Adding upstream version 1.0.9.upstream/1.0.9upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

44 files changed, 2076 insertions, 0 deletions

diff --git a/tests/shell/testcases/chains/dumps/0001jumps_0.nft b/tests/shell/testcases/chains/dumps/0001jumps_0.nft
new file mode 100644
index 0000000..7054cde
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0001jumps_0.nft
@@ -0,0 +1,64 @@
+table ip t {
+	chain c1 {
+		jump c2
+	}
+
+	chain c2 {
+		jump c3
+	}
+
+	chain c3 {
+		jump c4
+	}
+
+	chain c4 {
+		jump c5
+	}
+
+	chain c5 {
+		jump c6
+	}
+
+	chain c6 {
+		jump c7
+	}
+
+	chain c7 {
+		jump c8
+	}
+
+	chain c8 {
+		jump c9
+	}
+
+	chain c9 {
+		jump c10
+	}
+
+	chain c10 {
+		jump c11
+	}
+
+	chain c11 {
+		jump c12
+	}
+
+	chain c12 {
+		jump c13
+	}
+
+	chain c13 {
+		jump c14
+	}
+
+	chain c14 {
+		jump c15
+	}
+
+	chain c15 {
+		jump c16
+	}
+
+	chain c16 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0002jumps_1.nft b/tests/shell/testcases/chains/dumps/0002jumps_1.nft
new file mode 100644
index 0000000..ed37ad0
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0002jumps_1.nft
@@ -0,0 +1,68 @@
+table ip t {
+	chain c1 {
+		type filter hook input priority filter; policy accept;
+		jump c2
+	}
+
+	chain c2 {
+		jump c3
+	}
+
+	chain c3 {
+		jump c4
+	}
+
+	chain c4 {
+		jump c5
+	}
+
+	chain c5 {
+		jump c6
+	}
+
+	chain c6 {
+		jump c7
+	}
+
+	chain c7 {
+		jump c8
+	}
+
+	chain c8 {
+		jump c9
+	}
+
+	chain c9 {
+		jump c10
+	}
+
+	chain c10 {
+		jump c11
+	}
+
+	chain c11 {
+		jump c12
+	}
+
+	chain c12 {
+		jump c13
+	}
+
+	chain c13 {
+		jump c14
+	}
+
+	chain c14 {
+		jump c15
+	}
+
+	chain c15 {
+		jump c16
+	}
+
+	chain c16 {
+	}
+
+	chain c17 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0003jump_loop_1.nft b/tests/shell/testcases/chains/dumps/0003jump_loop_1.nft
new file mode 100644
index 0000000..7054cde
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0003jump_loop_1.nft
@@ -0,0 +1,64 @@
+table ip t {
+	chain c1 {
+		jump c2
+	}
+
+	chain c2 {
+		jump c3
+	}
+
+	chain c3 {
+		jump c4
+	}
+
+	chain c4 {
+		jump c5
+	}
+
+	chain c5 {
+		jump c6
+	}
+
+	chain c6 {
+		jump c7
+	}
+
+	chain c7 {
+		jump c8
+	}
+
+	chain c8 {
+		jump c9
+	}
+
+	chain c9 {
+		jump c10
+	}
+
+	chain c10 {
+		jump c11
+	}
+
+	chain c11 {
+		jump c12
+	}
+
+	chain c12 {
+		jump c13
+	}
+
+	chain c13 {
+		jump c14
+	}
+
+	chain c14 {
+		jump c15
+	}
+
+	chain c15 {
+		jump c16
+	}
+
+	chain c16 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0004busy_1.nft b/tests/shell/testcases/chains/dumps/0004busy_1.nft
new file mode 100644
index 0000000..429dd49
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0004busy_1.nft
@@ -0,0 +1,8 @@
+table ip t {
+	chain c1 {
+		jump c2
+	}
+
+	chain c2 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0005busy_map_1.nft b/tests/shell/testcases/chains/dumps/0005busy_map_1.nft
new file mode 100644
index 0000000..acf2318
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0005busy_map_1.nft
@@ -0,0 +1,8 @@
+table ip t {
+	chain c1 {
+		tcp dport vmap { 1 : jump c2 }
+	}
+
+	chain c2 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0006masquerade_0.nft b/tests/shell/testcases/chains/dumps/0006masquerade_0.nft
new file mode 100644
index 0000000..90253a4
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0006masquerade_0.nft
@@ -0,0 +1,6 @@
+table ip t {
+	chain c1 {
+		type nat hook postrouting priority filter; policy accept;
+		masquerade
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0007masquerade_1.nft b/tests/shell/testcases/chains/dumps/0007masquerade_1.nft
new file mode 100644
index 0000000..b25355f
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0007masquerade_1.nft
@@ -0,0 +1,5 @@
+table ip t {
+	chain c1 {
+		type filter hook output priority filter; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0008masquerade_jump_1.nft b/tests/shell/testcases/chains/dumps/0008masquerade_jump_1.nft
new file mode 100644
index 0000000..4991071
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0008masquerade_jump_1.nft
@@ -0,0 +1,9 @@
+table ip t {
+	chain output {
+		type nat hook output priority filter; policy accept;
+	}
+
+	chain c1 {
+		masquerade
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0009masquerade_jump_1.nft b/tests/shell/testcases/chains/dumps/0009masquerade_jump_1.nft
new file mode 100644
index 0000000..4991071
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0009masquerade_jump_1.nft
@@ -0,0 +1,9 @@
+table ip t {
+	chain output {
+		type nat hook output priority filter; policy accept;
+	}
+
+	chain c1 {
+		masquerade
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.nft b/tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.nft
new file mode 100644
index 0000000..1e0d1d6
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0010endless_jump_loop_1.nft
@@ -0,0 +1,4 @@
+table ip t {
+	chain c {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0011endless_jump_loop_1.nft b/tests/shell/testcases/chains/dumps/0011endless_jump_loop_1.nft
new file mode 100644
index 0000000..ca0a737
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0011endless_jump_loop_1.nft
@@ -0,0 +1,13 @@
+table ip t {
+	map m {
+		type inet_service : verdict
+		elements = { 2 : jump c2 }
+	}
+
+	chain c1 {
+		tcp dport vmap @m
+	}
+
+	chain c2 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0013rename_0.nft b/tests/shell/testcases/chains/dumps/0013rename_0.nft
new file mode 100644
index 0000000..e4e0171
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0013rename_0.nft
@@ -0,0 +1,4 @@
+table ip t {
+	chain c2 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0014rename_0.nft b/tests/shell/testcases/chains/dumps/0014rename_0.nft
new file mode 100644
index 0000000..574c486
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0014rename_0.nft
@@ -0,0 +1,7 @@
+table ip t {
+	chain c1 {
+	}
+
+	chain c2 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0015check_jump_loop_1.nft b/tests/shell/testcases/chains/dumps/0015check_jump_loop_1.nft
new file mode 100644
index 0000000..429dd49
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0015check_jump_loop_1.nft
@@ -0,0 +1,8 @@
+table ip t {
+	chain c1 {
+		jump c2
+	}
+
+	chain c2 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0016delete_handle_0.nft b/tests/shell/testcases/chains/dumps/0016delete_handle_0.nft
new file mode 100644
index 0000000..c0adb1f
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0016delete_handle_0.nft
@@ -0,0 +1,14 @@
+table ip test-ip {
+	chain x {
+	}
+
+	chain z {
+	}
+}
+table ip6 test-ip6 {
+	chain x {
+	}
+
+	chain y {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0017masquerade_jump_1.nft b/tests/shell/testcases/chains/dumps/0017masquerade_jump_1.nft
new file mode 100644
index 0000000..636e844
