Home
last modified time | relevance | path

Searched refs:nft (Results 1 – 25 of 35) sorted by relevance

12

/linux/tools/testing/selftests/net/netfilter/
H A Dnft_nat.sh11 checktool "nft --version" "run test without nft tool"
69 ip netns exec "$ns" nft list counter inet filter "$counter" 1>&2
77 if ! ip netns exec "$ns" nft list counter inet filter ns0in | grep -q "packets 1 bytes 84";then
82 if ! ip netns exec "$ns" nft list counter inet filter ns0out | grep -q "packets 1 bytes 84";then
88 if ! ip netns exec "$ns" nft list counter inet filter ns0in6 | grep -q "$expect";then
92 if ! ip netns exec "$ns" nft list counter inet filter ns0out6 | grep -q "$expect";then
105 if ! ip netns exec "$ns0" nft list counter inet filter ns0in | grep -q "packets 0 bytes 0";then
110 if ! ip netns exec "$ns0" nft list counter inet filter ns0in6 | grep -q "packets 0 bytes 0";then
115 if ! ip netns exec "$ns0" nft lis
[all...]
H A Dnft_concat_range.sh530 eval "echo \"${set_template}\"" | nft -f -
991 nft reset counter inet filter test >/dev/null 2>&1
992 nft flush ruleset >/dev/null 2>&1
1058 # Format destination and source fields into nft concatenated type
1096 # Format destination and source fields into nft type, start element only
1112 # Format first destination field into nft type
1129 if ! nft add element inet filter test "${1}"; then
1131 err "$(nft -a list ruleset)"
1149 if ! nft add element netdev perf norange "${1}"; then
1151 err "$(nft
[all...]
H A Drpath.sh23 if nft --version >/dev/null 2>&1; then
24 nft='nft'
26 nft=''
29 if [ -z "$iptables$ip6tables$nft" ]; then
30 echo "SKIP: Test needs iptables, ip6tables or nft"
85 [ -n "$nft" ] && ip netns exec "$ns2" $nft -f - <<EOF
101 #ip netns exec "$ns2" nft list ruleset
116 [ -n "$nft" ] || retur
[all...]
H A Dnft_flowtable.sh29 checktool "nft --version" "run test without nft tool"
162 ip netns exec "$nsr1" nft -f - <<EOF
190 echo "SKIP: Could not load nft ruleset"
194 ip netns exec "$ns2" nft -f - <<EOF
211 nft --version
245 orig=$(ip netns exec "$nsr1" nft reset counter inet filter routed_orig | grep packets)
246 repl=$(ip netns exec "$nsr1" nft reset counter inet filter routed_repl | grep packets)
282 counter=$(ip netns exec "$ns2" nft reset counter inet filter ip4dscp3 | grep packets)
287 counter=$(ip netns exec "$ns2" nft rese
[all...]
H A Dnft_fib.sh42 ip netns exec "$netns" nft -f /dev/stdin <<EOF
55 ip netns exec "$netns" nft -f /dev/stdin <<EOF
68 ip netns exec "$netns" nft -f /dev/stdin <<EOF
83 ip netns exec "$netns" nft -f /dev/stdin <<EOF
134 ip netns exec "$1" nft flush table ip filter
135 ip netns exec "$1" nft flush table ip6 filter
147 …if ! ip netns exec "$ns" nft list chain "$family" filter "$chain" | grep "$what" | grep -q "packet…
149 ip netns exec "$ns" nft list chain "$family" filter "$chain"
165 ip netns exec "$netns" nft -f /dev/stdin <<EOF
192 …if ! ip netns exec "$ns" nft list table inet filter | grep 'fib saddr . iif' | grep "$address" | g…
[all …]
H A Dconntrack_vrf.sh46 checktool "nft --version" "run test without nft"
87 ip netns exec "$ns0" nft -f - <<EOF
122 ip netns exec "$ns0" nft list ruleset
140 ip netns exec "$ns0" nft -f - <<EOF
168 if ip netns exec "$ns0" nft list table ip nat |grep -q 'counter packets 1' &&
169 ip netns exec "$ns0" nft list table ip nat |grep -q 'untracked counter packets [1-9]'; then
187 ip netns exec "$ns0" nft -f - <<EOF
203 if ip netns exec "$ns0" nft list table ip nat |grep -q 'counter packets 1'; then
H A Dnft_queue.sh29 checktool "nft --version" "test without nft tool"
90 ip netns exec "$nsrouter" nft -f /dev/stdin <<EOF
126 ip netns exec "$nsrouter" nft -f /dev/stdin <<EOF
179 ip netns exec "$nsrouter" nft -f /dev/stdin <<EOF
203 if ! ip netns exec "$nsrouter" nft delete table "$proto" blackh; then
256 ip netns exec "$nsrouter" nft list ruleset
321 ip netns exec "$nsrouter" nft -f /dev/stdin <<EOF
366 ip netns exec "$ns1" nft -f /dev/stdin <<EOF
390 if ! ip netns exec "$ns1" nft lis
[all...]
H A Dconntrack_tcp_unreplied.sh9 if ! nft --version > /dev/null 2>&1;then
39 if ! ip netns exec "$ns2" nft list counter inet filter "$name" | grep -q "$expect"; then
41 ip netns exec "$ns2" nft list counter inet filter "$name" 1>&2
68 ip netns exec "$ns1" nft -f - <<EOF
85 ip netns exec "$ns2" nft -f - <<EOF
126 ip netns exec "$ns2" nft -f - <<EOF
