1*49cdfc7eSAndroid Build Coastguard Worker#!/bin/sh 2*49cdfc7eSAndroid Build Coastguard Worker# SPDX-License-Identifier: GPL-2.0-or-later 3*49cdfc7eSAndroid Build Coastguard Worker# Copyright (c) 2019 Oracle and/or its affiliates. All Rights Reserved. 4*49cdfc7eSAndroid Build Coastguard Worker 5*49cdfc7eSAndroid Build Coastguard WorkerTST_SETUP="do_setup" 6*49cdfc7eSAndroid Build Coastguard WorkerTST_CLEANUP="do_cleanup" 7*49cdfc7eSAndroid Build Coastguard WorkerTST_NEEDS_DRIVERS="nf_tables" 8*49cdfc7eSAndroid Build Coastguard Workeruse_iptables=0 9*49cdfc7eSAndroid Build Coastguard Workercleanup_table=0 10*49cdfc7eSAndroid Build Coastguard Workercleanup_chain=0 11*49cdfc7eSAndroid Build Coastguard Worker 12*49cdfc7eSAndroid Build Coastguard Workerdo_setup() 13*49cdfc7eSAndroid Build Coastguard Worker{ 14*49cdfc7eSAndroid Build Coastguard Worker init 15*49cdfc7eSAndroid Build Coastguard Worker local ip_table="ip${TST_IPV6}" 16*49cdfc7eSAndroid Build Coastguard Worker 17*49cdfc7eSAndroid Build Coastguard Worker if ! nft list table $ip_table filter > /dev/null 2>&1; then 18*49cdfc7eSAndroid Build Coastguard Worker ROD nft add table $ip_table filter 19*49cdfc7eSAndroid Build Coastguard Worker cleanup_table=1 20*49cdfc7eSAndroid Build Coastguard Worker fi 21*49cdfc7eSAndroid Build Coastguard Worker if ! nft list chain $ip_table filter INPUT > /dev/null 2>&1; then 22*49cdfc7eSAndroid Build Coastguard Worker ROD nft add chain $ip_table filter INPUT '{ type filter hook input priority 0; }' 23*49cdfc7eSAndroid Build Coastguard Worker cleanup_chain=1 24*49cdfc7eSAndroid Build Coastguard Worker fi 25*49cdfc7eSAndroid Build Coastguard Worker} 26*49cdfc7eSAndroid Build Coastguard Worker 27*49cdfc7eSAndroid Build Coastguard Workerdo_cleanup() 28*49cdfc7eSAndroid Build Coastguard Worker{ 29*49cdfc7eSAndroid Build Coastguard Worker local ip_table="ip${TST_IPV6}" 30*49cdfc7eSAndroid Build Coastguard Worker 31*49cdfc7eSAndroid Build Coastguard Worker [ "$cleanup_chain" = 1 ] && nft delete chain $ip_table filter INPUT >/dev/null 2>&1 32*49cdfc7eSAndroid Build Coastguard Worker [ "$cleanup_table" = 1 ] && nft delete table $ip_table filter >/dev/null 2>&1 33*49cdfc7eSAndroid Build Coastguard Worker cleanup 34*49cdfc7eSAndroid Build Coastguard Worker} 35*49cdfc7eSAndroid Build Coastguard Worker 36*49cdfc7eSAndroid Build Coastguard Worker. iptables_lib.sh 37*49cdfc7eSAndroid Build Coastguard Workertst_run 38