle": 0, "type": "nat", "hook": "prerouting", "prio": -90, "policy": "accept"}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POSTROUTING", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 110, "policy": "accept"}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POSTROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_pre", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_public_post", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_pre", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_public_post", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_trusted", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_trusted_pre", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_trusted_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_trusted_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_trusted_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_trusted_post", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_trusted", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_trusted_pre", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_trusted_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_trusted_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_trusted_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_trusted_post", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_pre", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_PRE_work_post", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_pre", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_log", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_deny", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_allow", "handle": 0}}, {"chain": {"family": "ip", "table": "firewalld", "name": "nat_POST_work_post", "handle": 0}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_PREROUTING_ZONES"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "nat_PRE_work"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "nat_PRE_trusted"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_PRE_public"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_POSTROUTING_ZONES"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "nat_POST_work"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "nat_POST_trusted"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_POST_public"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_pre"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_post"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_pre"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_post"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_pre"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_post"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_pre"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_post"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_pre"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_post"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_pre"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_log"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_deny"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_allow"}}]}}, {"rule": {"family": "ip", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_post"}}]}}, {"table": {"family": "ip6", "name": "firewalld", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PREROUTING", "handle": 0, "type": "nat", "hook": "prerouting", "prio": -90, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PREROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POSTROUTING", "handle": 0, "type": "nat", "hook": "postrouting", "prio": 110, "policy": "accept"}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POSTROUTING_ZONES", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_pre", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_public_post", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_pre", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_public_post", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_trusted", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_trusted_pre", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_trusted_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_trusted_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_trusted_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_trusted_post", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_trusted", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_trusted_pre", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_trusted_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_trusted_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_trusted_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_trusted_post", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_pre", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_PRE_work_post", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_pre", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_log", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_deny", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_allow", "handle": 0}}, {"chain": {"family": "ip6", "table": "firewalld", "name": "nat_POST_work_post", "handle": 0}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_PREROUTING_ZONES"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "nat_PRE_work"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "iifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "nat_PRE_trusted"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PREROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_PRE_public"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING", "handle": 0, "expr": [{"jump": {"target": "nat_POSTROUTING_ZONES"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "perm_dummy"}}, {"goto": {"target": "nat_POST_work"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"match": {"op": "==", "left": {"meta": {"key": "oifname"}}, "right": "perm_dummy2"}}, {"goto": {"target": "nat_POST_trusted"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POSTROUTING_ZONES", "handle": 0, "expr": [{"goto": {"target": "nat_POST_public"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_pre"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_public", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_public_post"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_pre"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_public", "handle": 0, "expr": [{"jump": {"target": "nat_POST_public_post"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_pre"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_trusted_post"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_pre"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_trusted", "handle": 0, "expr": [{"jump": {"target": "nat_POST_trusted_post"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_pre"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_PRE_work", "handle": 0, "expr": [{"jump": {"target": "nat_PRE_work_post"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_pre"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_log"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_deny"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_allow"}}]}}, {"rule": {"family": "ip6", "table": "firewalld", "chain": "nat_POST_work", "handle": 0, "expr": [{"jump": {"target": "nat_POST_work_post"}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "inet",
+        "name": "firewalld",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PREROUTING",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -290,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PREROUTING",
+        "handle": 0,
+        "type": "filter",
+        "hook": "prerouting",
+        "prio": -140,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_INPUT",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD",
+        "handle": 0,
+        "type": "filter",
+        "hook": "forward",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_OUTPUT",
+        "handle": 0,
+        "type": "filter",
+        "hook": "output",