H A Dnft_audit.sh19 nft --version >/dev/null 2>&1 || {
25 nft --check -f /dev/stdin >/dev/null 2>&1 <<EOF
33 nft --version
82 nft flush ruleset
231 readarray -t handles < <(nft -a list chain t1 c1 | \
H A Dnft_meta.sh10 if ! nft --version > /dev/null 2>&1; then
28 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
94 if ! ip netns exec "$ns0" nft list counter inet filter "$cname" | grep -q "$want"; then
97 ip netns exec "$ns0" nft list counter inet filter "$cname"
134 ip netns exec "$ns0" nft reset counters > /dev/null
H A Dconntrack_icmp_related.sh19 if ! nft --version > /dev/null 2>&1;then
52 if ! ip netns exec "$ns" nft list counter inet filter "$name" | grep -q "$expect"; then
54 ip netns exec "$ns" nft list counter inet filter "$name" 1>&2
114 ip netns exec "$netns" nft -f - <<EOF
129 ip netns exec "$nsclient1" nft -f - <<EOF
149 ip netns exec "$nsclient2" nft -f - <<EOF
177 ip netns exec "$nsrouter1" nft -f - <<EOF
H A Dnft_interface_stress.sh74 } | ip netns exec $nsr nft -f - || {
85 while true; do ip netns exec $nsr nft list ruleset >/dev/null 2>&1; done &
88 ip netns exec $nsr nft monitor >/dev/null &
103 ip netns exec $nsr nft -f - <<EOF
H A Dnft_nat_zones.sh53 checktool "nft --version" echo "run test without nft tool"
116 ip netns exec "$gw" nft -f /dev/stdin<<EOF
176 ) | ip netns exec "$gw" nft -f /dev/stdin
195 if ! ip netns exec "$gw" nft get element inet raw inicmp "{ 10.1.0.3 . \"veth$i\" . 10.3.0.99 }" | grep -q "{ 10.1.0.3 . \"veth$i\" . 10.3.0.99 counter packets 3 bytes 252 }"; then
198 ip netns exec "$gw" nft get element inet raw inicmp "{ 10.1.0.3 . \"veth$i\" . 10.3.0.99 }" 1>&2
203 if ! ip netns exec "$gw" nft get element inet raw inicmp "{ 10.3.0.99 . \"veth0\" . 10.3.0.1 }" | grep -q "{ 10.3.0.99 . \"veth0\" . 10.3.0.1 counter packets $((3 * maxclients)) bytes $((252 * maxclients)) }"; then
206 ip netns exec "$gw" nft get element inet raw inicmp "{ 10.3.99 . \"veth0\" . 10.3.0.1 }" 1>&2
250 if ! ip netns exec "$gw" nft get element inet raw inflows "{ 10.1.0.3 . 10000 . \"veth$i\" . 10.3.0.99 . 5201 }" > /dev/null;then
260 if ! ip netns exec "$gw" nft ge
[all...]
H A Dbr_netfilter.sh14 checktool "nft --version" "run test without nft tool"
39 ip netns exec "$ns0" nft list ruleset
56 ip netns exec "$ns0" nft list ruleset
118 ip netns exec "$ns0" nft -f - <<EOF
H A Dnft_synproxy.sh62 ip netns exec "$nsr" nft -f - <<EOF
91 ip netns exec "$nsr" nft list ruleset
H A Dnft_zones_many.sh33 ip netns exec "$ns1" nft -f /dev/stdin<<EOF
63 ) | ip netns exec "$ns1" nft -f /dev/stdin
H A Dconntrack_clash.sh16 checktool "nft --version" "run test without nft"
24 ip netns exec "$nsrouter" nft -f -<<EOF
46 ip netns exec "$1" nft -f -<<EOF
H A Dconntrack_reverse_clash.sh11 checktool "nft --version" "run test without nft"
19 ip netns exec "$ns0" nft -f - <<EOF
H A Dbr_netfilter_queue.sh60 nft -f /dev/stdin <<EOF
H A Dconntrack_resize.sh454 ip netns exec "$nsclient1" nft flush table ip test_ct
497 ip netns exec "$n" nft -f - <<EOF
H A Dnft_conntrack_helper.sh49 ip netns exec "$ns" nft -f - <<EOF
/linux/drivers/net/ethernet/netronome/nfp/flower/
H A Dconntrack.c1365 zt->nft = NULL; in get_nfp_zone_entry()
1837 if (!zt->nft) { in nfp_fl_ct_handle_pre_ct()
1838 zt->nft = ct_act->ct.flow_table; in nfp_fl_ct_handle_pre_ct()
1839 err = nf_flow_table_offload_add_cb(zt->nft, nfp_fl_ct_handle_nft_flow, zt); in nfp_fl_ct_handle_pre_ct()
2220 if (!zt->nft) /* avoid deadlock */ in nfp_fl_ct_handle_nft_flow()
2253 struct nf_flowtable *nft; in nfp_fl_ct_del_flow() local
2272 if (!zt->pre_ct_count && zt->nft) { in nfp_fl_ct_del_flow()
2273 nft = zt->nft; in nfp_fl_ct_del_flow()
2274 zt->nft = NULL; /* avoid deadlock */ in nfp_fl_ct_del_flow()
2275 nf_flow_table_offload_del_cb(nft, in nfp_fl_ct_del_flow()
H A Dconntrack.h64 struct nf_flowtable *nft; member
/linux/net/ipv4/netfilter/
H A DKconfig22 (iptables-nft).
335 (iptables-nft).
353 Neither arptables-nft nor nftables need this to work.
364 This option is needed by both arptables-legacy and arptables-nft.
/linux/tools/testing/selftests/net/mptcp/
H A Dmptcp_connect.sh686 if ! ip netns exec "$listener_ns" nft -f /dev/stdin <<"EOF"
713 ip netns exec "$listener_ns" nft flush ruleset
721 ip netns exec "$listener_ns" nft flush ruleset
737 ip netns exec "$listener_ns" nft flush ruleset

12