unshare -n tests/shell/run-tests.sh tests/shell/testcases/nft-f/0024priority_0
W: [FAILED] tests/shell/testcases/nft-f/0024priority_0: got 1
/dev/stdin:8:47-49: Error: Value 100 exceeds valid range 0-15
type filter hook postrouting priority 100
Reported-by: Andreas Schultz <andreas.schultz@travelping.com
Signed-off-by: Florian Westphal <fw@strlen.de>
int prio_snd;
char op;
- ctx->ectx.dtype = &priority_type;
- ctx->ectx.len = NFT_NAME_MAXLEN * BITS_PER_BYTE;
+ expr_set_context(&ctx->ectx, &priority_type, NFT_NAME_MAXLEN * BITS_PER_BYTE);
+
if (expr_evaluate(ctx, &prio->expr) < 0)
return false;
if (prio->expr->etype != EXPR_VALUE) {
--- /dev/null
+#!/bin/bash
+
+RULESET="
+table inet statelessnat {
+ chain prerouting {
+ type filter hook prerouting priority -100;
+ ip daddr set numgen inc mod 16 map { 0-7 : 10.0.1.1, 8- 15 : 10.0.1.2 }
+ }
+ chain postrouting {
+ type filter hook postrouting priority 100
+ }
+}"
+
+exec $NFT -f - <<< "$RULESET"
--- /dev/null
+table inet statelessnat {
+ chain prerouting {
+ type filter hook prerouting priority dstnat; policy accept;
+ ip daddr set numgen inc mod 16 map { 0-7 : 10.0.1.1, 8-15 : 10.0.1.2 }
+ }
+
+ chain postrouting {
+ type filter hook postrouting priority srcnat; policy accept;
+ }
+}
projects / thirdparty / nftables.git / commitdiff
