diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-07-20 12:17:33 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-07-20 17:47:55 +0200 |
commit | 9edaa6a51eab49a378dd358e0b4254d0398c629f (patch) | |
tree | cb44b02953b6672d4239ec6f97c3d59de5d6cb10 /tests/shell | |
parent | 640dc0c8a3daef65cd93868939b5a2877615f2d5 (diff) |
src: add --define key=value
This patch adds a new option to define variables from the command line.
# cat test.nft
table netdev x {
chain y {
type filter hook ingress devices = $dev priority 0;
counter accept
}
}
# nft --define dev="{ eth0, eth1 }" -f test.nft
You can only combine it with -f/--filename.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/testcases/nft-f/0028variable_cmdline_0 | 17 | ||||
-rw-r--r-- | tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft | 8 |
2 files changed, 25 insertions, 0 deletions
diff --git a/tests/shell/testcases/nft-f/0028variable_cmdline_0 b/tests/shell/testcases/nft-f/0028variable_cmdline_0 new file mode 100755 index 00000000..a2bbd5da --- /dev/null +++ b/tests/shell/testcases/nft-f/0028variable_cmdline_0 @@ -0,0 +1,17 @@ +#!/bin/bash + + +RULESET="table inet filter { + set whitelist_v4 { type ipv4_addr; } +} +add element inet filter whitelist_v4 \$whitelist_v4 +" + +# this is intentional: exercise error path +$NFT --define whitelist_v4="{ wrong }" -f - <<< "$RULESET" +$NFT --define whitelist_v4="{ 1.1.1.1, \$wrong }" -f - <<< "$RULESET" + +set -e + +$NFT --define whitelist_v4="{ 1.1.1.1, 2.2.2.2 }" -f - <<< "$RULESET" +$NFT --define x={5.5.5.5} --define whitelist_v4="{ 3.3.3.3, 4.4.4.4, \$x }" -f - <<< "$RULESET" diff --git a/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft b/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft new file mode 100644 index 00000000..aa081122 --- /dev/null +++ b/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft @@ -0,0 +1,8 @@ +table inet filter { + set whitelist_v4 { + type ipv4_addr + elements = { 1.1.1.1, 2.2.2.2, + 3.3.3.3, 4.4.4.4, + 5.5.5.5 } + } +} |