diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-02-01 21:28:46 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-02-08 18:08:16 +0100 |
| commit | a80997fa9a290462c5d001c5d448ddb2fbd7da5c (patch) | |
| tree | 0c7c5ca4f2062bba0abf4816c6861c75370d216b | |
| parent | d2a62bd5c653ddfcc87c164623c4813ed175fce5 (diff) | |
tests: shell: exercise abort path with anonymous set that is bound to rule
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rwxr-xr-x | tests/shell/testcases/transactions/0043set_1 | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/tests/shell/testcases/transactions/0043set_1 b/tests/shell/testcases/transactions/0043set_1 new file mode 100755 index 00000000..a9135c19 --- /dev/null +++ b/tests/shell/testcases/transactions/0043set_1 @@ -0,0 +1,14 @@ +#!/bin/bash + +RULESET="add table ip test +add set ip test foo { type ipv4_addr; } +add chain ip test tc +add element ip test foo { 1.2.3.4 } +add rule ip test tc ip saddr { 1.2.3.4, 5.6.7.8 } accept +delete table ip test +add element ip test foo { 1.2.3.6 }" + +# kernel must return ENOENT +$NFT -f - <<< "$RULESET" 2>/dev/null || exit 0 +echo "E: allowing element insertion on unexisting set" +exit 1 |