From 210a2580e405a852b5b64da99e6fead6a0d9e069 Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Tue, 4 Aug 2020 11:59:04 -0400
Subject: [PATCH 42/45] test(rich): icmptypes with one family

Coverage for rhbz 1855140.

(cherry picked from commit 87ec14dddd742ff5fd8cce04e68c8bf9db8237e9)
(cherry picked from commit d5e74f5c4feb4a6ce060c2ded30f67a0fbe44865)
---
 src/tests/regression/regression.at  |  1 +
 src/tests/regression/rhbz1855140.at | 35 +++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 src/tests/regression/rhbz1855140.at

diff --git a/src/tests/regression/regression.at b/src/tests/regression/regression.at
index 5c8aae7e64d3..d7b4d56239d1 100644
--- a/src/tests/regression/regression.at
+++ b/src/tests/regression/regression.at
@@ -33,3 +33,4 @@ m4_include([regression/rhbz1843398.at])
 m4_include([regression/rhbz1689429.at])
 m4_include([regression/rhbz1483921.at])
 m4_include([regression/rhbz1541077.at])
+m4_include([regression/rhbz1855140.at])
diff --git a/src/tests/regression/rhbz1855140.at b/src/tests/regression/rhbz1855140.at
new file mode 100644
index 000000000000..8059e29fe71a
--- /dev/null
+++ b/src/tests/regression/rhbz1855140.at
@@ -0,0 +1,35 @@
+FWD_START_TEST([rich rule icmptypes with one family])
+AT_KEYWORDS(rich icmp rhbz1855140)
+
+FWD_CHECK([--permanent --zone public --add-rich-rule='rule icmp-type name="echo-request" accept'], 0, ignore)
+FWD_CHECK([--permanent --zone public --add-rich-rule='rule icmp-type name="neighbour-advertisement" accept'], 0, ignore)
+FWD_CHECK([--permanent --zone public --add-rich-rule='rule icmp-type name="timestamp-request" accept'], 0, ignore)
+FWD_RELOAD
+NFT_LIST_RULES([inet], [filter_IN_public_allow], 0, [dnl
+    table inet firewalld {
+        chain filter_IN_public_allow {
+            tcp dport 22 ct state new,untracked accept
+            ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept
+            tcp dport 9090 ct state new,untracked accept
+            icmp type echo-request accept
+            icmpv6 type echo-request accept
+            icmpv6 type nd-neighbor-advert accept
+            icmp type timestamp-request accept
+        }
+    }
+])
+IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
+    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
+    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED
+    ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
+    ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 13
+])
+IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
+    ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED
+    ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED
+    ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED
+    ACCEPT icmpv6 ::/0 ::/0 ipv6-icmptype 128
+    ACCEPT icmpv6 ::/0 ::/0 ipv6-icmptype 136
+])
+
+FWD_END_TEST
-- 
2.27.0