From 8a134065dff429551449c1ea16a36d745fdab580 Mon Sep 17 00:00:00 2001 From: Kelly Brazil Date: Mon, 22 Jun 2020 11:23:37 -0700 Subject: [PATCH] update fixtures for last chain fix --- tests/fixtures/centos-7.7/iptables-filter-line-numbers.json | 2 +- tests/fixtures/centos-7.7/iptables-filter-nv.json | 2 +- tests/fixtures/centos-7.7/iptables-filter.json | 2 +- tests/fixtures/centos-7.7/iptables-mangle.json | 2 +- tests/fixtures/centos-7.7/iptables-nat.json | 2 +- tests/fixtures/centos-7.7/iptables-raw.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-filter-nv.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-filter.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-mangle.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-nat.json | 2 +- tests/fixtures/ubuntu-18.04/iptables-raw.json | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json b/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json index 19de3b15..73587221 100644 --- a/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json +++ b/tests/fixtures/centos-7.7/iptables-filter-line-numbers.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 7, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"num": 8, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 11, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 12, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 13, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"num": 1, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 7, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 8, "target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 11, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 12, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 13, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 14, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"num": 5, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"num": 1, "target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"num": 1, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"num": 1, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"num": 1, "target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"num": 1, "target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"num": 1, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"num": 1, "target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"num": 1, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}] +[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 7, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"num": 8, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 11, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 12, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 13, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"num": 1, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 5, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 7, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 8, "target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 9, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 10, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 11, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 12, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 13, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 14, "target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"num": 5, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"num": 1, "target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"num": 1, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"num": 1, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"num": 1, "target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"num": 1, "target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"num": 1, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"num": 2, "target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"num": 1, "target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 4, "target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"num": 1, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-filter-nv.json b/tests/fixtures/centos-7.7/iptables-filter-nv.json index 96f63c68..329681f4 100644 --- a/tests/fixtures/centos-7.7/iptables-filter-nv.json +++ b/tests/fixtures/centos-7.7/iptables-filter-nv.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"pkts": 4175, "bytes": 1130000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 2382, "bytes": 204000, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"pkts": 0, "bytes": 0, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DOCKER", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "!docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 3419, "bytes": 573000, "target": "OUTPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 225, "bytes": 101000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"pkts": 0, "bytes": 0, "target": "RETURN", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "ens33", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "+", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"pkts": 2367, "bytes": 202000, "target": "IN_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 1, "bytes": 330, "target": "IN_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"pkts": 2383, "bytes": 204000, "target": "IN_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "IN_public_allow", "rules": [{"pkts": 1, "bytes": 64, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}] +[{"chain": "INPUT", "rules": [{"pkts": 4175, "bytes": 1130000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "INPUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 2382, "bytes": 204000, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"pkts": 0, "bytes": 0, "target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DOCKER", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "!docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "docker0", "out": "docker0", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "REJECT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 3419, "bytes": 573000, "target": "OUTPUT_direct", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 225, "bytes": 101000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"pkts": 0, "bytes": 0, "target": "RETURN", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDI_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "ens33", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 