diff options
author | Florian Westphal <fw@strlen.de> | 2023-08-17 20:37:21 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2023-08-17 20:39:20 +0200 |
commit | f3411cbf4608df4c83bb7d830ea118d923affb2e (patch) | |
tree | ac8fc4e78f089339167b1037063d658f0f3e63e5 | |
parent | 22a8e9d6471641086d7e0f9c5f782fbe30f76f21 (diff) |
tests: update bad_expression test case
Check that the ruleset also fails to validate if there is
another table that passes validation checks.
Reported-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
-rwxr-xr-x | tests/shell/testcases/transactions/bad_expression | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/tests/shell/testcases/transactions/bad_expression b/tests/shell/testcases/transactions/bad_expression index df46ceb0..a820c2b9 100755 --- a/tests/shell/testcases/transactions/bad_expression +++ b/tests/shell/testcases/transactions/bad_expression @@ -4,6 +4,14 @@ # nft must return an error. Also catch nfnetlink retry loops that # cause nft or kernel to spin. timeout 3 $NFT -f - <<EOF +table ip t0 { + chain c { } + chain input { + type filter hook input priority 0; + jump c + } +} + table ip t1 { chain a { masquerade @@ -17,6 +25,7 @@ EOF rc=$? if [ $rc -eq 0 ]; then + echo "Ruleset should have failed" 1>&2 exit 111 fi |