diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/nft-parsing-test.c | 10 | ||||
-rw-r--r-- | tests/xmlfiles/73-set.xml | 39 | ||||
-rw-r--r-- | tests/xmlfiles/74-set.xml | 36 |
3 files changed, 85 insertions, 0 deletions
diff --git a/tests/nft-parsing-test.c b/tests/nft-parsing-test.c index 83a627c..0734f07 100644 --- a/tests/nft-parsing-test.c +++ b/tests/nft-parsing-test.c @@ -9,6 +9,7 @@ #include <libnftables/table.h> #include <libnftables/chain.h> #include <libnftables/rule.h> +#include <libnftables/set.h> #ifdef XML_PARSING #include <mxml.h> @@ -62,6 +63,7 @@ static int test_xml(const char *filename) struct nft_table *t = NULL; struct nft_chain *c = NULL; struct nft_rule *r = NULL; + struct nft_set *s = NULL; FILE *fp; mxml_node_t *tree = NULL;; char *xml = NULL; @@ -102,6 +104,14 @@ static int test_xml(const char *filename) nft_rule_free(r); } + } else if (strcmp(tree->value.opaque, "set") == 0) { + s = nft_set_alloc(); + if (s != NULL) { + if (nft_set_parse(s, NFT_SET_PARSE_XML, xml) == 0) + ret = 0; + + nft_set_free(s); + } } return ret; diff --git a/tests/xmlfiles/73-set.xml b/tests/xmlfiles/73-set.xml new file mode 100644 index 0000000..6807ea7 --- /dev/null +++ b/tests/xmlfiles/73-set.xml @@ -0,0 +1,39 @@ +<set> + <set_name>set0</set_name> + <set_table>filter</set_table> + <set_xml_version>0</set_xml_version> + <family>ip</family> + <set_flags>0</set_flags> + <key_type>0</key_type> + <key_len>0</key_len> + <data_type>0</data_type> + <data_len>0</data_len> + <set_elem> + <set_elem_flags>0</set_elem_flags> + <set_elem_key> + <data_reg type="value"> + <len>4</len> + <data0>0x0300a8c0</data0> + </data_reg> + </set_elem_key> + </set_elem> + <set_elem> + <set_elem_flags>0</set_elem_flags> + <set_elem_key> + <data_reg type="value"> + <len>4</len> + <data0>0x0200a8c0</data0> + </data_reg> + </set_elem_key> + </set_elem> + <set_elem> + <set_elem_flags>0</set_elem_flags> + <set_elem_key> + <data_reg type="value"> + <len>4</len> + <data0>0x0100a8c0</data0> + </data_reg> + </set_elem_key> + </set_elem> +</set> +<!-- nft add rule ip filter test ip daddr { 192.168.0.1, 192.168.0.2, 192.168.0.3 } tcp dport 443 counter accept --> diff --git a/tests/xmlfiles/74-set.xml b/tests/xmlfiles/74-set.xml new file mode 100644 index 0000000..dd65703 --- /dev/null +++ b/tests/xmlfiles/74-set.xml @@ -0,0 +1,36 @@ +<set> + <set_name>set0</set_name> + <set_table>filter</set_table> + <set_xml_version>0</set_xml_version> + <family>ip6</family> + <set_flags>0</set_flags> + <key_type>0</key_type> + <key_len>0</key_len> + <data_type>0</data_type> + <data_len>0</data_len> + <set_elem> + <set_elem_flags>0</set_elem_flags> + <set_elem_key> + <data_reg type="value"> + <len>16</len> + <data0>0xc09a002a</data0> + <data1>0x2700cac1</data1> + <data2>0x00000000</data2> + <data3>0x70010000</data3> + </data_reg> + </set_elem_key> + </set_elem> + <set_elem> + <set_elem_flags>0</set_elem_flags> + <set_elem_key> + <data_reg type="value"> + <len>16</len> + <data0>0xc09a002a</data0> + <data1>0x2700cac1</data1> + <data2>0x00000000</data2> + <data3>0x50010000</data3> + </data_reg> + </set_elem_key> + </set_elem> +</set> +<!-- nft add rule ip6 filter test ip6 daddr { 2a00:9ac0:c1ca:27::150, 2a00:9ac0:c1ca:27::170, } counter accept --> |