diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-03-21 11:00:40 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-03-21 11:03:46 +0100 |
| commit | 1f3d0b9cf9cc823c1f747650a84f1b43817d460f (patch) | |
| tree | a7740e2572a9707a29360a0d0430bc6fd65ee5b1 /tests/shell | |
| parent | 986272519136d7ae91d9bad1e6296a21bc4a3ef2 (diff) | |
tests: shell: extend coverage for set element statements
Add a test to cover the existing set element statements.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
| -rw-r--r-- | tests/shell/testcases/sets/dumps/set_stmt.nft | 62 | ||||
| -rwxr-xr-x | tests/shell/testcases/sets/set_stmt | 48 |
2 files changed, 110 insertions, 0 deletions
diff --git a/tests/shell/testcases/sets/dumps/set_stmt.nft b/tests/shell/testcases/sets/dumps/set_stmt.nft new file mode 100644 index 00000000..f8cf08a1 --- /dev/null +++ b/tests/shell/testcases/sets/dumps/set_stmt.nft @@ -0,0 +1,62 @@ +table ip x { + set y0 { + type ipv4_addr + counter + elements = { 2.2.2.0 counter packets 3 bytes 4, + 3.3.3.0 counter packets 1 bytes 2, + 5.5.5.0 counter packets 1 bytes 2, + 6.6.6.0 counter packets 3 bytes 4 } + } + + set y1 { + type ipv4_addr + limit rate 1/second burst 5 packets + elements = { 2.2.2.1 limit rate 5/second burst 5 packets, + 3.3.3.1 limit rate 1/second burst 5 packets, + 5.5.5.1 limit rate 1/second burst 5 packets, + 6.6.6.1 limit rate 5/second burst 5 packets } + } + + set y2 { + type ipv4_addr + ct count over 2 + } + + set y3 { + type ipv4_addr + last + elements = { 2.2.2.3 last used never, + 3.3.3.3 last used never, + 5.5.5.3 last used never, + 6.6.6.3 last used never } + } + + set y4 { + type ipv4_addr + quota over 1000 bytes + elements = { 2.2.2.4 quota over 30000 bytes used 1000 bytes, + 3.3.3.4 quota over 1000 bytes, + 5.5.5.4 quota over 1000 bytes, + 6.6.6.4 quota over 30000 bytes used 1000 bytes } + } + + chain y0 { + ip daddr @y0 + } + + chain y1 { + ip daddr @y1 + } + + chain y2 { + ip daddr @y2 + } + + chain y3 { + ip daddr @y3 + } + + chain y4 { + ip daddr @y4 + } +} diff --git a/tests/shell/testcases/sets/set_stmt b/tests/shell/testcases/sets/set_stmt new file mode 100755 index 00000000..0433b676 --- /dev/null +++ b/tests/shell/testcases/sets/set_stmt @@ -0,0 +1,48 @@ +#!/bin/bash + +test_set_stmt() { + local i=$1 + local stmt1=$2 + local stmt2=$3 + + RULESET="table x { + set y$i { + type ipv4_addr + $stmt1 + elements = { 5.5.5.$i $stmt1, + 6.6.6.$i $stmt2 } + } + chain y$i { + ip daddr @y$i + } +}" + + $NFT -f - <<< $RULESET + # should work + if [ $? -ne 0 ] + then + exit 1 + fi + + # should work + $NFT add element x y$i { 2.2.2.$i $stmt2 } + if [ $? -ne 0 ] + then + exit 1 + fi + + # should work + $NFT add element x y$i { 3.3.3.$i } + if [ $? -ne 0 ] + then + exit 1 + fi +} + +test_set_stmt "0" "counter packets 1 bytes 2" "counter packets 3 bytes 4" +test_set_stmt "1" "limit rate 1/second" "limit rate 5/second" +test_set_stmt "2" "ct count over 2" "ct count over 5" +test_set_stmt "3" "last" "last" +test_set_stmt "4" "quota over 1000 bytes" "quota over 30000 bytes used 1000 bytes" + +exit 0 |