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0017masquerade_jump_1.nft
@@ -0,0 +1,9 @@
+table ip t {
+	chain input {
+		type filter hook input priority filter + 4; policy accept;
+		jump c1
+	}
+
+	chain c1 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0018check_jump_loop_1.nft b/tests/shell/testcases/chains/dumps/0018check_jump_loop_1.nft
new file mode 100644
index 0000000..437900b
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0018check_jump_loop_1.nft
@@ -0,0 +1,8 @@
+table ip filter {
+	chain ap1 {
+		jump ap2
+	}
+
+	chain ap2 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0019masquerade_jump_1.nft b/tests/shell/testcases/chains/dumps/0019masquerade_jump_1.nft
new file mode 100644
index 0000000..81cf9cc
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0019masquerade_jump_1.nft
@@ -0,0 +1,9 @@
+table ip t {
+	chain input {
+		type filter hook input priority filter + 4; policy accept;
+		ip saddr vmap { 1.1.1.1 : jump c1 }
+	}
+
+	chain c1 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0020depth_1.nft b/tests/shell/testcases/chains/dumps/0020depth_1.nft
new file mode 100644
index 0000000..422c395
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0020depth_1.nft
@@ -0,0 +1,84 @@
+table ip filter {
+	chain input {
+		type filter hook input priority filter; policy accept;
+		jump a1
+	}
+
+	chain a0 {
+		jump a1
+	}
+
+	chain a1 {
+		jump a2
+	}
+
+	chain a2 {
+		jump a3
+	}
+
+	chain a3 {
+		jump a4
+	}
+
+	chain a4 {
+		jump a5
+	}
+
+	chain a5 {
+		jump a6
+	}
+
+	chain a6 {
+		jump a7
+	}
+
+	chain a7 {
+		jump a8
+	}
+
+	chain a8 {
+		jump a9
+	}
+
+	chain a9 {
+		jump a10
+	}
+
+	chain a10 {
+	}
+
+	chain a11 {
+		jump a12
+	}
+
+	chain a12 {
+		jump a13
+	}
+
+	chain a13 {
+		jump a14
+	}
+
+	chain a14 {
+		jump a15
+	}
+
+	chain a15 {
+		jump a16
+	}
+
+	chain a16 {
+		jump a17
+	}
+
+	chain a17 {
+		jump a18
+	}
+
+	chain a18 {
+		jump a19
+	}
+
+	chain a19 {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0021prio_0.nft b/tests/shell/testcases/chains/dumps/0021prio_0.nft
new file mode 100644
index 0000000..4297d24
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0021prio_0.nft
@@ -0,0 +1,1566 @@
+table ip x {
+	chain preroutingrawm11 {
+		type filter hook prerouting priority -311; policy accept;
+	}
+
+	chain preroutingrawm10 {
+		type filter hook prerouting priority raw - 10; policy accept;
+	}
+
+	chain preroutingraw {
+		type filter hook prerouting priority raw; policy accept;
+	}
+
+	chain preroutingrawp10 {
+		type filter hook prerouting priority raw + 10; policy accept;
+	}
+
+	chain preroutingrawp11 {
+		type filter hook prerouting priority -289; policy accept;
+	}
+
+	chain preroutingmanglem11 {
+		type filter hook prerouting priority -161; policy accept;
+	}
+
+	chain preroutingmanglem10 {
+		type filter hook prerouting priority mangle - 10; policy accept;
+	}
+
+	chain preroutingmangle {
+		type filter hook prerouting priority mangle; policy accept;
+	}
+
+	chain preroutingmanglep10 {
+		type filter hook prerouting priority mangle + 10; policy accept;
+	}
+
+	chain preroutingmanglep11 {
+		type filter hook prerouting priority -139; policy accept;
+	}
+
+	chain preroutingfilterm11 {
+		type filter hook prerouting priority -11; policy accept;
+	}
+
+	chain preroutingfilterm10 {
+		type filter hook prerouting priority filter - 10; policy accept;
+	}
+
+	chain preroutingfilter {
+		type filter hook prerouting priority filter; policy accept;
+	}
+
+	chain preroutingfilterp10 {
+		type filter hook prerouting priority filter + 10; policy accept;
+	}
+
+	chain preroutingfilterp11 {
+		type filter hook prerouting priority 11; policy accept;
+	}
+
+	chain preroutingsecuritym11 {
+		type filter hook prerouting priority 39; policy accept;
+	}
+
+	chain preroutingsecuritym10 {
+		type filter hook prerouting priority security - 10; policy accept;
+	}
+
+	chain preroutingsecurity {
+		type filter hook prerouting priority security; policy accept;
+	}
+
+	chain preroutingsecurityp10 {
+		type filter hook prerouting priority security + 10; policy accept;
+	}
+
+	chain preroutingsecurityp11 {
+		type filter hook prerouting priority 61; policy accept;
+	}
+
+	chain inputrawm11 {
+		type filter hook input priority -311; policy accept;
+	}
+
+	chain inputrawm10 {
+		type filter hook input priority raw - 10; policy accept;
+	}
+
+	chain inputraw {
+		type filter hook input priority raw; policy accept;
+	}
+
+	chain inputrawp10 {
+		type filter hook input priority raw + 10; policy accept;
+	}
+
+	chain inputrawp11 {
+		type filter hook input priority -289; policy accept;
+	}
+
+	chain inputmanglem11 {
+		type filter hook input priority -161; policy accept;
+	}
+
+	chain inputmanglem10 {
+		type filter hook input priority mangle - 10; policy accept;
+	}
+
+	chain inputmangle {
+		type filter hook input priority mangle; policy accept;
+	}
+
+	chain inputmanglep10 {
+		type filter hook input priority mangle + 10; policy accept;
+	}
+
+	chain inputmanglep11 {
+		type filter hook input priority -139; policy accept;
+	}
+
+	chain inputfilterm11 {
+		type filter hook input priority -11; policy accept;
+	}
+
+	chain inputfilterm10 {
+		type filter hook input priority filter - 10; policy accept;
+	}
+
+	chain inputfilter {
+		type filter hook input priority filter; policy accept;
+	}
+
+	chain inputfilterp10 {
+		type filter hook input priority filter + 10; policy accept;
+	}
+
+	chain inputfilterp11 {
+		type filter hook input priority 11; policy accept;
+	}
+
+	chain inputsecuritym11 {
+		type filter hook input priority 39; policy accept;
+	}
+
+	chain inputsecuritym10 {
+		type filter hook input priority security - 10; policy accept;
+	}
+
+	chain inputsecurity {
+		type filter hook input priority security; policy accept;
+	}
+
+	chain inputsecurityp10 {
+		type filter hook input priority security + 10; policy accept;
+	}
+
+	chain inputsecurityp11 {
+		type filter hook input priority 61; policy accept;
+	}
+
+	chain forwardrawm11 {
+		type filter hook forward priority -311; policy accept;
+	}
+
+	chain forwardrawm10 {
+		type filter hook forward priority raw - 10; policy accept;
+	}
+
+	chain forwardraw {
+		type filter hook forward priority raw; policy accept;
+	}
+
+	chain forwardrawp10 {
+		type filter hook forward priority raw + 10; policy accept;
+	}
+
+	chain forwardrawp11 {
+		type filter hook forward priority -289; policy accept;
+	}
+
+	chain forwardmanglem11 {
+		type filter hook forward priority -161; policy accept;
+	}
+
+	chain forwardmanglem10 {
+		type filter hook forward priority mangle - 10; policy accept;
+	}
+
+	chain forwardmangle {
+		type filter hook forward priority mangle; policy accept;
+	}
+
+	chain forwardmanglep10 {
+		type filter hook forward priority mangle + 10; policy accept;
+	}
+
+	chain forwardmanglep11 {
