diff options
Diffstat (limited to 'tests/shell')
5 files changed, 59 insertions, 0 deletions
diff --git a/tests/shell/testcases/cache/0003_cache_update_0 b/tests/shell/testcases/cache/0003_cache_update_0 index fa9b5df3..05edc9c7 100755 --- a/tests/shell/testcases/cache/0003_cache_update_0 +++ b/tests/shell/testcases/cache/0003_cache_update_0 @@ -34,6 +34,9 @@ EOF # add rule ip t4 c meta l4proto icmp accept -> rule to reference in next step # add rule ip t4 c index 0 drop -> index 0 is not found due to rule cache not # being updated +# add rule ip t4 c index 2 drop -> index 2 is not found due to igmp rule being +# in same transaction and therefore not having +# an allocated handle $NFT -i >/dev/null <<EOF add table ip t4; add chain ip t4 c add rule ip t4 c meta l4proto icmp accept @@ -41,3 +44,7 @@ EOF $NFT -f - >/dev/null <<EOF add rule ip t4 c index 0 drop EOF +$NFT -f - >/dev/null <<EOF +add rule ip t4 c meta l4proto igmp accept +add rule ip t4 c index 2 drop +EOF diff --git a/tests/shell/testcases/transactions/0024rule_0 b/tests/shell/testcases/transactions/0024rule_0 new file mode 100755 index 00000000..4c1ac41d --- /dev/null +++ b/tests/shell/testcases/transactions/0024rule_0 @@ -0,0 +1,17 @@ +#!/bin/bash + +RULESET="flush ruleset +add table x +add chain x y +add rule x y accept comment rule1 +add rule x y accept comment rule4 +add rule x y index 0 accept comment rule2 +insert rule x y index 2 accept comment rule3" + +$NFT -f - <<< "$RULESET" && \ + $NFT -f - <<< "$RULESET" && \ + echo "$RULESET" | tr '\n' ';' | $NFT -i >/dev/null && \ + exit 0 +echo "E: intra-transaction rule reference failed" +exit 1 + diff --git a/tests/shell/testcases/transactions/0025rule_0 b/tests/shell/testcases/transactions/0025rule_0 new file mode 100755 index 00000000..d72d5cfc --- /dev/null +++ b/tests/shell/testcases/transactions/0025rule_0 @@ -0,0 +1,21 @@ +#!/bin/bash + +# make sure stored delete/replace rule commands are correctly applied + +set -e + +$NFT -f - <<EOF +flush ruleset +table x { + chain y { + accept + log + } +} +EOF + +$NFT -f - <<EOF +replace rule x y handle 2 log +delete rule x y handle 3 +add rule x y index 0 drop +EOF diff --git a/tests/shell/testcases/transactions/dumps/0024rule_0.nft b/tests/shell/testcases/transactions/dumps/0024rule_0.nft new file mode 100644 index 00000000..7860ff65 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0024rule_0.nft @@ -0,0 +1,8 @@ +table ip x { + chain y { + accept comment "rule1" + accept comment "rule2" + accept comment "rule3" + accept comment "rule4" + } +} diff --git a/tests/shell/testcases/transactions/dumps/0025rule_0.nft b/tests/shell/testcases/transactions/dumps/0025rule_0.nft new file mode 100644 index 00000000..dcb61ae6 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0025rule_0.nft @@ -0,0 +1,6 @@ +table ip x { + chain y { + log + drop + } +} |