src: add support to command "destroy"

"destroy" command performs a deletion as "delete" command but does not fail if the object does not exist. As there is no NLM_F_* flag for ignoring such error, it needs to be ignored directly on error handling. Example of use: # nft list ruleset table ip filter { chain output { } } # nft destroy table ip missingtable # echo $? 0 # nft list ruleset table ip filter { chain output { } } Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Fernando F. Mancera <ffmancera@riseup.net> 2023-02-06 11:06:42 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2023-02-06 11:09:38 +0100
commit: e1dfd5cc4c46514a84dd8a2063b45517b596e1ca (patch)
tree: 5a3501a87795ae93e433f2fb2a133bb3ffe97375 /tests/shell
parent: b691e2ea1d643adeb89c576a105f08cfff677cfb (diff)
4 files changed, 23 insertions, 0 deletions
diff --git a/tests/shell/testcases/rule_management/0011destroy_0 b/tests/shell/testcases/rule_management/0011destroy_0
new file mode 100755
index 00000000..895c24a4
--- /dev/null
+++ b/tests/shell/testcases/rule_management/0011destroy_0
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -e
+$NFT add table t
+$NFT add chain t c
+$NFT insert rule t c accept # should have handle 2
+
+$NFT destroy rule t c handle 2
diff --git a/tests/shell/testcases/rule_management/0012destroy_0 b/tests/shell/testcases/rule_management/0012destroy_0
new file mode 100755
index 00000000..1b61155e
--- /dev/null
+++ b/tests/shell/testcases/rule_management/0012destroy_0
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -e
+$NFT add table t
+$NFT add chain t c
+
+$NFT destroy rule t c handle 3333
diff --git a/tests/shell/testcases/rule_management/dumps/0011destroy_0.nft b/tests/shell/testcases/rule_management/dumps/0011destroy_0.nft
new file mode 100644
index 00000000..1e0d1d60
--- /dev/null
+++ b/tests/shell/testcases/rule_management/dumps/0011destroy_0.nft
@@ -0,0 +1,4 @@
+table ip t {
+	chain c {
+	}
+}
diff --git a/tests/shell/testcases/rule_management/dumps/0012destroy_0.nft b/tests/shell/testcases/rule_management/dumps/0012destroy_0.nft
new file mode 100644
index 00000000..1e0d1d60
--- /dev/null
+++ b/tests/shell/testcases/rule_management/dumps/0012destroy_0.nft
@@ -0,0 +1,4 @@
+table ip t {
+	chain c {
+	}
+}
author	Fernando F. Mancera <ffmancera@riseup.net>	2023-02-06 11:06:42 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2023-02-06 11:09:38 +0100
commit	e1dfd5cc4c46514a84dd8a2063b45517b596e1ca (patch)
tree	5a3501a87795ae93e433f2fb2a133bb3ffe97375 /tests/shell
parent	b691e2ea1d643adeb89c576a105f08cfff677cfb (diff)