+		type filter hook forward priority -139; policy accept;
+	}
+
+	chain forwardfilterm11 {
+		type filter hook forward priority -11; policy accept;
+	}
+
+	chain forwardfilterm10 {
+		type filter hook forward priority filter - 10; policy accept;
+	}
+
+	chain forwardfilter {
+		type filter hook forward priority filter; policy accept;
+	}
+
+	chain forwardfilterp10 {
+		type filter hook forward priority filter + 10; policy accept;
+	}
+
+	chain forwardfilterp11 {
+		type filter hook forward priority 11; policy accept;
+	}
+
+	chain forwardsecuritym11 {
+		type filter hook forward priority 39; policy accept;
+	}
+
+	chain forwardsecuritym10 {
+		type filter hook forward priority security - 10; policy accept;
+	}
+
+	chain forwardsecurity {
+		type filter hook forward priority security; policy accept;
+	}
+
+	chain forwardsecurityp10 {
+		type filter hook forward priority security + 10; policy accept;
+	}
+
+	chain forwardsecurityp11 {
+		type filter hook forward priority 61; policy accept;
+	}
+
+	chain outputrawm11 {
+		type filter hook output priority -311; policy accept;
+	}
+
+	chain outputrawm10 {
+		type filter hook output priority raw - 10; policy accept;
+	}
+
+	chain outputraw {
+		type filter hook output priority raw; policy accept;
+	}
+
+	chain outputrawp10 {
+		type filter hook output priority raw + 10; policy accept;
+	}
+
+	chain outputrawp11 {
+		type filter hook output priority -289; policy accept;
+	}
+
+	chain outputmanglem11 {
+		type filter hook output priority -161; policy accept;
+	}
+
+	chain outputmanglem10 {
+		type filter hook output priority mangle - 10; policy accept;
+	}
+
+	chain outputmangle {
+		type filter hook output priority mangle; policy accept;
+	}
+
+	chain outputmanglep10 {
+		type filter hook output priority mangle + 10; policy accept;
+	}
+
+	chain outputmanglep11 {
+		type filter hook output priority -139; policy accept;
+	}
+
+	chain outputfilterm11 {
+		type filter hook output priority -11; policy accept;
+	}
+
+	chain outputfilterm10 {
+		type filter hook output priority filter - 10; policy accept;
+	}
+
+	chain outputfilter {
+		type filter hook output priority filter; policy accept;
+	}
+
+	chain outputfilterp10 {
+		type filter hook output priority filter + 10; policy accept;
+	}
+
+	chain outputfilterp11 {
+		type filter hook output priority 11; policy accept;
+	}
+
+	chain outputsecuritym11 {
+		type filter hook output priority 39; policy accept;
+	}
+
+	chain outputsecuritym10 {
+		type filter hook output priority security - 10; policy accept;
+	}
+
+	chain outputsecurity {
+		type filter hook output priority security; policy accept;
+	}
+
+	chain outputsecurityp10 {
+		type filter hook output priority security + 10; policy accept;
+	}
+
+	chain outputsecurityp11 {
+		type filter hook output priority 61; policy accept;
+	}
+
+	chain postroutingrawm11 {
+		type filter hook postrouting priority -311; policy accept;
+	}
+
+	chain postroutingrawm10 {
+		type filter hook postrouting priority raw - 10; policy accept;
+	}
+
+	chain postroutingraw {
+		type filter hook postrouting priority raw; policy accept;
+	}
+
+	chain postroutingrawp10 {
+		type filter hook postrouting priority raw + 10; policy accept;
+	}
+
+	chain postroutingrawp11 {
+		type filter hook postrouting priority -289; policy accept;
+	}
+
+	chain postroutingmanglem11 {
+		type filter hook postrouting priority -161; policy accept;
+	}
+
+	chain postroutingmanglem10 {
+		type filter hook postrouting priority mangle - 10; policy accept;
+	}
+
+	chain postroutingmangle {
+		type filter hook postrouting priority mangle; policy accept;
+	}
+
+	chain postroutingmanglep10 {
+		type filter hook postrouting priority mangle + 10; policy accept;
+	}
+
+	chain postroutingmanglep11 {
+		type filter hook postrouting priority -139; policy accept;
+	}
+
+	chain postroutingfilterm11 {
+		type filter hook postrouting priority -11; policy accept;
+	}
+
+	chain postroutingfilterm10 {
+		type filter hook postrouting priority filter - 10; policy accept;
+	}
+
+	chain postroutingfilter {
+		type filter hook postrouting priority filter; policy accept;
+	}
+
+	chain postroutingfilterp10 {
+		type filter hook postrouting priority filter + 10; policy accept;
+	}
+
+	chain postroutingfilterp11 {
+		type filter hook postrouting priority 11; policy accept;
+	}
+
+	chain postroutingsecuritym11 {
+		type filter hook postrouting priority 39; policy accept;
+	}
+
+	chain postroutingsecuritym10 {
+		type filter hook postrouting priority security - 10; policy accept;
+	}
+
+	chain postroutingsecurity {
+		type filter hook postrouting priority security; policy accept;
+	}
+
+	chain postroutingsecurityp10 {
+		type filter hook postrouting priority security + 10; policy accept;
+	}
+
+	chain postroutingsecurityp11 {
+		type filter hook postrouting priority 61; policy accept;
+	}
+
+	chain preroutingdstnatm11 {
+		type filter hook prerouting priority -111; policy accept;
+	}
+
+	chain preroutingdstnatm10 {
+		type filter hook prerouting priority dstnat - 10; policy accept;
+	}
+
+	chain preroutingdstnat {
+		type filter hook prerouting priority dstnat; policy accept;
+	}
+
+	chain preroutingdstnatp10 {
+		type filter hook prerouting priority dstnat + 10; policy accept;
+	}
+
+	chain preroutingdstnatp11 {
+		type filter hook prerouting priority -89; policy accept;
+	}
+
+	chain postroutingsrcnatm11 {
+		type filter hook postrouting priority 89; policy accept;
+	}
+
+	chain postroutingsrcnatm10 {
+		type filter hook postrouting priority srcnat - 10; policy accept;
+	}
+
+	chain postroutingsrcnat {
+		type filter hook postrouting priority srcnat; policy accept;
+	}
+
+	chain postroutingsrcnatp10 {
+		type filter hook postrouting priority srcnat + 10; policy accept;
+	}
+
+	chain postroutingsrcnatp11 {
+		type filter hook postrouting priority 111; policy accept;
+	}
+}
+table ip6 x {
+	chain preroutingrawm11 {
+		type filter hook prerouting priority -311; policy accept;
+	}
+
+	chain preroutingrawm10 {
+		type filter hook prerouting priority raw - 10; policy accept;
+	}
+
+	chain preroutingraw {
+		type filter hook prerouting priority raw; policy accept;
+	}
+
+	chain preroutingrawp10 {
+		type filter hook prerouting priority raw + 10; policy accept;
+	}
+
+	chain preroutingrawp11 {
+		type filter hook prerouting priority -289; policy accept;
+	}
+
+	chain preroutingmanglem11 {
+		type filter hook prerouting priority -161; policy accept;
+	}
+
+	chain preroutingmanglem10 {
+		type filter hook prerouting priority mangle - 10; policy accept;
+	}
+
+	chain preroutingmangle {
+		type filter hook prerouting priority mangle; policy accept;
+	}
+
+	chain preroutingmanglep10 {
+		type filter hook prerouting priority mangle + 10; policy accept;
+	}
+
+	chain preroutingmanglep11 {
