tests: shell: change all test scripts to return 0

The shell-based tests currently encode a return value in the file name, i.e. foo_1 expects that the script should return '1' for the test case to pass. This is very error prone, and one test case is even broken (i.e., it returns 1, but because of a different, earlier error). do_something || exit 1 or 'set -e' are both pretty common patterns, in both cases tests should fail. In those test-cases that deliberately test for an error, nft something_should_fail || exit 0 nft something_should_fail && exit 1 or a similar constructs should be used. This initial commit modififies all '_1' scripts to return 0 on success, usually via 'nft wrong || exit 0'. All tests pass, except the one broken test case that hasn't worked before either, but where 'set -e' use made it pass (the failing command is supposed to work, and the command that is supposed to fail is never run). Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2019-01-04 15:57:00 +0100
committer: Florian Westphal <fw@strlen.de> 2019-01-04 16:00:31 +0100
commit: 4d26b6dd3c4c8354a88c4a1aef8ea33229f0a4cc (patch)
tree: 1e82c9b480038033c65cd7d17b08f24e149bcd82 /tests/shell/testcases/chains
parent: eb49882deb3e9ec5eccd6e6106b454e3a6394408 (diff)
23 files changed, 65 insertions, 32 deletions
diff --git a/tests/shell/testcases/chains/0002jumps_1 b/tests/shell/testcases/chains/0002jumps_1
index 4d163b05..aa70037f 100755
--- a/tests/shell/testcases/chains/0002jumps_1
+++ b/tests/shell/testcases/chains/0002jumps_1
@@ -20,5 +20,7 @@ done
 
 # this last jump should fail: too many links
 $NFT add chain t c$((MAX_JUMPS + 1))
-$NFT add rule t c${MAX_JUMPS} jump c$((MAX_JUMPS + 1)) 2>/dev/null
+
+$NFT add rule t c${MAX_JUMPS} jump c$((MAX_JUMPS + 1)) 2>/dev/null || exit 0
 echo "E: max jumps ignored?" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0003jump_loop_1 b/tests/shell/testcases/chains/0003jump_loop_1
index f74361f2..80e243f0 100755
--- a/tests/shell/testcases/chains/0003jump_loop_1
+++ b/tests/shell/testcases/chains/0003jump_loop_1
@@ -17,5 +17,6 @@ do
 done
 
 # this last jump should fail: loop
-$NFT add rule t c${MAX_JUMPS} jump c1 2>/dev/null
+$NFT add rule t c${MAX_JUMPS} jump c1 2>/dev/null || exit 0
 echo "E: loop of jumps ignored?" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0004busy_1 b/tests/shell/testcases/chains/0004busy_1
index cc9a0dad..e68d1baa 100755
--- a/tests/shell/testcases/chains/0004busy_1
+++ b/tests/shell/testcases/chains/0004busy_1
@@ -6,6 +6,8 @@ $NFT add table t
 $NFT add chain t c1
 $NFT add chain t c2
 $NFT add rule t c1 jump c2
+
 # kernel should return EBUSY
-$NFT delete chain t c2 2>/dev/null
+$NFT delete chain t c2 2>/dev/null || exit 0
 echo "E: deleted a busy chain?" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0005busy_map_1 b/tests/shell/testcases/chains/0005busy_map_1
index 93eca827..c800f193 100755
--- a/tests/shell/testcases/chains/0005busy_map_1
+++ b/tests/shell/testcases/chains/0005busy_map_1
@@ -6,6 +6,8 @@ $NFT add table t
 $NFT add chain t c1
 $NFT add chain t c2
 $NFT add rule t c1 tcp dport vmap { 1 : jump c2 }
+
 # kernel should return EBUSY
-$NFT delete chain t c2 2>/dev/null
+$NFT delete chain t c2 2>/dev/null || exit 0
 echo "E: deleted a busy chain?" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0007masquerade_1 b/tests/shell/testcases/chains/0007masquerade_1
index 4e98d106..4434c898 100755
--- a/tests/shell/testcases/chains/0007masquerade_1
+++ b/tests/shell/testcases/chains/0007masquerade_1
@@ -4,6 +4,8 @@ set -e
 
