public void ReplaceTcpMatch() { var tcpMatch = new TcpMatchBuilder().SetSrcPort(200, 300) .SetFlags(new[] { "syn", "fin", "ack" }, new[] { "syn" }) .SetOption(16, true).Build(); var rule = new RuleBuilder() .SetIp4Src("192.168.5.2/23") .SetIp4Dst("192.168.5/24") .SetInInterface("eno8") .SetOutInterface("eno45", true, true) .SetProto("tCp") .AddMatch(tcpMatch) .Accept(); var tcpMatch2 = new TcpMatchBuilder().SetSrcPort(500, 600) .SetFlags(new[] { "syn", "fin", "ack" }, new[] { "syn" }) .SetOption(16, true).Build(); var rule2 = new RuleBuilder() .SetIp4Src("192.168.7.2/23") .SetIp4Dst("192.168.3/24") .SetInInterface("eno8") .SetOutInterface("eno45", true, true) .SetProto("tCp") .AddMatch(tcpMatch2) .Accept(); using (var wr = new IptTransaction(Tables.NAT)) { wr.AppendRule(Chains.POSTROUTING, rule); wr.Commit(); var rules = wr.GetRules(Chains.POSTROUTING); rule = rules.First(); var match = rule.Matches.First(); Assert.Equal("200:300", match[TcpMatchBuilder.SPORT_OPT]); var target = rule.Target; Assert.NotEmpty(rules); Assert.Equal(TargetTypes.ACCEPT, target.Name); } using (var wr = new IptTransaction(Tables.NAT)) { wr.ReplaceRule(Chains.POSTROUTING, 1, rule2); wr.Commit(); var rules = wr.GetRules(Chains.POSTROUTING); rule2 = rules.First(); var match = rule2.Matches.First(); Assert.Equal("500:600", match[TcpMatchBuilder.SPORT_OPT]); var target = rule.Target; Assert.NotEmpty(rules); Assert.Equal(TargetTypes.ACCEPT, target.Name); } }