+		type filter hook prerouting priority -139; policy accept;
+	}
+
+	chain preroutingfilterm11 {
+		type filter hook prerouting priority -11; policy accept;
+	}
+
+	chain preroutingfilterm10 {
+		type filter hook prerouting priority filter - 10; policy accept;
+	}
+
+	chain preroutingfilter {
+		type filter hook prerouting priority filter; policy accept;
+	}
+
+	chain preroutingfilterp10 {
+		type filter hook prerouting priority filter + 10; policy accept;
+	}
+
+	chain preroutingfilterp11 {
+		type filter hook prerouting priority 11; policy accept;
+	}
+
+	chain preroutingsecuritym11 {
+		type filter hook prerouting priority 39; policy accept;
+	}
+
+	chain preroutingsecuritym10 {
+		type filter hook prerouting priority security - 10; policy accept;
+	}
+
+	chain preroutingsecurity {
+		type filter hook prerouting priority security; policy accept;
+	}
+
+	chain preroutingsecurityp10 {
+		type filter hook prerouting priority security + 10; policy accept;
+	}
+
+	chain preroutingsecurityp11 {
+		type filter hook prerouting priority 61; policy accept;
+	}
+
+	chain inputrawm11 {
+		type filter hook input priority -311; policy accept;
+	}
+
+	chain inputrawm10 {
+		type filter hook input priority raw - 10; policy accept;
+	}
+
+	chain inputraw {
+		type filter hook input priority raw; policy accept;
+	}
+
+	chain inputrawp10 {
+		type filter hook input priority raw + 10; policy accept;
+	}
+
+	chain inputrawp11 {
+		type filter hook input priority -289; policy accept;
+	}
+
+	chain inputmanglem11 {
+		type filter hook input priority -161; policy accept;
+	}
+
+	chain inputmanglem10 {
+		type filter hook input priority mangle - 10; policy accept;
+	}
+
+	chain inputmangle {
+		type filter hook input priority mangle; policy accept;
+	}
+
+	chain inputmanglep10 {
+		type filter hook input priority mangle + 10; policy accept;
+	}
+
+	chain inputmanglep11 {
+		type filter hook input priority -139; policy accept;
+	}
+
+	chain inputfilterm11 {
+		type filter hook input priority -11; policy accept;
+	}
+
+	chain inputfilterm10 {
+		type filter hook input priority filter - 10; policy accept;
+	}
+
+	chain inputfilter {
+		type filter hook input priority filter; policy accept;
+	}
+
+	chain inputfilterp10 {
+		type filter hook input priority filter + 10; policy accept;
+	}
+
+	chain inputfilterp11 {
+		type filter hook input priority 11; policy accept;
+	}
+
+	chain inputsecuritym11 {
+		type filter hook input priority 39; policy accept;
+	}
+
+	chain inputsecuritym10 {
+		type filter hook input priority security - 10; policy accept;
+	}
+
+	chain inputsecurity {
+		type filter hook input priority security; policy accept;
+	}
+
+	chain inputsecurityp10 {
+		type filter hook input priority security + 10; policy accept;
+	}
+
+	chain inputsecurityp11 {
+		type filter hook input priority 61; policy accept;
+	}
+
+	chain forwardrawm11 {
+		type filter hook forward priority -311; policy accept;
+	}
+
+	chain forwardrawm10 {
+		type filter hook forward priority raw - 10; policy accept;
+	}
+
+	chain forwardraw {
+		type filter hook forward priority raw; policy accept;
+	}
+
+	chain forwardrawp10 {
+		type filter hook forward priority raw + 10; policy accept;
+	}
+
+	chain forwardrawp11 {
+		type filter hook forward priority -289; policy accept;
+	}
+
+	chain forwardmanglem11 {
+		type filter hook forward priority -161; policy accept;
+	}
+
+	chain forwardmanglem10 {
+		type filter hook forward priority mangle - 10; policy accept;
+	}
+
+	chain forwardmangle {
+		type filter hook forward priority mangle; policy accept;
+	}
+
+	chain forwardmanglep10 {
+		type filter hook forward priority mangle + 10; policy accept;
+	}
+
+	chain forwardmanglep11 {
+		type filter hook forward priority -139; policy accept;
+	}
+
+	chain forwardfilterm11 {
+		type filter hook forward priority -11; policy accept;
+	}
+
+	chain forwardfilterm10 {
+		type filter hook forward priority filter - 10; policy accept;
+	}
+
+	chain forwardfilter {
+		type filter hook forward priority filter; policy accept;
+	}
+
+	chain forwardfilterp10 {
+		type filter hook forward priority filter + 10; policy accept;
+	}
+
+	chain forwardfilterp11 {
+		type filter hook forward priority 11; policy accept;
+	}
+
+	chain forwardsecuritym11 {
+		type filter hook forward priority 39; policy accept;
+	}
+
+	chain forwardsecuritym10 {
+		type filter hook forward priority security - 10; policy accept;
+	}
+
+	chain forwardsecurity {
+		type filter hook forward priority security; policy accept;
+	}
+
+	chain forwardsecurityp10 {
+		type filter hook forward priority security + 10; policy accept;
+	}
+
+	chain forwardsecurityp11 {
+		type filter hook forward priority 61; policy accept;
+	}
+
+	chain outputrawm11 {
+		type filter hook output priority -311; policy accept;
+	}
+
+	chain outputrawm10 {
+		type filter hook output priority raw - 10; policy accept;
+	}
+
+	chain outputraw {
+		type filter hook output priority raw; policy accept;
+	}
+
+	chain outputrawp10 {
+		type filter hook output priority raw + 10; policy accept;
+	}
+
+	chain outputrawp11 {
+		type filter hook output priority -289; policy accept;
+	}
+
+	chain outputmanglem11 {
+		type filter hook output priority -161; policy accept;
+	}
+
+	chain outputmanglem10 {
+		type filter hook output priority mangle - 10; policy accept;
+	}
+
+	chain outputmangle {
+		type filter hook output priority mangle; policy accept;
+	}
+
+	chain outputmanglep10 {
+		type filter hook output priority mangle + 10; policy accept;
+	}
+
+	chain outputmanglep11 {
+		type filter hook output priority -139; policy accept;
+	}
+
+	chain outputfilterm11 {
+		type filter hook output priority -11; policy accept;
+	}
+
+	chain outputfilterm10 {
+		type filter hook output priority filter - 10; policy accept;
+	}
+
+	chain outputfilter {
+		type filter hook output priority filter; policy accept;
+	}
+
+	chain outputfilterp10 {
+		type filter hook output priority filter + 10; policy accept;
+	}
+
+	chain outputfilterp11 {
+		type filter hook output priority 11; policy accept;
+	}
+
+	chain outputsecuritym11 {
+		type filter hook output priority 39; policy accept;
+	}
+
+	chain outputsecuritym10 {
+		type filter hook output priority security - 10; policy accept;
+	}
+
+	chain outputsecurity {
+		type filter hook output priority security; policy accept;
+	}
+
+	chain outputsecurityp10 {
+		type filter hook output priority security + 10; policy accept;
+	}
+
+	chain outputsecurityp11 {
+		type filter hook output priority 61; policy accept;
+	}
+
+	chain postroutingrawm11 {
+		type filter hook postrouting priority -311; policy accept;
+	}
+
+	chain postroutingrawm10 {
+		type filter hook postrouting priority raw - 10; policy accept;
+	}
+
+	chain postroutingraw {
+		type filter hook postrouting priority raw; policy accept;
+	}
+
+	chain postroutingrawp10 {
