diff options
| author | Florian Westphal <fw@strlen.de> | 2018-02-13 15:28:00 +0100 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2018-02-14 18:50:17 +0100 |
| commit | d988eb4029e049fcaf3a4f68a076b72cc32c3022 (patch) | |
| tree | b26b3d2bb8042abadd13b616c0b0e0047566c4f9 /tests/shell/testcases/sets | |
| parent | 31ba7ff89ae262cce57f4042b3902be4cda7fff8 (diff) | |
tests: add test case for sets updated from packet path
currently kernel may pick a set implementation that doesn't provide
a ->update() function. This causes an error when user attempts to
add the nftables rule that is supposed to add entries to the set.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell/testcases/sets')
| -rwxr-xr-x | tests/shell/testcases/sets/0028autoselect_0 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tests/shell/testcases/sets/0028autoselect_0 b/tests/shell/testcases/sets/0028autoselect_0 new file mode 100755 index 00000000..fdda832b --- /dev/null +++ b/tests/shell/testcases/sets/0028autoselect_0 @@ -0,0 +1,17 @@ +#!/bin/bash + +# This testscase checks kernel picks a suitable set backends. +# Ruleset attempts to update from packet path, so set backend +# needs an ->update() implementation. + +set -e + +$NFT add table t +$NFT add set t s1 { type inet_proto \; } +$NFT add set t s2 { type ipv4_addr \; } +$NFT add set t s3 { type ipv4_addr \; size 1024\; } +$NFT add chain t c {type filter hook input priority 0 \; } + +$NFT add rule t c meta iifname foobar set add ip protocol @s1 +$NFT add rule t c meta iifname foobar set add ip daddr @s2 +$NFT add rule t c meta iifname foobar set add ip daddr @s3 |