diff options
| author | Florian Westphal <fw@strlen.de> | 2021-10-19 14:07:25 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2021-10-19 14:08:41 +0200 |
| commit | e632eea21f4b3d03b629a5c1ac7e776d65785873 (patch) | |
| tree | bac5250bcac308d4af57ae5cd7ed4f4a4ca461cc | |
| parent | 88c44060855db67a13170886720658e11ef09763 (diff) | |
tests: shell: auto-removal of chain hook on netns removal
This is the nft equivalent of the syzbot report that lead to
kernel commit 68a3765c659f8
("netfilter: nf_tables: skip netdev events generated on netns removal").
Signed-off-by: Florian Westphal <fw@strlen.de>
| -rwxr-xr-x | tests/shell/testcases/chains/0043chain_ingress_0 | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/tests/shell/testcases/chains/0043chain_ingress_0 b/tests/shell/testcases/chains/0043chain_ingress_0 index 86dc075d..bff46468 100755 --- a/tests/shell/testcases/chains/0043chain_ingress_0 +++ b/tests/shell/testcases/chains/0043chain_ingress_0 @@ -14,5 +14,11 @@ RULESET="table inet filter { } }" +# Test auto-removal of chain hook on netns removal +unshare -n bash -c "ip link add br0 type bridge; \ + $NFT add table netdev test; \ + $NFT add chain netdev test ingress { type filter hook ingress device \"br0\" priority 0\; policy drop\; } ; \ +" || exit 1 + $NFT -f - <<< "$RULESET" && exit 0 exit 1 |