+		type filter hook postrouting priority raw + 10; policy accept;
+	}
+
+	chain postroutingrawp11 {
+		type filter hook postrouting priority -289; policy accept;
+	}
+
+	chain postroutingmanglem11 {
+		type filter hook postrouting priority -161; policy accept;
+	}
+
+	chain postroutingmanglem10 {
+		type filter hook postrouting priority mangle - 10; policy accept;
+	}
+
+	chain postroutingmangle {
+		type filter hook postrouting priority mangle; policy accept;
+	}
+
+	chain postroutingmanglep10 {
+		type filter hook postrouting priority mangle + 10; policy accept;
+	}
+
+	chain postroutingmanglep11 {
+		type filter hook postrouting priority -139; policy accept;
+	}
+
+	chain postroutingfilterm11 {
+		type filter hook postrouting priority -11; policy accept;
+	}
+
+	chain postroutingfilterm10 {
+		type filter hook postrouting priority filter - 10; policy accept;
+	}
+
+	chain postroutingfilter {
+		type filter hook postrouting priority filter; policy accept;
+	}
+
+	chain postroutingfilterp10 {
+		type filter hook postrouting priority filter + 10; policy accept;
+	}
+
+	chain postroutingfilterp11 {
+		type filter hook postrouting priority 11; policy accept;
+	}
+
+	chain postroutingsecuritym11 {
+		type filter hook postrouting priority 39; policy accept;
+	}
+
+	chain postroutingsecuritym10 {
+		type filter hook postrouting priority security - 10; policy accept;
+	}
+
+	chain postroutingsecurity {
+		type filter hook postrouting priority security; policy accept;
+	}
+
+	chain postroutingsecurityp10 {
+		type filter hook postrouting priority security + 10; policy accept;
+	}
+
+	chain postroutingsecurityp11 {
+		type filter hook postrouting priority 61; policy accept;
+	}
+
+	chain preroutingdstnatm11 {
+		type filter hook prerouting priority -111; policy accept;
+	}
+
+	chain preroutingdstnatm10 {
+		type filter hook prerouting priority dstnat - 10; policy accept;
+	}
+
+	chain preroutingdstnat {
+		type filter hook prerouting priority dstnat; policy accept;
+	}
+
+	chain preroutingdstnatp10 {
+		type filter hook prerouting priority dstnat + 10; policy accept;
+	}
+
+	chain preroutingdstnatp11 {
+		type filter hook prerouting priority -89; policy accept;
+	}
+
+	chain postroutingsrcnatm11 {
+		type filter hook postrouting priority 89; policy accept;
+	}
+
+	chain postroutingsrcnatm10 {
+		type filter hook postrouting priority srcnat - 10; policy accept;
+	}
+
+	chain postroutingsrcnat {
+		type filter hook postrouting priority srcnat; policy accept;
+	}
+
+	chain postroutingsrcnatp10 {
+		type filter hook postrouting priority srcnat + 10; policy accept;
+	}
+
+	chain postroutingsrcnatp11 {
+		type filter hook postrouting priority 111; policy accept;
+	}
+}
+table inet x {
+	chain preroutingrawm11 {
+		type filter hook prerouting priority -311; policy accept;
+	}
+
+	chain preroutingrawm10 {
+		type filter hook prerouting priority raw - 10; policy accept;
+	}
+
+	chain preroutingraw {
+		type filter hook prerouting priority raw; policy accept;
+	}
+
+	chain preroutingrawp10 {
+		type filter hook prerouting priority raw + 10; policy accept;
+	}
+
+	chain preroutingrawp11 {
+		type filter hook prerouting priority -289; policy accept;
+	}
+
+	chain preroutingmanglem11 {
+		type filter hook prerouting priority -161; policy accept;
+	}
+
+	chain preroutingmanglem10 {
+		type filter hook prerouting priority mangle - 10; policy accept;
+	}
+
+	chain preroutingmangle {
+		type filter hook prerouting priority mangle; policy accept;
+	}
+
+	chain preroutingmanglep10 {
+		type filter hook prerouting priority mangle + 10; policy accept;
+	}
+
+	chain preroutingmanglep11 {
+		type filter hook prerouting priority -139; policy accept;
+	}
+
+	chain preroutingfilterm11 {
+		type filter hook prerouting priority -11; policy accept;
+	}
+
+	chain preroutingfilterm10 {
+		type filter hook prerouting priority filter - 10; policy accept;
+	}
+
+	chain preroutingfilter {
+		type filter hook prerouting priority filter; policy accept;
+	}
+
+	chain preroutingfilterp10 {
+		type filter hook prerouting priority filter + 10; policy accept;
+	}
+
+	chain preroutingfilterp11 {
+		type filter hook prerouting priority 11; policy accept;
+	}
+
+	chain preroutingsecuritym11 {
+		type filter hook prerouting priority 39; policy accept;
+	}
+
+	chain preroutingsecuritym10 {
+		type filter hook prerouting priority security - 10; policy accept;
+	}
+
+	chain preroutingsecurity {
+		type filter hook prerouting priority security; policy accept;
+	}
+
+	chain preroutingsecurityp10 {
+		type filter hook prerouting priority security + 10; policy accept;
+	}
+
+	chain preroutingsecurityp11 {
+		type filter hook prerouting priority 61; policy accept;
+	}
+
+	chain inputrawm11 {
+		type filter hook input priority -311; policy accept;
+	}
+
+	chain inputrawm10 {
+		type filter hook input priority raw - 10; policy accept;
+	}
+
+	chain inputraw {
+		type filter hook input priority raw; policy accept;
+	}
+
+	chain inputrawp10 {
+		type filter hook input priority raw + 10; policy accept;
+	}
+
+	chain inputrawp11 {
+		type filter hook input priority -289; policy accept;
+	}
+
+	chain inputmanglem11 {
+		type filter hook input priority -161; policy accept;
+	}
+
+	chain inputmanglem10 {
+		type filter hook input priority mangle - 10; policy accept;
+	}
+
+	chain inputmangle {
+		type filter hook input priority mangle; policy accept;
+	}
+
+	chain inputmanglep10 {
+		type filter hook input priority mangle + 10; policy accept;
+	}
+
+	chain inputmanglep11 {
+		type filter hook input priority -139; policy accept;
+	}
+
+	chain inputfilterm11 {
+		type filter hook input priority -11; policy accept;
+	}
+
+	chain inputfilterm10 {
+		type filter hook input priority filter - 10; policy accept;
+	}
+
+	chain inputfilter {
+		type filter hook input priority filter; policy accept;
+	}
+
+	chain inputfilterp10 {
+		type filter hook input priority filter + 10; policy accept;
+	}
+
+	chain inputfilterp11 {
+		type filter hook input priority 11; policy accept;
+	}
+
+	chain inputsecuritym11 {
+		type filter hook input priority 39; policy accept;
+	}
+
+	chain inputsecuritym10 {
+		type filter hook input priority security - 10; policy accept;
+	}
+
+	chain inputsecurity {
+		type filter hook input priority security; policy accept;
+	}
+
+	chain inputsecurityp10 {
+		type filter hook input priority security + 10; policy accept;
+	}
+
+	chain inputsecurityp11 {
+		type filter hook input priority 61; policy accept;
+	}
+
+	chain forwardrawm11 {
+		type filter hook forward priority -311; policy accept;
+	}
+
+	chain forwardrawm10 {
+		type filter hook forward priority raw - 10; policy accept;
+	}
+
+	chain forwardraw {
+		type filter hook forward priority raw; policy accept;
+	}
+
+	chain forwardrawp10 {
