diff options
Diffstat (limited to 'tests/shell/testcases/sets/0043concatenated_ranges_0')
-rwxr-xr-x | tests/shell/testcases/sets/0043concatenated_ranges_0 | 109 |
1 files changed, 62 insertions, 47 deletions
diff --git a/tests/shell/testcases/sets/0043concatenated_ranges_0 b/tests/shell/testcases/sets/0043concatenated_ranges_0 index a783dacc..a3dbf5bf 100755 --- a/tests/shell/testcases/sets/0043concatenated_ranges_0 +++ b/tests/shell/testcases/sets/0043concatenated_ranges_0 @@ -1,4 +1,7 @@ -#!/bin/sh -e +#!/bin/bash -e +# +# NFT_TEST_REQUIRES(NFT_TEST_HAVE_pipapo) +# NFT_TEST_SKIP(NFT_TEST_SKIP_slow) # # 0043concatenated_ranges_0 - Add, get, list, timeout for concatenated ranges # @@ -6,21 +9,15 @@ # all possible permutations, and: # - add entries to set # - list them -# - check that they can't be added again # - get entries by specifying a value matching ranges for all fields # - delete them +# - check that they can't be deleted again # - add them with 1s timeout -# - check that they can't be added again right away # - check that they are not listed after 1s, just once, for the first entry # - delete them # - make sure they can't be deleted again -if [ "$(ps -o comm= $PPID)" = "run-tests.sh" ]; then - # Skip some permutations on a full test suite run to keep it quick - TYPES="ipv4_addr ipv6_addr ether_addr inet_service" -else - TYPES="ipv4_addr ipv6_addr ether_addr inet_proto inet_service mark" -fi +TYPES="ipv4_addr ipv6_addr ether_addr inet_proto inet_service mark" RULESPEC_ipv4_addr="ip saddr" ELEMS_ipv4_addr="192.0.2.1 198.51.100.0/25 203.0.113.0-203.0.113.129" @@ -63,27 +60,31 @@ cat <<'EOF' > "${tmp}" flush ruleset table inet filter { - set test { - type ${ta} . ${tb} . ${tc} + ${setmap} test { + type ${ta} . ${tb} . ${tc} ${mapt} flags interval,timeout - elements = { ${a1} . ${b1} . ${c1} , - ${a2} . ${b2} . ${c2} , - ${a3} . ${b3} . ${c3} } + elements = { ${a1} . ${b1} . ${c1} ${mapv}, + ${a2} . ${b2} . ${c2} ${mapv}, + ${a3} . ${b3} . ${c3} ${mapv}, } } chain output { type filter hook output priority 0; policy accept; - ${sa} . ${sb} . ${sc} @test counter + ${rule} @test counter } } EOF timeout_tested=0 +run_test() +{ +setmap="$1" for ta in ${TYPES}; do eval a=\$ELEMS_${ta} a1=${a%% *}; a2=$(expr "$a" : ".* \(.*\) .*"); a3=${a##* } eval sa=\$RULESPEC_${ta} + mark=0 for tb in ${TYPES}; do [ "${tb}" = "${ta}" ] && continue if [ "${tb}" = "ipv6_addr" ]; then @@ -107,41 +108,46 @@ for ta in ${TYPES}; do [ "${tb}" = "ipv6_addr" ] && continue fi - echo "TYPE: ${ta} ${tb} ${tc}" + echo "$setmap TYPE: ${ta} ${tb} ${tc}" eval c=\$ELEMS_${tc} c1=${c%% *}; c2=$(expr "$c" : ".* \(.*\) .