0, "bytes": 0, "target": "FWDO_public", "prot": "all", "opt": null, "in": "*", "out": "+", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDI_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDI_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"pkts": 0, "bytes": 0, "target": "FWDO_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "FWDO_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"pkts": 2367, "bytes": 202000, "target": "IN_public", "prot": "all", "opt": null, "in": "ens33", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}, {"pkts": 1, "bytes": 330, "target": "IN_public", "prot": "all", "opt": null, "in": "+", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"pkts": 2383, "bytes": 204000, "target": "IN_public_log", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_deny", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 2383, "bytes": 204000, "target": "IN_public_allow", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "icmp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}]}, {"chain": "IN_public_allow", "rules": [{"pkts": 1, "bytes": 64, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-filter.json b/tests/fixtures/centos-7.7/iptables-filter.json index 755acead..23609dc5 100644 --- a/tests/fixtures/centos-7.7/iptables-filter.json +++ b/tests/fixtures/centos-7.7/iptables-filter.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}] +[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "INPUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": [{"target": "DOCKER-ISOLATION", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_IN_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FORWARD_OUT_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "REJECT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "reject-with icmp-host-prohibited"}]}, {"chain": "OUTPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}, {"chain": "DOCKER", "rules": []}, {"chain": "DOCKER-ISOLATION", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_IN_ZONES", "rules": [{"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDI_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_IN_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_OUT_ZONES", "rules": [{"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "FWDO_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "FORWARD_OUT_ZONES_SOURCE", "rules": []}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "FWDI_public", "rules": [{"target": "FWDI_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDI_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDI_public_allow", "rules": []}, {"chain": "FWDI_public_deny", "rules": []}, {"chain": "FWDI_public_log", "rules": []}, {"chain": "FWDO_public", "rules": [{"target": "FWDO_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "FWDO_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FWDO_public_allow", "rules": []}, {"chain": "FWDO_public_deny", "rules": []}, {"chain": "FWDO_public_log", "rules": []}, {"chain": "INPUT_ZONES", "rules": [{"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "IN_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "INPUT_ZONES_SOURCE", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "IN_public", "rules": [{"target": "IN_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "IN_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "icmp", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "IN_public_allow", "rules": [{"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,UNTRACKED"}]}, {"chain": "IN_public_deny", "rules": []}, {"chain": "IN_public_log", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-mangle.json b/tests/fixtures/centos-7.7/iptables-mangle.json index 3371f994..7aa9e2fe 100644 --- a/tests/fixtures/centos-7.7/iptables-mangle.json +++ b/tests/fixtures/centos-7.7/iptables-mangle.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "INPUT", "rules": [{"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD", "rules": [{"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POSTROUTING", "rules": [{"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}] +[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "INPUT", "rules": [{"target": "INPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD", "rules": [{"target": "FORWARD_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POSTROUTING", "rules": [{"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "FORWARD_direct", "rules": []}, {"chain": "INPUT_direct", "rules": []}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}, {"chain": "PRE_public_log", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-nat.json b/tests/fixtures/centos-7.7/iptables-nat.json index 09fcc489..d83fa119 100644 --- a/tests/fixtures/centos-7.7/iptables-nat.json +++ b/tests/fixtures/centos-7.7/iptables-nat.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "!loopback/8", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "POSTROUTING", "rules": [{"target": "MASQUERADE", "prot": "all", "opt": null, "source": "172.17.0.0/16", "destination": "anywhere"}, {"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "DOCKER", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_ZONES", "rules": [{"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "POSTROUTING_ZONES_SOURCE", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "POST_public", "rules": [{"target": "POST_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POST_public_allow", "rules": []}, {"chain": "POST_public_deny", "rules": []}, {"chain": "POST_public_log", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}] +[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "DOCKER", "prot": "all", "opt": null, "source": "anywhere", "destination": "!loopback/8", "options": "ADDRTYPE match dst-type LOCAL"}]}, {"chain": "POSTROUTING", "rules": [{"target": "MASQUERADE", "prot": "all", "opt": null, "source": "172.17.0.0/16", "destination": "anywhere"}, {"target": "POSTROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POSTROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "DOCKER", "rules": [{"target": "RETURN", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "POSTROUTING_ZONES", "rules": [{"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "POST_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "POSTROUTING_ZONES_SOURCE", "rules": []}, {"chain": "POSTROUTING_direct", "rules": []}, {"chain": "POST_public", "rules": [{"target": "POST_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "POST_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "POST_public_allow", "rules": []}, {"chain": "POST_public_deny", "rules": []}, {"chain": "POST_public_log", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}, {"chain": "PRE_public_log", "rules": []}] diff --git a/tests/fixtures/centos-7.7/iptables-raw.json b/tests/fixtures/centos-7.7/iptables-raw.json index 354ae360..1dec686e 100644 --- a/tests/fixtures/centos-7.7/iptables-raw.json +++ b/tests/fixtures/centos-7.7/iptables-raw.