Add test to check mark mapping

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>

2 files changed, 17 insertions, 0 deletions

diff --git a/tests/iptables.sh b/tests/iptables.sh
index 03d2e09..c5b9bf7 100755
--- a/tests/iptables.sh
+++ b/tests/iptables.sh
@@ -99,9 +99,18 @@ timeout)
 	$ipset n test hash:ip,port timeout 2
 	$cmd -A INPUT -j SET --add-set test src,src --timeout 10 --exist
 	;;
+mangle)
+	$ipset n test hash:net $family skbinfo 2>/dev/null
+	$ipset a test 10.255.0.0/16 skbmark 0x1234 2>/dev/null
+	$cmd -t mangle -A INPUT -j SET --map-set test src --map-mark
+	$cmd -t mangle -A INPUT -m mark --mark 0x1234 -j LOG --log-prefix "in set mark: "
+	$cmd -t mangle -A INPUT -s 10.255.0.0/16 -j DROP
+	;;
 stop)
 	$cmd -F
 	$cmd -X
+	$cmd -F -t mangle
+	$cmd -X -t mangle
 	$ipset -F 2>/dev/null
 	$ipset -X 2>/dev/null
 	;;
diff --git a/tests/match_target.t b/tests/match_target.t
index cab8184..1739fae 100644
--- a/tests/match_target.t
+++ b/tests/match_target.t
@@ -80,4 +80,12 @@
 0 ipset test test 10.255.255.64,icmp:host-prohibited
 # Destroy sets and rules
 0 ./iptables.sh inet stop
+# Create test set and iptables rules
+0 ./iptables.sh inet mangle
+# Send probe packet from 10.255.255.64,udp:1025
+0 sendip -p ipv4 -id 127.0.0.1 -is 10.255.255.64 -p udp -ud 80 -us 1025 127.0.0.1
+# Check that proper sets matched and target worked
+0 ./check_klog.sh 10.255.255.64 udp 1025 mark
+# Destroy sets and rules
+0 ./iptables.sh inet stop
 # eof