public void ReplaceTcpMatch()
{
var tcpMatch = new TcpMatchBuilder().SetSrcPort(200, 300)
.SetFlags(new[] { "syn", "fin", "ack" }, new[] { "syn" })
.SetOption(16, true).Build();
var rule = new RuleBuilder()
.SetIp4Src("192.168.5.2/23")
.SetIp4Dst("192.168.5/24")
.SetInInterface("eno8")
.SetOutInterface("eno45", true, true)
.SetProto("tCp")
.AddMatch(tcpMatch)
.Accept();
var tcpMatch2 = new TcpMatchBuilder().SetSrcPort(500, 600)
.SetFlags(new[] { "syn", "fin", "ack" }, new[] { "syn" })
.SetOption(16, true).Build();
var rule2 = new RuleBuilder()
.SetIp4Src("192.168.7.2/23")
.SetIp4Dst("192.168.3/24")
.SetInInterface("eno8")
.SetOutInterface("eno45", true, true)
.SetProto("tCp")
.AddMatch(tcpMatch2)
.Accept();
using (var wr = new IptTransaction(Tables.NAT))
{
wr.AppendRule(Chains.POSTROUTING, rule);
wr.Commit();
var rules = wr.GetRules(Chains.POSTROUTING);
rule = rules.First();
var match = rule.Matches.First();
Assert.Equal("200:300", match[TcpMatchBuilder.SPORT_OPT]);
var target = rule.Target;
Assert.NotEmpty(rules);
Assert.Equal(TargetTypes.ACCEPT, target.Name);
}
using (var wr = new IptTransaction(Tables.NAT))
{
wr.ReplaceRule(Chains.POSTROUTING, 1, rule2);
wr.Commit();
var rules = wr.GetRules(Chains.POSTROUTING);
rule2 = rules.First();
var match = rule2.Matches.First();
Assert.Equal("500:600", match[TcpMatchBuilder.SPORT_OPT]);
var target = rule.Target;
Assert.NotEmpty(rules);
Assert.Equal(TargetTypes.ACCEPT, target.Name);
}
}
