summaryrefslogtreecommitdiffstats
path: root/tests/shell/testcases/nft-f/0005rollback_map_0
blob: ba1fcc5960652175ecc92c70daa66911591ed03f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#!/bin/bash

# test a kernel rollback operation
# fail reason: invalid map

tmpfile=$(mktemp)
if [ ! -w $tmpfile ] ; then
	echo "Failed to create tmp file" >&2
	exit 0
fi

trap "rm -rf $tmpfile" EXIT # cleanup if aborted

GOOD_RULESET="table ip t {
	set t {
		type ipv4_addr
		elements = { 1.1.1.1 }
	}

	chain c {
		ct state new
		tcp dport { 22222 }
		ip saddr @t drop
		jump other
	}

	chain other {
	}
}"

BAD_RULESET="flush ruleset
table ip t2 {
	chain c2 {
		tcp dport map { 22222: jump other, 11111: jump invalid }
	}

	chain other {
	}
}"

echo "$GOOD_RULESET" > $tmpfile
$NFT -f $tmpfile
if [ $? -ne 0 ] ; then
	echo "E: unable to load good ruleset" >&2
	exit 1
fi

echo "$BAD_RULESET" > $tmpfile
$NFT -f $tmpfile 2>/dev/null
if [ $? -eq 0 ]	; then
	echo "E: bogus ruleset loaded?" >&2
	exit 1
fi