+		type filter hook forward priority raw + 10; policy accept;
+	}
+
+	chain forwardrawp11 {
+		type filter hook forward priority -289; policy accept;
+	}
+
+	chain forwardmanglem11 {
+		type filter hook forward priority -161; policy accept;
+	}
+
+	chain forwardmanglem10 {
+		type filter hook forward priority mangle - 10; policy accept;
+	}
+
+	chain forwardmangle {
+		type filter hook forward priority mangle; policy accept;
+	}
+
+	chain forwardmanglep10 {
+		type filter hook forward priority mangle + 10; policy accept;
+	}
+
+	chain forwardmanglep11 {
+		type filter hook forward priority -139; policy accept;
+	}
+
+	chain forwardfilterm11 {
+		type filter hook forward priority -11; policy accept;
+	}
+
+	chain forwardfilterm10 {
+		type filter hook forward priority filter - 10; policy accept;
+	}
+
+	chain forwardfilter {
+		type filter hook forward priority filter; policy accept;
+	}
+
+	chain forwardfilterp10 {
+		type filter hook forward priority filter + 10; policy accept;
+	}
+
+	chain forwardfilterp11 {
+		type filter hook forward priority 11; policy accept;
+	}
+
+	chain forwardsecuritym11 {
+		type filter hook forward priority 39; policy accept;
+	}
+
+	chain forwardsecuritym10 {
+		type filter hook forward priority security - 10; policy accept;
+	}
+
+	chain forwardsecurity {
+		type filter hook forward priority security; policy accept;
+	}
+
+	chain forwardsecurityp10 {
+		type filter hook forward priority security + 10; policy accept;
+	}
+
+	chain forwardsecurityp11 {
+		type filter hook forward priority 61; policy accept;
+	}
+
+	chain outputrawm11 {
+		type filter hook output priority -311; policy accept;
+	}
+
+	chain outputrawm10 {
+		type filter hook output priority raw - 10; policy accept;
+	}
+
+	chain outputraw {
+		type filter hook output priority raw; policy accept;
+	}
+
+	chain outputrawp10 {
+		type filter hook output priority raw + 10; policy accept;
+	}
+
+	chain outputrawp11 {
+		type filter hook output priority -289; policy accept;
+	}
+
+	chain outputmanglem11 {
+		type filter hook output priority -161; policy accept;
+	}
+
+	chain outputmanglem10 {
+		type filter hook output priority mangle - 10; policy accept;
+	}
+
+	chain outputmangle {
+		type filter hook output priority mangle; policy accept;
+	}
+
+	chain outputmanglep10 {
+		type filter hook output priority mangle + 10; policy accept;
+	}
+
+	chain outputmanglep11 {
+		type filter hook output priority -139; policy accept;
+	}
+
+	chain outputfilterm11 {
+		type filter hook output priority -11; policy accept;
+	}
+
+	chain outputfilterm10 {
+		type filter hook output priority filter - 10; policy accept;
+	}
+
+	chain outputfilter {
+		type filter hook output priority filter; policy accept;
+	}
+
+	chain outputfilterp10 {
+		type filter hook output priority filter + 10; policy accept;
+	}
+
+	chain outputfilterp11 {
+		type filter hook output priority 11; policy accept;
+	}
+
+	chain outputsecuritym11 {
+		type filter hook output priority 39; policy accept;
+	}
+
+	chain outputsecuritym10 {
+		type filter hook output priority security - 10; policy accept;
+	}
+
+	chain outputsecurity {
+		type filter hook output priority security; policy accept;
+	}
+
+	chain outputsecurityp10 {
+		type filter hook output priority security + 10; policy accept;
+	}
+
+	chain outputsecurityp11 {
+		type filter hook output priority 61; policy accept;
+	}
+
+	chain postroutingrawm11 {
+		type filter hook postrouting priority -311; policy accept;
+	}
+
+	chain postroutingrawm10 {
+		type filter hook postrouting priority raw - 10; policy accept;
+	}
+
+	chain postroutingraw {
+		type filter hook postrouting priority raw; policy accept;
+	}
+
+	chain postroutingrawp10 {
+		type filter hook postrouting priority raw + 10; policy accept;
+	}
+
+	chain postroutingrawp11 {
+		type filter hook postrouting priority -289; policy accept;
+	}
+
+	chain postroutingmanglem11 {
+		type filter hook postrouting priority -161; policy accept;
+	}
+
+	chain postroutingmanglem10 {
+		type filter hook postrouting priority mangle - 10; policy accept;
+	}
+
+	chain postroutingmangle {
+		type filter hook postrouting priority mangle; policy accept;
+	}
+
+	chain postroutingmanglep10 {
+		type filter hook postrouting priority mangle + 10; policy accept;
+	}
+
+	chain postroutingmanglep11 {
+		type filter hook postrouting priority -139; policy accept;
+	}
+
+	chain postroutingfilterm11 {
+		type filter hook postrouting priority -11; policy accept;
+	}
+
+	chain postroutingfilterm10 {
+		type filter hook postrouting priority filter - 10; policy accept;
+	}
+
+	chain postroutingfilter {
+		type filter hook postrouting priority filter; policy accept;
+	}
+
+	chain postroutingfilterp10 {
+		type filter hook postrouting priority filter + 10; policy accept;
+	}
+
+	chain postroutingfilterp11 {
+		type filter hook postrouting priority 11; policy accept;
+	}
+
+	chain postroutingsecuritym11 {
+		type filter hook postrouting priority 39; policy accept;
+	}
+
+	chain postroutingsecuritym10 {
+		type filter hook postrouting priority security - 10; policy accept;
+	}
+
+	chain postroutingsecurity {
+		type filter hook postrouting priority security; policy accept;
+	}
+
+	chain postroutingsecurityp10 {
+		type filter hook postrouting priority security + 10; policy accept;
+	}
+
+	chain postroutingsecurityp11 {
+		type filter hook postrouting priority 61; policy accept;
+	}
+
+	chain preroutingdstnatm11 {
+		type filter hook prerouting priority -111; policy accept;
+	}
+
+	chain preroutingdstnatm10 {
+		type filter hook prerouting priority dstnat - 10; policy accept;
+	}
+
+	chain preroutingdstnat {
+		type filter hook prerouting priority dstnat; policy accept;
+	}
+
+	chain preroutingdstnatp10 {
+		type filter hook prerouting priority dstnat + 10; policy accept;
+	}
+
+	chain preroutingdstnatp11 {
+		type filter hook prerouting priority -89; policy accept;
+	}
+
+	chain postroutingsrcnatm11 {
+		type filter hook postrouting priority 89; policy accept;
+	}
+
+	chain postroutingsrcnatm10 {
+		type filter hook postrouting priority srcnat - 10; policy accept;
+	}
+
+	chain postroutingsrcnat {
+		type filter hook postrouting priority srcnat; policy accept;
+	}
+
+	chain postroutingsrcnatp10 {
+		type filter hook postrouting priority srcnat + 10; policy accept;
+	}
+
+	chain postroutingsrcnatp11 {
+		type filter hook postrouting priority 111; policy accept;
+	}
+}
+table arp x {
+	chain inputfilterm11 {
+		type filter hook input priority -11; policy accept;
+	}
+
+	chain inputfilterm10 {
+		type filter hook input priority filter - 10; policy accept;
+	}
+
+	chain inputfilter {
+		type filter hook input priority filter; policy accept;
+	}
+
+	chain inputfilterp10 {
+		type filter hook input priority filter + 10; policy accept;
+	}
+
+	chain inputfilterp11 {