+        "prio": 10,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_INPUT_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD_IN_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FORWARD_OUT_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "raw_PRE_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_IN_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "mangle_PRE_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDI_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "inet",
+        "table": "firewalld",
+        "name": "filter_FWDO_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "icmpv6",
+                  "field": "type"
+                }
+              },
+              "right": {
+                "set": [
+                  "nd-router-advert",
+                  "nd-neighbor-solicit"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "nfproto"
+                }
+              },
+              "right": "ipv6"
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "fib": {
+                  "result": "oif",
+                  "flags": [
+                    "saddr",
+                    "iif"
+                  ]
+                }
+              },
+              "right": false
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "raw_PRE_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "raw_PRE_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "raw_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "mangle_PRE_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "mangle_PRE_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "mangle_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": {
+                "set": [
+                  "established",
+                  "related"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "status"
+                }
+              },
+              "right": "dnat"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_INPUT_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "invalid"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "reject": {
+              "type": "icmpx",
+              "expr": "admin-prohibited"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": {
+                "set": [
+                  "established",
+                  "related"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "status"
+                }
+              },
+              "right": "dnat"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "prefix": {
+                      "addr": "::",
+                      "len": 96
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "::ffff:0.0.0.0",
+                      "len": 96
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002::",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:a00::",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:7f00::",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:a9fe::",
+                      "len": 32
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:ac10::",
+                      "len": 28
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:c0a8::",
+                      "len": 32
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:e000::",
+                      "len": 19
+                    }
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "reject": {
+              "type": "icmpv6",
+              "expr": "addr-unreachable"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FORWARD_IN_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FORWARD_OUT_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "in",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": "invalid"
+            }
+          },
+          {
+            "drop": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD",
+        "handle": 0,
+        "expr": [
+          {
+            "reject": {
+              "type": "icmpx",
+              "expr": "admin-prohibited"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_OUTPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "lo"
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_OUTPUT",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "set": [
+                  {
+                    "prefix": {
+                      "addr": "::",
+                      "len": 96
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "::ffff:0.0.0.0",
+                      "len": 96
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002::",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:a00::",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:7f00::",
+                      "len": 24
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:a9fe::",
+                      "len": 32
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:ac10::",
+                      "len": 28
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:c0a8::",
+                      "len": 32
+                    }
+                  },
+                  {
+                    "prefix": {
+                      "addr": "2002:e000::",
+                      "len": 19
+                    }
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "reject": {
+              "type": "icmpv6",
+              "expr": "addr-unreachable"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_IN_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_IN_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_INPUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "filter_IN_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_IN_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_FWDI_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_IN_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_FWDI_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_IN_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "filter_FWDI_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_OUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_FWDO_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_OUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "filter_FWDO_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FORWARD_OUT_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "filter_FWDO_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": {
+                "set": [
+                  "new",
+                  "untracked"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_public_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "prefix": {
+                  "addr": "fe80::",
+                  "len": 64
+                }
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 546
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": {
+                "set": [
+                  "new",
+                  "untracked"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_public",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "raw_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "raw_PRE_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_IN_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "tcp",
+                  "field": "dport"
+                }
+              },
+              "right": 22
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": {
+                "set": [
+                  "new",
+                  "untracked"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_IN_work_allow",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip6",
+                  "field": "daddr"
+                }
+              },
+              "right": {
+                "prefix": {
+                  "addr": "fe80::",
+                  "len": 64
+                }
+              }
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "udp",
+                  "field": "dport"
+                }
+              },
+              "right": 546
+            }
+          },
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "ct": {
+                  "key": "state"
+                }
+              },
+              "right": {
+                "set": [
+                  "new",
+                  "untracked"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "mangle_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "mangle_PRE_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDI_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDI_work",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "l4proto"
+                }
+              },
+              "right": {
+                "set": [
+                  "icmp",
+                  "ipv6-icmp"
+                ]
