:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: nftables inet family ipv4 basic action test input/output path :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft add table inet filter' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter prerouting { type filter hook prerouting priority 0 \; }' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter prerouting iifname s_r counter accept' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter prerouting iifname s_r counter drop' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec client ping -4 10.167.2.2 -c1' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter prerouting iifname s_r counter drop' (Expected 0, got 0) :: [ 20:52:54 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter prerouting iifname s_r counter accept' (Expected 0, got 0) :: [ 20:52:56 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:52:56 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:52:56 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:52:56 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter test' (Expected 0, got 0) :: [ 20:52:56 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test iifname s_r counter return' (Expected 0, got 0) :: [ 20:52:56 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test iifname s_r counter accept' (Expected 0, got 0) :: [ 20:52:56 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter prerouting iifname s_r counter jump test' (Expected 0, got 0) :: [ 20:52:56 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter prerouting iifname s_r counter drop' (Expected 0, got 0) :: [ 20:52:57 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:52:57 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:52:57 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:52:57 ] :: [ PASS ] :: Command 'ip netns exec server nft delete chain inet filter prerouting' (Expected 0, got 0) :: [ 20:52:57 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter input { type filter hook input priority 0 \; }' (Expected 0, got 0) :: [ 20:52:57 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter input iifname s_r counter accept' (Expected 0, got 0) :: [ 20:52:58 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter input iifname s_r counter drop' (Expected 0, got 0) :: [ 20:52:58 ] :: [ PASS ] :: Command 'ip netns exec client ping -4 10.167.2.2 -c1' (Expected 0, got 0) :: [ 20:52:58 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:52:58 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:52:58 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter input iifname s_r counter drop' (Expected 0, got 0) :: [ 20:52:58 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter input iifname s_r counter accept' (Expected 0, got 0) :: [ 20:52:59 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:52:59 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:52:59 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:52:59 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter test' (Expected 0, got 0) :: [ 20:52:59 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test iifname s_r counter return' (Expected 0, got 0) :: [ 20:52:59 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test iifname s_r counter accept' (Expected 0, got 0) :: [ 20:53:00 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter input iifname s_r counter jump test' (Expected 0, got 0) :: [ 20:53:00 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter input iifname s_r counter drop' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft delete chain inet filter input' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter output { type filter hook output priority 0 \; }' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter output oifname s_r counter accept' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter output oifname s_r counter drop' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec client ping -4 10.167.2.2 -c1' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter output oifname s_r counter drop' (Expected 0, got 0) :: [ 20:53:01 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter output oifname s_r counter accept' (Expected 0, got 0) :: [ 20:53:03 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:53:03 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:53:03 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:53:03 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter test' (Expected 0, got 0) :: [ 20:53:03 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test oifname s_r counter return' (Expected 0, got 0) :: [ 20:53:03 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test oifname s_r counter accept' (Expected 0, got 0) :: [ 20:53:03 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter output oifname s_r counter jump test' (Expected 0, got 0) :: [ 20:53:03 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter output oifname s_r counter drop' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft delete chain inet filter output' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter postrouting { type filter hook postrouting priority 0 \; }' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter postrouting oifname s_r counter accept' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter postrouting oifname s_r counter drop' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec client ping -4 10.167.2.2 -c1' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:53:04 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:53:05 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter postrouting oifname s_r counter drop' (Expected 0, got 0) :: [ 20:53:05 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter postrouting oifname s_r counter accept' (Expected 0, got 0) :: [ 20:53:06 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:53:06 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:53:06 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:53:06 ] :: [ PASS ] :: Command 'ip netns exec server nft add chain inet filter test' (Expected 0, got 0) :: [ 20:53:06 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test oifname s_r counter return' (Expected 0, got 0) :: [ 20:53:06 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter test oifname s_r counter accept' (Expected 0, got 0) :: [ 20:53:06 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter postrouting oifname s_r counter jump test' (Expected 0, got 0) :: [ 20:53:06 ] :: [ PASS ] :: Command 'ip netns exec server nft add rule inet filter postrouting oifname s_r counter drop' (Expected 0, got 0) :: [ 20:53:07 ] :: [ PASS ] :: assert_fail (Expected 1-255, got 1) :: [ 20:53:07 ] :: [ PASS ] :: Command 'ip netns exec server nft list ruleset' (Expected 0, got 0) :: [ 20:53:07 ] :: [ PASS ] :: Command 'ip netns exec server nft flush table inet filter' (Expected 0, got 0) :: [ 20:53:07 ] :: [ PASS ] :: Command 'ip netns exec server nft delete chain inet filter postrouting' (Expected 0, got 0) :: [ 20:53:07 ] :: [ PASS ] :: Command 'ip netns exec server nft delete table inet filter' (Expected 0, got 0) :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: Duration: 13s :: Assertions: 82 good, 0 bad :: RESULT: PASS (nftables inet family ipv4 basic action test input/output path)