+		type filter hook input priority 11; policy accept;
+	}
+
+	chain outputfilterm11 {
+		type filter hook output priority -11; policy accept;
+	}
+
+	chain outputfilterm10 {
+		type filter hook output priority filter - 10; policy accept;
+	}
+
+	chain outputfilter {
+		type filter hook output priority filter; policy accept;
+	}
+
+	chain outputfilterp10 {
+		type filter hook output priority filter + 10; policy accept;
+	}
+
+	chain outputfilterp11 {
+		type filter hook output priority 11; policy accept;
+	}
+}
+table netdev x {
+	chain ingressfilterm11 {
+		type filter hook ingress device "lo" priority -11; policy accept;
+	}
+
+	chain ingressfilterm10 {
+		type filter hook ingress device "lo" priority filter - 10; policy accept;
+	}
+
+	chain ingressfilter {
+		type filter hook ingress device "lo" priority filter; policy accept;
+	}
+
+	chain ingressfilterp10 {
+		type filter hook ingress device "lo" priority filter + 10; policy accept;
+	}
+
+	chain ingressfilterp11 {
+		type filter hook ingress device "lo" priority 11; policy accept;
+	}
+
+	chain egressfilterm11 {
+		type filter hook egress device "lo" priority -11; policy accept;
+	}
+
+	chain egressfilterm10 {
+		type filter hook egress device "lo" priority filter - 10; policy accept;
+	}
+
+	chain egressfilter {
+		type filter hook egress device "lo" priority filter; policy accept;
+	}
+
+	chain egressfilterp10 {
+		type filter hook egress device "lo" priority filter + 10; policy accept;
+	}
+
+	chain egressfilterp11 {
+		type filter hook egress device "lo" priority 11; policy accept;
+	}
+}
+table bridge x {
+	chain preroutingfilterm11 {
+		type filter hook prerouting priority -211; policy accept;
+	}
+
+	chain preroutingfilterm10 {
+		type filter hook prerouting priority filter - 10; policy accept;
+	}
+
+	chain preroutingfilter {
+		type filter hook prerouting priority filter; policy accept;
+	}
+
+	chain preroutingfilterp10 {
+		type filter hook prerouting priority filter + 10; policy accept;
+	}
+
+	chain preroutingfilterp11 {
+		type filter hook prerouting priority -189; policy accept;
+	}
+
+	chain inputfilterm11 {
+		type filter hook input priority -211; policy accept;
+	}
+
+	chain inputfilterm10 {
+		type filter hook input priority filter - 10; policy accept;
+	}
+
+	chain inputfilter {
+		type filter hook input priority filter; policy accept;
+	}
+
+	chain inputfilterp10 {
+		type filter hook input priority filter + 10; policy accept;
+	}
+
+	chain inputfilterp11 {
+		type filter hook input priority -189; policy accept;
+	}
+
+	chain forwardfilterm11 {
+		type filter hook forward priority -211; policy accept;
+	}
+
+	chain forwardfilterm10 {
+		type filter hook forward priority filter - 10; policy accept;
+	}
+
+	chain forwardfilter {
+		type filter hook forward priority filter; policy accept;
+	}
+
+	chain forwardfilterp10 {
+		type filter hook forward priority filter + 10; policy accept;
+	}
+
+	chain forwardfilterp11 {
+		type filter hook forward priority -189; policy accept;
+	}
+
+	chain outputfilterm11 {
+		type filter hook output priority -211; policy accept;
+	}
+
+	chain outputfilterm10 {
+		type filter hook output priority filter - 10; policy accept;
+	}
+
+	chain outputfilter {
+		type filter hook output priority filter; policy accept;
+	}
+
+	chain outputfilterp10 {
+		type filter hook output priority filter + 10; policy accept;
+	}
+
+	chain outputfilterp11 {
+		type filter hook output priority -189; policy accept;
+	}
+
+	chain postroutingfilterm11 {
+		type filter hook postrouting priority -211; policy accept;
+	}
+
+	chain postroutingfilterm10 {
+		type filter hook postrouting priority filter - 10; policy accept;
+	}
+
+	chain postroutingfilter {
+		type filter hook postrouting priority filter; policy accept;
+	}
+
+	chain postroutingfilterp10 {
+		type filter hook postrouting priority filter + 10; policy accept;
+	}
+
+	chain postroutingfilterp11 {
+		type filter hook postrouting priority -189; policy accept;
+	}
+
+	chain preroutingdstnatm11 {
+		type filter hook prerouting priority -311; policy accept;
+	}
+
+	chain preroutingdstnatm10 {
+		type filter hook prerouting priority dstnat - 10; policy accept;
+	}
+
+	chain preroutingdstnat {
+		type filter hook prerouting priority dstnat; policy accept;
+	}
+
+	chain preroutingdstnatp10 {
+		type filter hook prerouting priority dstnat + 10; policy accept;
+	}
+
+	chain preroutingdstnatp11 {
+		type filter hook prerouting priority -289; policy accept;
+	}
+
+	chain outputoutm11 {
+		type filter hook output priority 89; policy accept;
+	}
+
+	chain outputoutm10 {
+		type filter hook output priority out - 10; policy accept;
+	}
+
+	chain outputout {
+		type filter hook output priority out; policy accept;
+	}
+
+	chain outputoutp10 {
+		type filter hook output priority out + 10; policy accept;
+	}
+
+	chain outputoutp11 {
+		type filter hook output priority 111; policy accept;
+	}
+
+	chain postroutingsrcnatm11 {
+		type filter hook postrouting priority 289; policy accept;
+	}
+
+	chain postroutingsrcnatm10 {
+		type filter hook postrouting priority srcnat - 10; policy accept;
+	}
+
+	chain postroutingsrcnat {
+		type filter hook postrouting priority srcnat; policy accept;
+	}
+
+	chain postroutingsrcnatp10 {
+		type filter hook postrouting priority srcnat + 10; policy accept;
+	}
+
+	chain postroutingsrcnatp11 {
+		type filter hook postrouting priority 311; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0022prio_dummy_1.nft b/tests/shell/testcases/chains/dumps/0022prio_dummy_1.nft
new file mode 100644
index 0000000..5d4d2ca
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0022prio_dummy_1.nft
@@ -0,0 +1,2 @@
+table ip x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.nft b/tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.nft
new file mode 100644
index 0000000..46912ea
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0023prio_inet_srcnat_1.nft
@@ -0,0 +1,6 @@
+table ip x {
+}
+table ip6 x {
+}
+table inet x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.nft b/tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.nft
new file mode 100644
index 0000000..46912ea
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0024prio_inet_dstnat_1.nft
@@ -0,0 +1,6 @@
+table ip x {
+}
+table ip6 x {
+}
+table inet x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0025prio_arp_1.nft b/tests/shell/testcases/chains/dumps/0025prio_arp_1.nft
new file mode 100644
index 0000000..7483cda
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0025prio_arp_1.nft
@@ -0,0 +1,2 @@
+table arp x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0026prio_netdev_1.nft b/tests/shell/testcases/chains/dumps/0026prio_netdev_1.nft
new file mode 100644
index 0000000..aa571e0
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0026prio_netdev_1.nft
@@ -0,0 +1,2 @@