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}] +[{"chain": "PREROUTING", "rules": [{"target": "PREROUTING_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES_SOURCE", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PREROUTING_ZONES", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT", "rules": [{"target": "OUTPUT_direct", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "OUTPUT_direct", "rules": []}, {"chain": "PREROUTING_ZONES", "rules": [{"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}, {"target": "PRE_public", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "[goto] "}]}, {"chain": "PREROUTING_ZONES_SOURCE", "rules": []}, {"chain": "PREROUTING_direct", "rules": []}, {"chain": "PRE_public", "rules": [{"target": "PRE_public_log", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_deny", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "PRE_public_allow", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}]}, {"chain": "PRE_public_allow", "rules": []}, {"chain": "PRE_public_deny", "rules": []}, {"chain": "PRE_public_log", "rules": []}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json b/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json index 17c7abaa..1fc93b15 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json +++ b/tests/fixtures/ubuntu-18.04/iptables-filter-line-numbers.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 5, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}] +[{"chain": "INPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 3, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"num": 4, "target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"num": 5, "target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"num": 6, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": [{"num": 1, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"num": 2, "target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"num": 3, "target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json b/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json index 71f043f1..6793ed7c 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json +++ b/tests/fixtures/ubuntu-18.04/iptables-filter-nv.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 1137, "bytes": 318000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}] +[{"chain": "INPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 1137, "bytes": 318000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate RELATED,ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate INVALID"}, {"pkts": 0, "bytes": 0, "target": "DROP", "prot": "all", "opt": null, "in": "lo", "out": "*", "source": "15.15.15.51", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "15.15.15.0/24", "destination": "0.0.0.0/0", "options": "tcp dpt:22 ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": [{"pkts": 66, "bytes": 6034, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 889, "bytes": 158000, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "lo", "source": "0.0.0.0/0", "destination": "0.0.0.0/0"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "all", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "ctstate ESTABLISHED"}, {"pkts": 0, "bytes": 0, "target": "ACCEPT", "prot": "tcp", "opt": null, "in": "*", "out": "*", "source": "0.0.0.0/0", "destination": "0.0.0.0/0", "options": "tcp spt:22 ctstate ESTABLISHED"}]}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-filter.json b/tests/fixtures/ubuntu-18.04/iptables-filter.json index 3f44dc33..e85f4fcd 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-filter.json +++ b/tests/fixtures/ubuntu-18.04/iptables-filter.json @@ -1 +1 @@ -[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}] +[{"chain": "INPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate RELATED,ESTABLISHED"}, {"target": "DROP", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate INVALID"}, {"target": "DROP", "prot": "all", "opt": null, "source": "15.15.15.51", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "15.15.15.0/24", "destination": "anywhere", "options": "tcp dpt:ssh ctstate NEW,ESTABLISHED"}]}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": [{"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere"}, {"target": "ACCEPT", "prot": "all", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "ctstate ESTABLISHED"}, {"target": "ACCEPT", "prot": "tcp", "opt": null, "source": "anywhere", "destination": "anywhere", "options": "tcp spt:ssh ctstate ESTABLISHED"}]}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-mangle.json b/tests/fixtures/ubuntu-18.04/iptables-mangle.json index 1cc82e03..def9b302 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-mangle.json +++ b/tests/fixtures/ubuntu-18.04/iptables-mangle.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": []}] +[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "FORWARD", "rules": []}, {"chain": "OUTPUT", "rules": []}, {"chain": "POSTROUTING", "rules": []}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-nat.json b/tests/fixtures/ubuntu-18.04/iptables-nat.json index 438a3a05..11b830e5 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-nat.json +++ b/tests/fixtures/ubuntu-18.04/iptables-nat.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": []}] +[{"chain": "PREROUTING", "rules": []}, {"chain": "INPUT", "rules": []}, {"chain": "OUTPUT", "rules": []}, {"chain": "POSTROUTING", "rules": []}] diff --git a/tests/fixtures/ubuntu-18.04/iptables-raw.json b/tests/fixtures/ubuntu-18.04/iptables-raw.json index 3fbc6e8d..5939b742 100644 --- a/tests/fixtures/ubuntu-18.04/iptables-raw.json +++ b/tests/fixtures/ubuntu-18.04/iptables-raw.json @@ -1 +1 @@ -[{"chain": "PREROUTING", "rules": []}] +[{"chain": "PREROUTING", "rules": []}, {"chain": "OUTPUT", "rules": []}]