diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-11-21 21:23:37 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-11-22 12:15:51 +0100 |
commit | cb2c37ca3adb7809035ec4ff5d01ffa532839875 (patch) | |
tree | 9510ad7547e45411143154a1b47c9ee81ae6dfc6 /tests/shell | |
parent | fff913c1eefbc84eb2d9c52038ef29fe881e9ee9 (diff) |
tests: shell: skip if kernel does not allow to restore set element expiration
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell')
-rwxr-xr-x | tests/shell/features/setelem_expiration.sh | 18 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0036add_set_element_expiration_0 | 2 |
2 files changed, 20 insertions, 0 deletions
diff --git a/tests/shell/features/setelem_expiration.sh b/tests/shell/features/setelem_expiration.sh new file mode 100755 index 00000000..c539ceba --- /dev/null +++ b/tests/shell/features/setelem_expiration.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +# v5.3-rc1~140^2~153^2~8 +# 79ebb5bb4e38 ("netfilter: nf_tables: enable set expiration time for set elements") + +RULESET="table ip x { + set y { + type ipv4_addr + flags dynamic + timeout 1h + } +}" + +$NFT -f - <<< $RULESET + +$NFT add element ip x y { 1.1.1.1 timeout 1h expires 15m59s } + +$NFT list ruleset | grep "expires 15m" diff --git a/tests/shell/testcases/sets/0036add_set_element_expiration_0 b/tests/shell/testcases/sets/0036add_set_element_expiration_0 index 0fd016e9..d961ffd4 100755 --- a/tests/shell/testcases/sets/0036add_set_element_expiration_0 +++ b/tests/shell/testcases/sets/0036add_set_element_expiration_0 @@ -1,5 +1,7 @@ #!/bin/bash +# NFT_TEST_REQUIRES(NFT_TEST_HAVE_setelem_expiration) + set -e drop_seconds() { |