1#!/bin/bash 2 3case "$XT_MULTI" in 4*xtables-nft-multi) 5 ;; 6*) 7 echo "skip $XT_MULTI" 8 exit 0 9 ;; 10esac 11 12set -e 13 14# ebtables supports policies in user-defined chains %) 15# and the default policy is ACCEPT ... 16$XT_MULTI ebtables -N FOO -P DROP 17$XT_MULTI ebtables -N BAR 18$XT_MULTI ebtables -P BAR RETURN 19$XT_MULTI ebtables -N BAZ 20 21EXPECT_BASE="*filter 22:INPUT ACCEPT 23:FORWARD ACCEPT 24:OUTPUT ACCEPT" 25 26EXPECT="$EXPECT_BASE 27:BAR RETURN 28:BAZ ACCEPT 29:FOO DROP" 30 31diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI ebtables-save | grep -v '^#') 32 33# rule commands must not break the policies 34$XT_MULTI ebtables -A FOO -j ACCEPT 35$XT_MULTI ebtables -D FOO -j ACCEPT 36$XT_MULTI ebtables -F 37diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI ebtables-save | grep -v '^#') 38 39# dropping the chains must implicitly remove the policy rule as well 40$XT_MULTI ebtables -X 41diff -u -Z <(echo -e "$EXPECT_BASE") <($XT_MULTI ebtables-save | grep -v '^#') 42