tests/shell: skip reset tests if kernel lacks support

reset is implemented via flush + extra attribute, so older kernels perform a flush. This means .nft doesn't work, we need to check if the individual set contents/sets are still in place post-reset. Make this generic and permit use of feat.sh in addition to the simpler foo.nft feature files. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Thomas Haller <thaller@redhat.com>
author: Florian Westphal <fw@strlen.de> 2023-09-18 12:28:26 +0200
committer: Florian Westphal <fw@strlen.de> 2023-09-18 13:08:57 +0200
commit: 5f83041242ca0ff38a74d51b85e00047568c4933 (patch)
tree: 15c625ba17b2a5c6281c35c9468ef9f2edf514fa /tests/shell/features/reset_rule.sh
parent: 45060a09bc3ad1c4bcfd4ad91863e00ab58efb5b (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/tests/shell/features/reset_rule.sh b/tests/shell/features/reset_rule.sh
new file mode 100755
index 00000000..567ee2f1
--- /dev/null
+++ b/tests/shell/features/reset_rule.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# 8daa8fde3fc3 ("netfilter: nf_tables: Introduce NFT_MSG_GETRULE_RESET")
+# v6.2-rc1~99^2~210^2~2
+
+unshare -n bash -c "$NFT \"add table t; add chain t c ; add rule t c counter packets 1 bytes 42\"; \
+$NFT reset rules chain t c ; \
+$NFT reset rules chain t c |grep counter\ packets\ 0\ bytes\ 0"
author	Florian Westphal <fw@strlen.de>	2023-09-18 12:28:26 +0200
committer	Florian Westphal <fw@strlen.de>	2023-09-18 13:08:57 +0200
commit	5f83041242ca0ff38a74d51b85e00047568c4933 (patch)
tree	15c625ba17b2a5c6281c35c9468ef9f2edf514fa /tests/shell/features/reset_rule.sh
parent	45060a09bc3ad1c4bcfd4ad91863e00ab58efb5b (diff)