+              }
+            }
+          },
+          {
+            "accept": null
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "inet",
+        "table": "firewalld",
+        "chain": "filter_FWDO_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "filter_FWDO_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "firewalld",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PREROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "prerouting",
+        "prio": -90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_PRE_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "firewalld",
+        "name": "nat_POST_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_PRE_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_PRE_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POSTROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_POST_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_POST_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_POST_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "table": {
+        "family": "ip6",
+        "name": "firewalld",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PREROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "prerouting",
+        "prio": -90,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PREROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING",
+        "handle": 0,
+        "type": "nat",
+        "hook": "postrouting",
+        "prio": 110,
+        "policy": "accept"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POSTROUTING_ZONES",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_public_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_trusted",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_trusted_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_PRE_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_pre",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_log",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_deny",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_allow",
+        "handle": 0
+      }
+    },
+    {
+      "chain": {
+        "family": "ip6",
+        "table": "firewalld",
+        "name": "nat_POST_work_post",
+        "handle": 0
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PREROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_PRE_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "iifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_PRE_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PREROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_PRE_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POSTROUTING_ZONES"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "perm_dummy"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_POST_work"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "meta": {
+                  "key": "oifname"
+                }
+              },
+              "right": "perm_dummy2"
+            }
+          },
+          {
+            "goto": {
+              "target": "nat_POST_trusted"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POSTROUTING_ZONES",
+        "handle": 0,
+        "expr": [
+          {
+            "goto": {
+              "target": "nat_POST_public"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_public",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_public_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_trusted",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_trusted_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_PRE_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_PRE_work_post"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_pre"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_log"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_deny"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_allow"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "rule": {
+        "family": "ip6",
+        "table": "firewalld",
+        "chain": "nat_POST_work",
+        "handle": 0,
+        "expr": [
+          {
+            "jump": {
+              "target": "nat_POST_work_post"
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/0050rule_1.json-nft b/tests/shell/testcases/transactions/dumps/0050rule_1.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/0050rule_1.json-nft
+++ b/tests/shell/testcases/transactions/dumps/0050rule_1.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/30s-stress.json-nft b/tests/shell/testcases/transactions/dumps/30s-stress.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/30s-stress.json-nft
+++ b/tests/shell/testcases/transactions/dumps/30s-stress.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/anon_chain_loop.json-nft b/tests/shell/testcases/transactions/dumps/anon_chain_loop.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/anon_chain_loop.json-nft
+++ b/tests/shell/testcases/transactions/dumps/anon_chain_loop.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/bad_expression.json-nft b/tests/shell/testcases/transactions/dumps/bad_expression.json-nft
index 0048e6b1dcdfaa6d56c6b7a9944edc1c2615041a..546cc5977db61629f96d4fd9cf108e7e3d36d562 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/bad_expression.json-nft
+++ b/tests/shell/testcases/transactions/dumps/bad_expression.json-nft
@@ -1 +1,11 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/doubled-set.json-nft b/tests/shell/testcases/transactions/dumps/doubled-set.json-nft
index 00a1af0d732e672d245e2f467d455ffe925f8971..2dced1240528f2ddbf0467b14e67c405c831c7d3 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/doubled-set.json-nft
+++ b/tests/shell/testcases/transactions/dumps/doubled-set.json-nft
@@ -1 +1,41 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0}}, {"set": {"family": "ip", "name": "s", "table": "t", "type": ["ipv4_addr", "ifname"], "handle": 0, "flags": ["interval"], "elem": [{"concat": ["1.2.3.4", "foo"]}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0
+      }
+    },
+    {
+      "set": {
+        "family": "ip",
+        "name": "s",
+        "table": "t",
+        "type": [
+          "ipv4_addr",
+          "ifname"
+        ],
+        "handle": 0,
+        "flags": [
+          "interval"
+        ],
+        "elem": [
+          {
+            "concat": [
+              "1.2.3.4",
+              "foo"
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}
diff --git a/tests/shell/testcases/transactions/dumps/table_onoff.json-nft b/tests/shell/testcases/transactions/dumps/table_onoff.json-nft
index 82b2f9fac0edfa9b63b22b46d0dc124f02d00cc7..a7583e8c4efc4778200a1e894fadb9b52f7b2770 100644 (file)
--- a/tests/shell/testcases/transactions/dumps/table_onoff.json-nft
+++ b/tests/shell/testcases/transactions/dumps/table_onoff.json-nft
@@ -1 +1,59 @@
-{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 0, "flags": "dormant"}}, {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0, "type": "filter", "hook": "input", "prio": 0, "policy": "accept"}}, {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "ip", "field": "daddr"}}, "right": "127.0.0.42"}}, {"counter": {"packets": 0, "bytes": 0}}]}}]}
+{
+  "nftables": [
+    {
+      "metainfo": {
+        "version": "VERSION",
+        "release_name": "RELEASE_NAME",
+        "json_schema_version": 1
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "t",
+        "handle": 0,
+        "flags": "dormant"
+      }
+    },
+    {
+      "chain": {
+        "family": "ip",
+        "table": "t",
+        "name": "c",
+        "handle": 0,
+        "type": "filter",
+        "hook": "input",
+        "prio": 0,
+        "policy": "accept"
+      }
+    },
+    {
+      "rule": {
+        "family": "ip",
+        "table": "t",
+        "chain": "c",
+        "handle": 0,
+        "expr": [
+          {
+            "match": {
+              "op": "==",
+              "left": {
+                "payload": {
+                  "protocol": "ip",
+                  "field": "daddr"
+                }
+              },
+              "right": "127.0.0.42"
+            }
+          },
+          {
+            "counter": {
+              "packets": 0,
+              "bytes": 0
+            }
+          }
+        ]
+      }
+    }
+  ]
+}
Mirror of git://git.netfilter.org/nftables