diff options
author | Thomas Haller <thaller@redhat.com> | 2023-10-23 18:13:15 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-10-24 11:31:02 +0200 |
commit | 15500d0b1c07e8c497609e4509f7c8489cbc4b83 (patch) | |
tree | 867bd14e1ab76ca1d883be0352303ab1f235baf7 /tests/shell/testcases/optimizations/dumps | |
parent | 92cc90eace679794f67825820d54aa6c14570a0c (diff) |
tests/shell: inline input data in "single_anon_set" test
The file "optimizations/dumps/single_anon_set.nft.input" was laying
around, and it was unclear how it was used.
Let's extend "check-patch.sh" to flag all unused files. But the script
cannot understand how "single_anon_set.nft.input" is used (aside allow
listing it).
Instead, inline the script to keep it inside the test (script).
We still write the data to a separate file and don't use `nft -f -`
(because reading stdin uses a different code path we want to cover).
Signed-off-by: Thomas Haller <thaller@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases/optimizations/dumps')
-rw-r--r-- | tests/shell/testcases/optimizations/dumps/single_anon_set.nft.input | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/tests/shell/testcases/optimizations/dumps/single_anon_set.nft.input b/tests/shell/testcases/optimizations/dumps/single_anon_set.nft.input deleted file mode 100644 index ecc5691b..00000000 --- a/tests/shell/testcases/optimizations/dumps/single_anon_set.nft.input +++ /dev/null @@ -1,38 +0,0 @@ -table ip test { - chain test { - # Test cases where anon set can be removed: - ip saddr { 127.0.0.1 } accept - iif { "lo" } accept - - # negation, can change to != 22. - tcp dport != { 22 } drop - - # single prefix, can remove anon set. - ip saddr { 127.0.0.0/8 } accept - - # range, can remove anon set. - ip saddr { 127.0.0.1-192.168.7.3 } accept - tcp sport { 1-1023 } drop - - # Test cases where anon set must be kept. - - # 2 elements, cannot remove the anon set. - ip daddr { 192.168.7.1, 192.168.7.5 } accept - tcp dport { 80, 443 } accept - - # single element, but concatenation which is not - # supported outside of set/map context at this time. - ip daddr . tcp dport { 192.168.0.1 . 22 } accept - - # single element, but a map. - meta mark set ip daddr map { 192.168.0.1 : 1 } - - # 2 elements. This could be converted because - # ct state cannot be both established and related - # at the same time, but this needs extra work. - ct state { established, related } accept - - # with stateful statement - meta mark { 0x0000000a counter } - } -} |