diff options
author | Thomas Haller <thaller@redhat.com> | 2023-10-23 15:38:18 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-10-24 11:31:01 +0200 |
commit | 92cc90eace679794f67825820d54aa6c14570a0c (patch) | |
tree | bc7b4e811661611548a5a5881155f8dae01ccdc3 /tests/shell/testcases | |
parent | f65b2d12236174d477c55e96c4027cd51185ba5e (diff) |
tests/shell: test for maximum length of "comment" in "comments_objects_0"
The comment length is limited to NFTNL_UDATA_COMMENT_MAXLEN. Test for
that.
Adjust an existing test for that.
Also rename $EXPECTED to $RULESET. We don't compare the value of
$EXPECTED against the actually configured rules. It also wouldn't work,
because the input is not normalized and wouldn't match. It also isn't
necessary, because there is a .nft dump file.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases')
-rwxr-xr-x | tests/shell/testcases/optionals/comments_objects_0 | 22 | ||||
-rw-r--r-- | tests/shell/testcases/optionals/dumps/comments_objects_0.nft | 7 |
2 files changed, 23 insertions, 6 deletions
diff --git a/tests/shell/testcases/optionals/comments_objects_0 b/tests/shell/testcases/optionals/comments_objects_0 index 7437c77b..301f5518 100755 --- a/tests/shell/testcases/optionals/comments_objects_0 +++ b/tests/shell/testcases/optionals/comments_objects_0 @@ -1,9 +1,23 @@ #!/bin/bash -EXPECTED='table ip filter { +set -e + +COMMENT128="12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678" + +# test for pass with comment that is 128 bytes long. +rc=0 +$NFT add table ip filter \{ quota foo1 \{ comment "\"${COMMENT128}\"" \}\; \}\; || rc="$?" +test "$rc" = 0 + +# test for failure with comment that is 128+1 bytes long. +rc=0 +$NFT add table ip filter \{ quota foo2 \{ comment "\"${COMMENT128}x\"" \}\; \}\; || rc="$?" +test "$rc" = 1 + +RULESET='table ip filter { quota q { over 1200 bytes - comment "test1" + comment "'"$COMMENT128"'" } counter c { @@ -39,6 +53,4 @@ EXPECTED='table ip filter { } ' -set -e - -$NFT -f - <<< "$EXPECTED" +$NFT -f - <<< "$RULESET" diff --git a/tests/shell/testcases/optionals/dumps/comments_objects_0.nft b/tests/shell/testcases/optionals/dumps/comments_objects_0.nft index b760ced6..13822209 100644 --- a/tests/shell/testcases/optionals/dumps/comments_objects_0.nft +++ b/tests/shell/testcases/optionals/dumps/comments_objects_0.nft @@ -1,6 +1,11 @@ table ip filter { + quota foo1 { + comment "12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678" + 0 bytes + } + quota q { - comment "test1" + comment "12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678" over 1200 bytes } |