+table netdev x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.nft b/tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.nft
new file mode 100644
index 0000000..d17be81
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0027prio_bridge_dstnat_1.nft
@@ -0,0 +1,2 @@
+table bridge x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.nft b/tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.nft
new file mode 100644
index 0000000..d17be81
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0028prio_bridge_out_1.nft
@@ -0,0 +1,2 @@
+table bridge x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.nft b/tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.nft
new file mode 100644
index 0000000..d17be81
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0029prio_bridge_srcnat_1.nft
@@ -0,0 +1,2 @@
+table bridge x {
+}
diff --git a/tests/shell/testcases/chains/dumps/0030create_0.nft b/tests/shell/testcases/chains/dumps/0030create_0.nft
new file mode 100644
index 0000000..8e818d2
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0030create_0.nft
@@ -0,0 +1,4 @@
+table ip x {
+	chain y {
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0031priority_variable_0.nft b/tests/shell/testcases/chains/dumps/0031priority_variable_0.nft
new file mode 100644
index 0000000..f409309
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0031priority_variable_0.nft
@@ -0,0 +1,5 @@
+table inet global {
+	chain prerouting {
+		type filter hook prerouting priority filter; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0032priority_variable_0.nft b/tests/shell/testcases/chains/dumps/0032priority_variable_0.nft
new file mode 100644
index 0000000..1a1b079
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0032priority_variable_0.nft
@@ -0,0 +1,13 @@
+table inet global {
+	chain prerouting {
+		type filter hook prerouting priority filter + 10; policy accept;
+	}
+
+	chain forward {
+		type filter hook prerouting priority dstnat; policy accept;
+	}
+
+	chain postrouting {
+		type filter hook postrouting priority filter - 10; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0033priority_variable_1.nft b/tests/shell/testcases/chains/dumps/0033priority_variable_1.nft
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0033priority_variable_1.nft
diff --git a/tests/shell/testcases/chains/dumps/0034priority_variable_1.nft b/tests/shell/testcases/chains/dumps/0034priority_variable_1.nft
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0034priority_variable_1.nft
diff --git a/tests/shell/testcases/chains/dumps/0035policy_variable_0.nft b/tests/shell/testcases/chains/dumps/0035policy_variable_0.nft
new file mode 100644
index 0000000..f409309
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0035policy_variable_0.nft
@@ -0,0 +1,5 @@
+table inet global {
+	chain prerouting {
+		type filter hook prerouting priority filter; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0036policy_variable_0.nft b/tests/shell/testcases/chains/dumps/0036policy_variable_0.nft
new file mode 100644
index 0000000..d729e1e
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0036policy_variable_0.nft
@@ -0,0 +1,5 @@
+table inet global {
+	chain prerouting {
+		type filter hook prerouting priority filter; policy drop;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0037policy_variable_1.nft b/tests/shell/testcases/chains/dumps/0037policy_variable_1.nft
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0037policy_variable_1.nft
diff --git a/tests/shell/testcases/chains/dumps/0038policy_variable_1.nft b/tests/shell/testcases/chains/dumps/0038policy_variable_1.nft
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0038policy_variable_1.nft
diff --git a/tests/shell/testcases/chains/dumps/0039negative_priority_0.nft b/tests/shell/testcases/chains/dumps/0039negative_priority_0.nft
new file mode 100644
index 0000000..20f8272
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0039negative_priority_0.nft
@@ -0,0 +1,5 @@
+table ip t {
+	chain c {
+		type filter hook input priority -30; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0041chain_binding_0.nft b/tests/shell/testcases/chains/dumps/0041chain_binding_0.nft
new file mode 100644
index 0000000..520203d
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0041chain_binding_0.nft
@@ -0,0 +1,12 @@
+table inet x {
+	chain y {
+		type filter hook input priority filter; policy accept;
+		meta l4proto { tcp, udp } th dport 53 jump {
+			ip saddr { 127.0.0.0/8, 172.23.0.0/16, 192.168.13.0/24 } counter packets 0 bytes 0 accept
+			ip6 saddr ::1 counter packets 0 bytes 0 accept
+		}
+		meta l4proto ipv6-icmp jump {
+			counter packets 0 bytes 0 accept
+		}
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0042chain_variable_0.nft b/tests/shell/testcases/chains/dumps/0042chain_variable_0.nft
new file mode 100644
index 0000000..5ec230d
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0042chain_variable_0.nft
@@ -0,0 +1,19 @@
+table netdev filter1 {
+	chain Main_Ingress1 {
+		type filter hook ingress device "lo" priority -500; policy accept;
+	}
+}
+table netdev filter2 {
+	chain Main_Ingress2 {
+		type filter hook ingress devices = { dummy0, lo } priority -500; policy accept;
+	}
+}
+table netdev filter3 {
+	chain Main_Ingress3 {
+		type filter hook ingress devices = { dummy0, lo } priority -500; policy accept;
+	}
+
+	chain Main_Egress3 {
+		type filter hook egress device "lo" priority -500; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0043chain_ingress_0.nft b/tests/shell/testcases/chains/dumps/0043chain_ingress_0.nft
new file mode 100644
index 0000000..8483b26
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0043chain_ingress_0.nft
@@ -0,0 +1,13 @@
+table inet filter {
+	chain ingress {
+		type filter hook ingress device "lo" priority filter; policy accept;
+	}
+
+	chain input {
+		type filter hook input priority filter; policy accept;
+	}
+
+	chain forward {
+		type filter hook forward priority filter; policy accept;
+	}
+}
diff --git a/tests/shell/testcases/chains/dumps/0044chain_destroy_0.nft b/tests/shell/testcases/chains/dumps/0044chain_destroy_0.nft
new file mode 100644
index 0000000..985768b
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/0044chain_destroy_0.nft
@@ -0,0 +1,2 @@
+table ip t {
+}
diff --git a/tests/shell/testcases/chains/dumps/netdev_chain_0.nft b/tests/shell/testcases/chains/dumps/netdev_chain_0.nft
new file mode 100644
index 0000000..aa571e0
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/netdev_chain_0.nft
@@ -0,0 +1,2 @@
+table netdev x {
+}
diff --git a/tests/shell/testcases/chains/dumps/netdev_chain_autoremove.nft b/tests/shell/testcases/chains/dumps/netdev_chain_autoremove.nft
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/shell/testcases/chains/dumps/netdev_chain_autoremove.nft