 $NFT add table t
 $NFT add chain t c1 {type filter hook output priority 0 \; }
+
 # wrong hook output, only postrouting is valid
-$NFT add rule t c1 masquerade 2>/dev/null
+$NFT add rule t c1 masquerade 2>/dev/null || exit 0
 echo "E: accepted masquerade in output hook" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0008masquerade_jump_1 b/tests/shell/testcases/chains/0008masquerade_jump_1
index 7754ed03..aee1475f 100755
--- a/tests/shell/testcases/chains/0008masquerade_jump_1
+++ b/tests/shell/testcases/chains/0008masquerade_jump_1
@@ -6,6 +6,8 @@ $NFT add table t
 $NFT add chain t output {type nat hook output priority 0 \; }
 $NFT add chain t c1
 $NFT add rule t c1 masquerade
+
 # kernel should return EOPNOTSUPP
-$NFT add rule t output jump c1 2>/dev/null
+$NFT add rule t output jump c1 2>/dev/null || exit 0
 echo "E: accepted masquerade in output hook" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0009masquerade_jump_1 b/tests/shell/testcases/chains/0009masquerade_jump_1
index 684d4417..2b931eeb 100755
--- a/tests/shell/testcases/chains/0009masquerade_jump_1
+++ b/tests/shell/testcases/chains/0009masquerade_jump_1
@@ -6,6 +6,8 @@ $NFT add table t
 $NFT add chain t output {type nat hook output priority 0 \; }
 $NFT add chain t c1
 $NFT add rule t c1 masquerade
+
 # kernel should return EOPNOTSUPP
-$NFT add rule t output tcp dport vmap {1 :jump c1 } 2>/dev/null
+$NFT add rule t output tcp dport vmap {1 :jump c1 } 2>/dev/null || exit 0
 echo "E: accepted masquerade in output hook in a vmap" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0010endless_jump_loop_1 b/tests/shell/testcases/chains/0010endless_jump_loop_1
index dba70e14..5d3ef239 100755
--- a/tests/shell/testcases/chains/0010endless_jump_loop_1
+++ b/tests/shell/testcases/chains/0010endless_jump_loop_1
@@ -4,6 +4,8 @@ set -e
 
 $NFT add table t
 $NFT add chain t c
+
 # kernel should return ELOOP
-$NFT add rule t c tcp dport vmap {1 : jump c} 2>/dev/null
+$NFT add rule t c tcp dport vmap {1 : jump c} 2>/dev/null || exit 0
 echo "E: accepted endless jump loop in a vmap" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0011endless_jump_loop_1 b/tests/shell/testcases/chains/0011endless_jump_loop_1
index adbff8d4..d75932d7 100755
--- a/tests/shell/testcases/chains/0011endless_jump_loop_1
+++ b/tests/shell/testcases/chains/0011endless_jump_loop_1
@@ -10,5 +10,6 @@ $NFT add element t m {2 : jump c2}
 $NFT add rule t c1 tcp dport vmap @m
 
 # kernel should return ELOOP
-$NFT add element t m {1 : jump c1} 2>/dev/null
+$NFT add element t m {1 : jump c1} 2>/dev/null || exit 0
 echo "E: accepted endless jump loop in a vmap" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0012reject_in_prerouting_1 b/tests/shell/testcases/chains/0012reject_in_prerouting_1
index 81cda0c4..0ee86c11 100755
--- a/tests/shell/testcases/chains/0012reject_in_prerouting_1
+++ b/tests/shell/testcases/chains/0012reject_in_prerouting_1
@@ -4,6 +4,8 @@ set -e
 
