summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2021-10-19 14:07:25 +0200
committerFlorian Westphal <fw@strlen.de>2021-10-19 14:08:41 +0200
commite632eea21f4b3d03b629a5c1ac7e776d65785873 (patch)
treebac5250bcac308d4af57ae5cd7ed4f4a4ca461cc
parent88c44060855db67a13170886720658e11ef09763 (diff)
tests: shell: auto-removal of chain hook on netns removal
This is the nft equivalent of the syzbot report that lead to kernel commit 68a3765c659f8 ("netfilter: nf_tables: skip netdev events generated on netns removal"). Signed-off-by: Florian Westphal <fw@strlen.de>
-rwxr-xr-xtests/shell/testcases/chains/0043chain_ingress_06
1 files changed, 6 insertions, 0 deletions
diff --git a/tests/shell/testcases/chains/0043chain_ingress_0 b/tests/shell/testcases/chains/0043chain_ingress_0
index 86dc075d..bff46468 100755
--- a/tests/shell/testcases/chains/0043chain_ingress_0
+++ b/tests/shell/testcases/chains/0043chain_ingress_0
@@ -14,5 +14,11 @@ RULESET="table inet filter {
}
}"
+# Test auto-removal of chain hook on netns removal
+unshare -n bash -c "ip link add br0 type bridge; \
+ $NFT add table netdev test; \
+ $NFT add chain netdev test ingress { type filter hook ingress device \"br0\" priority 0\; policy drop\; } ; \
+" || exit 1
+
$NFT -f - <<< "$RULESET" && exit 0
exit 1