add tests for management ipset

[pve-firewall.git] / test / test-ipset1 / tests

diff --git a/test/test-ipset1/tests b/test/test-ipset1/tests
index 0b6aecad3fce9c01476165294c4b03b3abf8d945..a910a2a3aa957c979fb2149aba5f4a0f9f9fa746 100644 (file)
--- a/test/test-ipset1/tests
+++ b/test/test-ipset1/tests
@@ -1,4 +1,3 @@
-
 # blacklisted
 { from => 'outside', to => 'host', source => '192.168.0.1', dest => '1.2.3.4', dport => 22, action => 'DROP' }
 # accept in myipset
@@ -15,3 +14,10 @@
 # reject dmzhosts if from myipset
 { from => 'outside', to => 'host', source => '172.16.0.10', dest => '10.10.10.1', dport => 22, action => 'REJECT' }
 { from => 'outside', to => 'host', source => '172.16.0.10', dest => '10.10.11.1', dport => 22, action => 'REJECT' }
+
+# management ipset
+{ from => 'outside', to => 'host', source => '192.168.128.1', dport => 8006, action => 'DROP' }
+{ from => 'outside', to => 'host', source => '192.168.128.1', dport => 22, action => 'DROP' }
+{ from => 'outside', to => 'host', source => '192.168.128.2', dport => 8006, action => 'ACCEPT' }
+{ from => 'outside', to => 'host', source => '192.168.128.2', dport => 22, action => 'ACCEPT' }
+