 $NFT add table t
 $NFT add chain t prerouting {type filter hook prerouting priority 0 \; }
+
 # wrong hook prerouting, only input/forward/output is valid
-$NFT add rule t prerouting reject 2>/dev/null
+$NFT add rule t prerouting reject 2>/dev/null || exit 0
 echo "E: accepted reject in prerouting hook" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0015check_jump_loop_1 b/tests/shell/testcases/chains/0015check_jump_loop_1
index ba40ddb9..a59bb3bf 100755
--- a/tests/shell/testcases/chains/0015check_jump_loop_1
+++ b/tests/shell/testcases/chains/0015check_jump_loop_1
@@ -7,5 +7,7 @@ $NFT add chain t c1
 $NFT add chain t c2
 $NFT add t c1 jump c2
 # kernel should return ENOENT
-$NFT add t c2 ip daddr vmap { 1 : jump c3 }
+
+$NFT add t c2 ip daddr vmap { 1 : jump c3 } || exit 0
 echo "E: Jumped to non existing chain" >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0017masquerade_jump_1 b/tests/shell/testcases/chains/0017masquerade_jump_1
index a57675f5..209e6d48 100755
--- a/tests/shell/testcases/chains/0017masquerade_jump_1
+++ b/tests/shell/testcases/chains/0017masquerade_jump_1
@@ -6,5 +6,9 @@ $NFT add table t
 $NFT add chain t input {type filter hook input priority 4 \; }
 $NFT add chain t c1
 $NFT add rule t input jump c1
+
 # kernel should return EOPNOTSUPP
-$NFT add rule t c1 masquerade 2>/dev/null >&2
+$NFT add rule t c1 masquerade 2>/dev/null >&2 || exit 0
+
+echo "E: Accepted masquerade rule in non-nat type base chain" 1>&2
+exit 1
diff --git a/tests/shell/testcases/chains/0018check_jump_loop_1 b/tests/shell/testcases/chains/0018check_jump_loop_1
index d1443dab..b87520f2 100755
--- a/tests/shell/testcases/chains/0018check_jump_loop_1
+++ b/tests/shell/testcases/chains/0018check_jump_loop_1
@@ -6,5 +6,8 @@ $NFT add table ip filter
 $NFT add chain ip filter ap1
 $NFT add chain ip filter ap2
 $NFT add rule ip filter ap1 jump ap2
+
 # kernel should return EOPNOTSUPP
-$NFT add rule ip filter ap1 jump ap1 2>/dev/null >&2
+$NFT add rule ip filter ap1 jump ap1 2>/dev/null >&2 || exit 0
+echo "E: Accepted jump-to-self"
+exit 1
diff --git a/tests/shell/testcases/chains/0019masquerade_jump_1 b/tests/shell/testcases/chains/0019masquerade_jump_1
index 4fe68c84..0ff1ac3f 100755
--- a/tests/shell/testcases/chains/0019masquerade_jump_1
+++ b/tests/shell/testcases/chains/0019masquerade_jump_1
@@ -6,5 +6,8 @@ $NFT add table t
 $NFT add chain t input {type filter hook input priority 4 \; }
 $NFT add chain t c1
 $NFT add rule t input ip saddr vmap { 1.1.1.1 : jump c1 }
+
 # kernel should return EOPNOTSUPP
-$NFT add rule t c1 masquerade 2>/dev/null >&2
+$NFT add rule t c1 masquerade 2>/dev/null >&2 || exit 0
+echo "E: accepted masquerade in chain from non-nat type basechain" 1>&2
+exit 1
diff --git a/tests/shell/testcases/chains/0020depth_1 b/tests/shell/testcases/chains/0020depth_1
index fa539c8f..23e1f826 100755
--- a/tests/shell/testcases/chains/0020depth_1
+++ b/tests/shell/testcases/chains/0020depth_1
@@ -1,7 +1,6 @@
 #!/bin/bash
 
 set -e
-
 $NFT add table ip filter
 $NFT add chain ip filter input { type filter hook input priority 0\; }
 
@@ -19,4 +18,6 @@ for ((i=11;i<19;i++)); do
 	$NFT add rule ip filter a$i jump a$((i+1))
 done
 
-$NFT add rule ip filter a10 jump a11
+$NFT add rule ip filter a10 jump a11 || exit 0
+echo "E: Expected 20th jump to fail due to jump stack exhaustion" 1>&2
+exit 1
diff --git a/tests/shell/testcases/chains/0022prio_dummy_1 b/tests/shell/testcases/chains/0022prio_dummy_1
index ecdd9456..66c44074 100755
--- a/tests/shell/testcases/chains/0022prio_dummy_1
+++ b/tests/shell/testcases/chains/0022prio_dummy_1
@@ -3,5 +3,7 @@
 set -e
 
