#test old style

iptables -I INPUT -p 6 -m multiport --sports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 -j DROP
iptables -D INPUT -p tcp -m multiport --source-ports 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 -j DROP

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.
168.0.1 0 6 15 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 15 1 SYN

#test new version

iptables -I INPUT -p 6 -m multiport --sports 1:10,1000 -j DROP
expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 4 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 4 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 1 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_ACCEPT {IPv4 192.168.0.2 192.168.0.1 0 6 11 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 11 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_ACCEPT {IPv4 192.168.0.2 192.168.0.1 0 6 999 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 999 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_ACCEPT {IPv4 192.168.0.2 192.168.0.1 0 6 1001 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1001 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 1000 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1000 1 SYN

iptables -D INPUT -p 6 -m multiport --sports 1:10,1000 -j DROP

iptables -I INPUT -p 6 -m multiport --sports 1:10,1000,1500:1501,2000:2005 -j DROP
expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 1500 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1500 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 1501 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1501 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_ACCEPT {IPv4 192.168.0.2 192.168.0.1 0 6 1499 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1499 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_ACCEPT {IPv4 192.168.0.2 192.168.0.1 0 6 1502 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1502 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 2000 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 2000 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 2003 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 2003 1 SYN

iptables -D INPUT -p 6 -m multiport --sports 1:10,1000,1500:1501,2000:2005 -j DROP

iptables -I INPUT -p 6 -m multiport --ports 1:10,1000,1500:1501,2000:2005 -j DROP

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 2003 1 SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 2003 1 SYN

expect gen_ip hook:NF_IP_LOCAL_IN iptable_filter NF_DROP {IPv4 192.168.0.2 192.168.0.1 0 6 1 2003  SYN}
gen_ip IF=eth0 192.168.0.2 192.168.0.1 0 6 1 2003 SYN

iptables -D INPUT -p 6 -m multiport --sports 1:10,1000,1500:1501,2000:2005 -j DROP

iptables -I INPUT -p 6 -m multiport --sports 1:10,20:30,40:50,60,70,80,90,100,110,120:1200,15000 -j DROP

iptables -D INPUT -p 6 -m multiport --sports 1:10,20:30,40:50,60,70,80,90,100,110,120:1200,15000 -j DROP

expect iptables iptables: command failed
iptables -I INPUT -p 6 -m multiport --sports 1:10:30,40 -j DROP