diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-08-21 11:17:41 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-08-28 00:26:58 +0200 |
| commit | 262b23df2c2b0eafb35c9d6d90de3db5726f9fa2 (patch) | |
| tree | 1986268d0476dd7dc8640e03f6cf425328f690cd | |
| parent | 3c9486b2af430a19495f0bc7a3794260a67241e7 (diff) | |
tests: shell: combine flowtable devices with variable expression
Expand test with flowtable devices defined with variables to improve
coverage.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
3 files changed, 84 insertions, 0 deletions
diff --git a/tests/shell/testcases/flowtable/0012flowtable_variable_0 b/tests/shell/testcases/flowtable/0012flowtable_variable_0 index ff35548e..71d2638b 100755 --- a/tests/shell/testcases/flowtable/0012flowtable_variable_0 +++ b/tests/shell/testcases/flowtable/0012flowtable_variable_0 @@ -9,14 +9,20 @@ ft_deldev() { } iface_cleanup() { + ip link del dummy0 &>/dev/null || : ip link del dummy1 &>/dev/null || : if [ "$NFT_TEST_HAVE_ifname_based_hooks" = y ]; then ft_deldev filter1 Main_ft1 dummy1 ft_deldev filter2 Main_ft2 dummy1 + ft_deldev filter3 Main_ft3 dummy0 + ft_deldev filter3 Main_ft3 dummy1 + ft_deldev filter4 Main_ft4 dummy0 + ft_deldev filter4 Main_ft4 dummy1 fi } trap 'iface_cleanup' EXIT +ip link add name dummy0 type dummy ip link add name dummy1 type dummy EXPECTED="define if_main = { lo, dummy1 } @@ -42,3 +48,31 @@ table filter2 { }" $NFT -f - <<< $EXPECTED + +RULESET="define var1 = \"dummy0\" +define var2 = { dummy1 } +define var3 = { lo, \$var1, \$var2 } + +table filter3 { + flowtable Main_ft3 { + hook ingress priority filter + counter + devices = { \$var3 } + } +}" + +$NFT -f - <<< $RULESET + +RULESET="define var1 = \"dummy0\" +define var2 = { dummy1 } +define var3 = { lo, \$var1, \$var2 } + +table filter4 { + flowtable Main_ft4 { + hook ingress priority filter + counter + devices = \$var3 + } +}" + +$NFT -f - <<< $RULESET diff --git a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft index 10f1df98..70f039fa 100644 --- a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft +++ b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft @@ -42,6 +42,42 @@ "prio": 0, "dev": "lo" } + }, + { + "table": { + "family": "ip", + "name": "filter3", + "handle": 0 + } + }, + { + "flowtable": { + "family": "ip", + "name": "Main_ft3", + "table": "filter3", + "handle": 0, + "hook": "ingress", + "prio": 0, + "dev": "lo" + } + }, + { + "table": { + "family": "ip", + "name": "filter4", + "handle": 0 + } + }, + { + "flowtable": { + "family": "ip", + "name": "Main_ft4", + "table": "filter4", + "handle": 0, + "hook": "ingress", + "prio": 0, + "dev": "lo" + } } ] } diff --git a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft index 7863822d..b598420a 100644 --- a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft +++ b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft @@ -12,3 +12,17 @@ table ip filter2 { counter } } +table ip filter3 { + flowtable Main_ft3 { + hook ingress priority filter + devices = { "lo" } + counter + } +} +table ip filter4 { + flowtable Main_ft4 { + hook ingress priority filter + devices = { "lo" } + counter + } +} |