 $NFT add table ip x
-$NFT add chain ip x y "{ type filter hook input priority dummy+1; }" &> /dev/null
+
+$NFT add chain ip x y "{ type filter hook input priority dummy+1; }" &> /dev/null || exit 0
 echo "E: dummy should not be a valid priority." >&2
+exit 1
diff --git a/tests/shell/testcases/chains/0023prio_inet_srcnat_1 b/tests/shell/testcases/chains/0023prio_inet_srcnat_1
index fa53f7a7..d2b1fa43 100755
--- a/tests/shell/testcases/chains/0023prio_inet_srcnat_1
+++ b/tests/shell/testcases/chains/0023prio_inet_srcnat_1
@@ -9,8 +9,8 @@ do
 		if (($? == 0))
 		then
 			echo "E: srcnat should not be a valid priority name in $family $hook chains." >&2
-			exit 0
+			exit 1
 		fi
 	done
 done
-exit 1
+exit 0
diff --git a/tests/shell/testcases/chains/0024prio_inet_dstnat_1 b/tests/shell/testcases/chains/0024prio_inet_dstnat_1
index a9a7264a..d112f2c9 100755
--- a/tests/shell/testcases/chains/0024prio_inet_dstnat_1
+++ b/tests/shell/testcases/chains/0024prio_inet_dstnat_1
@@ -9,8 +9,8 @@ do
 		if (($? == 0))
 		then
 			echo "E: dstnat should not be a valid priority name in $family $hook chains." >&2
-			exit 0
+			exit 1
 		fi
 	done
 done
-exit 1
+exit 0
diff --git a/tests/shell/testcases/chains/0025prio_arp_1 b/tests/shell/testcases/chains/0025prio_arp_1
index 8c671d55..1a172629 100755
--- a/tests/shell/testcases/chains/0025prio_arp_1
+++ b/tests/shell/testcases/chains/0025prio_arp_1
@@ -10,8 +10,8 @@ family=arp
 			if (($? == 0))
 			then
 				echo "E: $prioname should not be a valid priority name for arp family chains." >&2
-				exit 0
+				exit 1
 			fi
 		done
 	done
-exit 1
+exit 0
diff --git a/tests/shell/testcases/chains/0026prio_netdev_1 b/tests/shell/testcases/chains/0026prio_netdev_1
index ae022830..aa902e9b 100755
--- a/tests/shell/testcases/chains/0026prio_netdev_1
+++ b/tests/shell/testcases/chains/0026prio_netdev_1
@@ -4,12 +4,12 @@ family=netdev
 	hook=ingress
 		for prioname in raw mangle dstnat security srcnat
 		do
-			$NFT add table $family x
+			$NFT add table $family x || exit 1
 			$NFT add chain $family x y "{ type filter hook $hook device lo priority $prioname; }" &> /dev/null
 			if (($? == 0))
 			then
 				echo "E: $prioname should not be a valid priority name for netdev family chains." >&2
-				exit 0
+				exit 1
 			fi
 		done
-exit 1
+exit 0
diff --git a/tests/shell/testcases/chains/0027prio_bridge_dstnat_1 b/tests/shell/testcases/chains/0027prio_bridge_dstnat_1
index df0b6950..52c73e65 100755
--- a/tests/shell/testcases/chains/0027prio_bridge_dstnat_1
+++ b/tests/shell/testcases/chains/0027prio_bridge_dstnat_1
@@ -9,7 +9,7 @@ family=bridge
 			if (($? == 0))
 			then
 				echo "E: $prioname should not be a valid priority name for bridge $hook chains." >&2
-				exit 0
+				exit 1
 			fi
 	done
-exit 1
+exit 0
diff --git a/tests/shell/testcases/chains/0028prio_bridge_out_1 b/tests/shell/testcases/chains/0028prio_bridge_out_1
index 06fdbebb..63aa296c 100755
--- a/tests/shell/testcases/chains/0028prio_bridge_out_1
+++ b/tests/shell/testcases/chains/0028prio_bridge_out_1
@@ -9,7 +9,7 @@ family=bridge
 			if (($? == 0))
 			then
 				echo "E: $prioname should not be a valid priority name for bridge $hook chains." >&2
-				exit 0
+				exit 1
 			fi
 	done
-exit 1
+exit 0
diff --git a/tests/shell/testcases/chains/0029prio_bridge_srcnat_1 b/tests/shell/testcases/chains/0029prio_bridge_srcnat_1
index 8896a7cf..38917119 100755
--- a/tests/shell/testcases/chains/0029prio_bridge_srcnat_1
+++ b/tests/shell/testcases/chains/0029prio_bridge_srcnat_1
@@ -9,7 +9,7 @@ family=bridge
 			if (($? == 0))
 			then
 				echo "E: $prioname should not be a valid priority name for bridge $hook chains." >&2
-				exit 0
+				exit 1
 			fi
 	done
-exit 1
+exit 0
author	Florian Westphal <fw@strlen.de>	2019-01-04 15:57:00 +0100
committer	Florian Westphal <fw@strlen.de>	2019-01-04 16:00:31 +0100
commit	4d26b6dd3c4c8354a88c4a1aef8ea33229f0a4cc (patch)
tree	1e82c9b480038033c65cd7d17b08f24e149bcd82 /tests/shell/testcases/chains
parent	eb49882deb3e9ec5eccd6e6106b454e3a6394408 (diff)