diff options
| author | Thomas Haller <thaller@redhat.com> | 2023-11-14 17:08:28 +0100 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2023-11-15 13:12:06 +0100 |
| commit | 3d24b16b9ac132d26869953f54ef7c69f1c1d58f (patch) | |
| tree | c9432f7716f192c913b1aefc353bd7f220340376 /tests/shell/testcases/flowtable/dumps | |
| parent | c9caa99c52752907509584b7165ad6180764d87d (diff) | |
tests/shell: add JSON dump files
Generate and add ".json-nft" files. These files contain the output of
`nft -j list ruleset` after the test. Also, "test-wrapper.sh" will
compare the current ruleset against the ".json-nft" files and test them
with "nft -j --check -f $FILE`. These are useful extra tests, that we
almost get for free.
Note that for some JSON dumps, `nft -f --check` fails (or prints
something). For those tests no *.json-nft file is added. The bugs needs
to be fixed first.
An example of such an issue is:
$ DUMPGEN=all ./tests/shell/run-tests.sh tests/shell/testcases/maps/nat_addr_port
which gives a file "rc-failed-chkdump" with
Command `./tests/shell/../../src/nft -j --check -f "tests/shell/testcases/maps/dumps/nat_addr_port.json-nft"` failed
>>>>
internal:0:0-0: Error: Invalid map type 'ipv4_addr . inet_service'.
internal:0:0-0: Error: Parsing command array at index 3 failed.
internal:0:0-0: Error: unqualified type integer specified in map definition. Try "typeof expression" instead of "type datatype".
<<<<
Tests like "tests/shell/testcases/nft-f/0012different_defines_0" and
"tests/shell/testcases/nft-f/0024priority_0" also don't get a .json-nft
dump yet, because their output is not stable. That needs fixing too.
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Florian Westphal <fw@strlen.de>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell/testcases/flowtable/dumps')
15 files changed, 15 insertions, 0 deletions
diff --git a/tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft new file mode 100644 index 00000000..ddd46b1c --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0001flowtable_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 1}}, {"flowtable": {"family": "inet", "name": "f", "table": "t", "handle": 2, "hook": "ingress", "prio": 10, "dev": "lo"}}, {"chain": {"family": "inet", "table": "t", "name": "c", "handle": 1}}, {"rule": {"family": "inet", "table": "t", "chain": "c", "handle": 3, "expr": [{"flow": {"op": "add", "flowtable": "@f"}}]}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft new file mode 100644 index 00000000..752d10df --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0002create_flowtable_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 1}}, {"flowtable": {"family": "ip", "name": "f", "table": "t", "handle": 1, "hook": "ingress", "prio": 10, "dev": "lo"}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft b/tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft new file mode 100644 index 00000000..c1596fc4 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0003add_after_flush_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 2}}, {"flowtable": {"family": "ip", "name": "y", "table": "x", "handle": 1, "hook": "ingress", "prio": 0, "dev": "lo"}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft b/tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft new file mode 100644 index 00000000..170a5783 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0004delete_after_add_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 1}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft b/tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft new file mode 100644 index 00000000..752c6b53 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0005delete_in_use_1.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 1}}, {"flowtable": {"family": "ip", "name": "y", "table": "x", "handle": 2, "hook": "ingress", "prio": 0, "dev": "lo"}}, {"chain": {"family": "ip", "table": "x", "name": "x", "handle": 1}}, {"rule": {"family": "ip", "table": "x", "chain": "x", "handle": 3, "expr": [{"flow": {"op": "add", "flowtable": "@y"}}]}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft b/tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft new file mode 100644 index 00000000..e34102c3 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0006segfault_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 1}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft b/tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft new file mode 100644 index 00000000..e34102c3 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0007prio_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 1}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft b/tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft new file mode 100644 index 00000000..e34102c3 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0008prio_1.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 1}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft b/tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft new file mode 100644 index 00000000..ee19cb85 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0009deleteafterflush_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 1}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 1}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft b/tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft new file mode 100644 index 00000000..8673e599 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0010delete_handle_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "t", "handle": 1}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft b/tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft new file mode 100644 index 00000000..ee19cb85 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0011deleteafterflush_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "x", "handle": 1}}, {"chain": {"family": "ip", "table": "x", "name": "y", "handle": 1}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft new file mode 100644 index 00000000..1c4331e3 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "filter1", "handle": 1}}, {"flowtable": {"family": "ip", "name": "Main_ft1", "table": "filter1", "handle": 1, "hook": "ingress", "prio": 0, "dev": "lo"}}, {"table": {"family": "ip", "name": "filter2", "handle": 2}}, {"flowtable": {"family": "ip", "name": "Main_ft2", "table": "filter2", "handle": 1, "hook": "ingress", "prio": 0, "dev": "lo"}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft b/tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft new file mode 100644 index 00000000..6d79157d --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0013addafterdelete_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 1}}, {"flowtable": {"family": "inet", "name": "f", "table": "filter", "handle": 2, "hook": "ingress", "prio": -1, "dev": "lo"}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft b/tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft new file mode 100644 index 00000000..e66962b6 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0014addafterdelete_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "inet", "name": "filter", "handle": 1}}, {"flowtable": {"family": "inet", "name": "f", "table": "filter", "handle": 4, "hook": "ingress", "prio": -1, "dev": "lo"}}, {"chain": {"family": "inet", "table": "filter", "name": "y", "handle": 1, "type": "filter", "hook": "forward", "prio": 0, "policy": "accept"}}, {"rule": {"family": "inet", "table": "filter", "chain": "y", "handle": 5, "expr": [{"flow": {"op": "add", "flowtable": "@f"}}, {"counter": {"packets": 0, "bytes": 0}}]}}]} diff --git a/tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft b/tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft new file mode 100644 index 00000000..e34102c3 --- /dev/null +++ b/tests/shell/testcases/flowtable/dumps/0015destroy_0.json-nft @@ -0,0 +1 @@ +{"nftables": [{"metainfo": {"version": "VERSION", "release_name": "RELEASE_NAME", "json_schema_version": 1}}, {"table": {"family": "ip", "name": "t", "handle": 1}}]} |