summaryrefslogtreecommitdiffstats
path: root/tests/shell/testcases/maps/named_limits
blob: 5604f6caeda6b247d05665cc2d88ba74c9da8fb0 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

#!/bin/bash

dumpfile=$(dirname $0)/dumps/$(basename $0).nft

$NFT -f "$dumpfile" || exit 1

add_add_then_create()
{
	cmd="$@"

	$NFT "add element inet filter $cmd" || exit 2

	# again, kernel should suppress -EEXIST
	$NFT "add element inet filter $cmd" || exit 3

	# AGAIN, kernel should report -EEXIST
	$NFT "create element inet filter $cmd" && echo "$cmd worked" 1>&2 && exit 4
}

add_create_dupe()
{
	cmd="$@"

	$NFT "add element inet filter $cmd" && echo "$cmd worked" 1>&2 && exit 10
	$NFT "create element inet filter $cmd" && echo "$cmd worked" 1>&2 && exit 11
}

delete()
{
	cmd="$@"

	$NFT "delete element inet filter $cmd" || exit 30
	$NFT "delete element inet filter $cmd" && echo "$cmd worked" 1>&2 && exit 31

	# destroy should NOT report an error
#	$NFT "destroy element inet filter $cmd" || exit 40
}

add_add_then_create 'saddr6limit { fee1::dead : "tarpit-pps" }'
add_add_then_create 'saddr6limit { c01a::/64 : "tarpit-bps" }'

# test same with a diffent set type (concat + interval)
add_add_then_create 'addr4limit { udp . 1.2.3.4 . 42 : "tarpit-pps", tcp . 1.2.3.4 . 42 : "tarpit-pps" }'

# now test duplicate key with *DIFFERENT* limiter, should fail
add_create_dupe 'saddr6limit { fee1::dead : "tarpit-bps" }'

add_create_dupe 'addr4limit { udp . 1.2.3.4 . 42 : "tarpit-pps", tcp . 1.2.3.4 . 42 : "http-bulk-rl-10m" }'
add_create_dupe 'addr4limit { udp . 1.2.3.4 . 43 : "tarpit-pps", tcp . 1.2.3.4 . 42 : "http-bulk-rl-10m" }'
add_create_dupe 'addr4limit { udp . 1.2.3.5 . 42 : "tarpit-pps", tcp . 1.2.3.4 . 42 : "http-bulk-rl-10m" }'
add_create_dupe 'addr4limit { udp . 1.2.3.4 . 42 : "tarpit-bps", tcp . 1.2.3.4 . 42 : "tarpit-pps" }'

# delete keys again
delete 'addr4limit { udp . 1.2.3.4 . 42 : "tarpit-pps", tcp . 1.2.3.4 . 42 :"tarpit-pps" }'

delete 'saddr6limit { fee1::dead : "tarpit-pps" }'
delete 'saddr6limit { c01a::/64 : "tarpit-bps" }'

exit 0