*"); c3=${c##* } eval sc=\$RULESPEC_${tc} - render ${tmp} | ${NFT} -f - + case "${setmap}" in + "set") + mapt="" + mapv="" + rule="${sa} . ${sb} . ${sc}" + ;; + "map") + mapt=": mark" + mark=42 + mapv=$(printf " : 0x%08x" ${mark}) + rule="meta mark set ${sa} . ${sb} . ${sc} map" + ;; + esac - [ $(${NFT} list set inet filter test | \ - grep -c -e "${a1} . ${b1} . ${c1}" \ - -e "${a2} . ${b2} . ${c2}" \ - -e "${a3} . ${b3} . ${c3}") -eq 3 ] + render ${tmp} | ${NFT} -f - - ! ${NFT} "add element inet filter test \ - { ${a1} . ${b1} . ${c1} }; - add element inet filter test \ - { ${a2} . ${b2} . ${c2} }; - add element inet filter test \ - { ${a3} . ${b3} . ${c3} }" 2>/dev/null + [ $(${NFT} list ${setmap} inet filter test | \ + grep -c -e "${a1} . ${b1} . ${c1}${mapv}" \ + -e "${a2} . ${b2} . ${c2}${mapv}" \ + -e "${a3} . ${b3} . ${c3}${mapv}") -eq 3 ] ${NFT} delete element inet filter test \ - "{ ${a1} . ${b1} . ${c1} }" - ! ${NFT} delete element inet filter test \ - "{ ${a1} . ${b1} . ${c1} }" 2>/dev/null + "{ ${a1} . ${b1} . ${c1}${mapv} }" + ${NFT} delete element inet filter test \ + "{ ${a1} . ${b1} . ${c1}${mapv} }" \ + 2>/dev/null && exit 1 eval add_a=\$ADD_${ta} eval add_b=\$ADD_${tb} eval add_c=\$ADD_${tc} ${NFT} add element inet filter test \ - "{ ${add_a} . ${add_b} . ${add_c} timeout 1s}" - [ $(${NFT} list set inet filter test | \ + "{ ${add_a} . ${add_b} . ${add_c} timeout 2m${mapv}}" + [ $(${NFT} list ${setmap} inet filter test | \ grep -c "${add_a} . ${add_b} . ${add_c}") -eq 1 ] - ! ${NFT} add element inet filter test \ - "{ ${add_a} . ${add_b} . ${add_c} timeout 1s}" \ - 2>/dev/null eval get_a=\$GET_${ta} eval get_b=\$GET_${tb} @@ -150,31 +156,40 @@ for ta in ${TYPES}; do exp_b=${get_b##* }; get_b=${get_b%% *} exp_c=${get_c##* }; get_c=${get_c%% *} [ $(${NFT} get element inet filter test \ - "{ ${get_a} . ${get_b} . ${get_c} }" | \ + "{ ${get_a} . ${get_b} . ${get_c}${mapv} }" | \ grep -c "${exp_a} . ${exp_b} . ${exp_c}") -eq 1 ] ${NFT} "delete element inet filter test \ - { ${a2} . ${b2} . ${c2} }; + { ${a2} . ${b2} . ${c2}${mapv} }; delete element inet filter test \ - { ${a3} . ${b3} . ${c3} }" - ! ${NFT} "delete element inet filter test \ - { ${a2} . ${b2} . ${c2} }; + { ${a3} . ${b3} . ${c3}${mapv} }" + ${NFT} "delete element inet filter test \ + { ${a2} . ${b2} . ${c2}${mapv} }; delete element inet filter test \ - { ${a3} . ${b3} . ${c3} }" 2>/dev/null + { ${a3} . ${b3} . ${c3} ${mapv} }" \ + 2>/dev/null && exit 1 if [ ${timeout_tested} -eq 1 ]; then ${NFT} delete element inet filter test \ - "{ ${add_a} . ${add_b} . ${add_c} }" - ! ${NFT} delete element inet filter test \ - "{ ${add_a} . ${add_b} . ${add_c} }" \ - 2>/dev/null + "{ ${add_a} . ${add_b} . ${add_c} ${mapv} }" + ${NFT} delete element inet filter test \ + "{ ${add_a} . ${add_b} . ${add_c} ${mapv} }" \ + 2>/dev/null && exit 1 continue fi + ${NFT} delete element inet filter test \ + "{ ${add_a} . ${add_b} . ${add_c} ${mapv}}" + ${NFT} add element inet filter test \ + "{ ${add_a} . ${add_b} . ${add_c} timeout 1s${mapv}}" sleep 1 - [ $(${NFT} list set inet filter test | \ - grep -c "${add_a} . ${add_b} . ${add_c}") -eq 0 ] + [ $(${NFT} list ${setmap} inet filter test | \ + grep -c "${add_a} . ${add_b} . ${add_c} ${mapv}") -eq 0 ] timeout_tested=1 done done done +} + +run_test "set" +run_test "map" |