diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-06-18 21:57:46 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-07-29 03:53:08 +0200 |
| commit | d83bd130529c08d5f0ab36af98ea03b288f3d83f (patch) | |
| tree | f9702938a29e0cbcf8a7408d3c7d68ce715248da | |
| parent | 125bc1462b790c4532810a0c61633d088717b9c5 (diff) | |
Revert "evaluate: allow to re-use existing metered set"
This reverts commit 639a111e91341cffdc6d86b847aa654646c799cf.
Conversion to dynamic set is not available in 1.0.6.y
| -rw-r--r-- | tests/shell/testcases/sets/dumps/meter_set_reuse.json-nft | 105 | ||||
| -rw-r--r-- | tests/shell/testcases/sets/dumps/meter_set_reuse.nft | 11 | ||||
| -rwxr-xr-x | tests/shell/testcases/sets/meter_set_reuse | 20 |
3 files changed, 0 insertions, 136 deletions
diff --git a/tests/shell/testcases/sets/dumps/meter_set_reuse.json-nft b/tests/shell/testcases/sets/dumps/meter_set_reuse.json-nft deleted file mode 100644 index ab4ac061..00000000 --- a/tests/shell/testcases/sets/dumps/meter_set_reuse.json-nft +++ /dev/null @@ -1,105 +0,0 @@ -{ - "nftables": [ - { - "metainfo": { - "version": "VERSION", - "release_name": "RELEASE_NAME", - "json_schema_version": 1 - } - }, - { - "table": { - "family": "ip", - "name": "filter", - "handle": 0 - } - }, - { - "chain": { - "family": "ip", - "table": "filter", - "name": "input", - "handle": 0 - } - }, - { - "set": { - "family": "ip", - "name": "http1", - "table": "filter", - "type": [ - "inet_service", - "ipv4_addr" - ], - "handle": 0, - "size": 65535, - "flags": [ - "dynamic" - ] - } - }, - { - "rule": { - "family": "ip", - "table": "filter", - "chain": "input", - "handle": 0, - "expr": [ - { - "match": { - "op": "==", - "left": { - "payload": { - "protocol": "tcp", - "field": "dport" - } - }, - "right": 80 - } - }, - { - "set": { - "op": "add", - "elem": { - "concat": [ - { - "payload": { - "protocol": "tcp", - "field": "dport" - } - }, - { - "payload": { - "protocol": "ip", - "field": "saddr" - } - } - ] - }, - "set": "@http1", - "stmt": [ - { - "limit": { - "rate": 200, - "burst": 5, - "per": "second", - "inv": true - } - } - ] - } - }, - { - "counter": { - "packets": 0, - "bytes": 0 - } - }, - { - "drop": null - } - ] - } - } - ] -} diff --git a/tests/shell/testcases/sets/dumps/meter_set_reuse.nft b/tests/shell/testcases/sets/dumps/meter_set_reuse.nft deleted file mode 100644 index f911acaf..00000000 --- a/tests/shell/testcases/sets/dumps/meter_set_reuse.nft +++ /dev/null @@ -1,11 +0,0 @@ -table ip filter { - set http1 { - type inet_service . ipv4_addr - size 65535 - flags dynamic - } - - chain input { - tcp dport 80 add @http1 { tcp dport . ip saddr limit rate over 200/second burst 5 packets } counter packets 0 bytes 0 drop - } -} diff --git a/tests/shell/testcases/sets/meter_set_reuse b/tests/shell/testcases/sets/meter_set_reuse deleted file mode 100755 index 94eccc1a..00000000 --- a/tests/shell/testcases/sets/meter_set_reuse +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -set -e - -addrule() -{ - $NFT add rule ip filter input tcp dport 80 meter http1 { tcp dport . ip saddr limit rate over 200/second } counter drop -} - -$NFT add table filter -$NFT add chain filter input -addrule - -$NFT list meters - -# This used to remove the anon set, but not anymore -$NFT flush chain filter input - -# This re-add should work. -addrule |