diff options
| author | Arturo Borrero Gonzalez <arturo@netfilter.org> | 2018-02-25 18:30:24 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-02-25 23:09:02 +0100 |
| commit | 8c61fa70f3cebed06b23292a3467f1dbc1b96ce9 (patch) | |
| tree | 46f4550c256a590094c0e732077675d40a73051a /tests/shell/testcases | |
| parent | ba00c6b18ee2bf3bc100226ecc2e6bfd779eb482 (diff) | |
meta: introduce datatype ifname_type
This new datatype is a string subtype.
It will allow us to build named maps/sets using meta keys like 'iifname',
'oifname', 'ibriport' or 'obriport'.
Example:
table inet t {
set s {
type ifname
elements = { "eth0",
"eth1" }
}
chain c {
iifname @s accept
oifname @s accept
}
}
Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'tests/shell/testcases')
| -rwxr-xr-x | tests/shell/testcases/maps/0007named_ifname_dtype_0 | 35 | ||||
| -rwxr-xr-x | tests/shell/testcases/sets/0029named_ifname_dtype_0 | 35 |
2 files changed, 70 insertions, 0 deletions
diff --git a/tests/shell/testcases/maps/0007named_ifname_dtype_0 b/tests/shell/testcases/maps/0007named_ifname_dtype_0 new file mode 100755 index 00000000..dcbcf2f0 --- /dev/null +++ b/tests/shell/testcases/maps/0007named_ifname_dtype_0 @@ -0,0 +1,35 @@ +#!/bin/bash + +# support for ifname in named maps + +tmpfile=$(mktemp) +if [ ! -w $tmpfile ] ; then + echo "Failed to create tmp file" >&2 + exit 0 +fi + +trap "rm -rf $tmpfile" EXIT # cleanup if aborted + +EXPECTED="table inet t { + map m1 { + type ifname : ipv4_addr + elements = { \"eth0\" : 1.1.1.1 } + } + + chain c { + ip daddr set iifname map @m1 + ip daddr set oifname map @m1 + } +}" + +set -e +echo "$EXPECTED" > $tmpfile +$NFT -f $tmpfile + +GET="$($NFT list ruleset)" +if [ "$EXPECTED" != "$GET" ] ; then + DIFF="$(which diff)" + [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") + exit 1 +fi + diff --git a/tests/shell/testcases/sets/0029named_ifname_dtype_0 b/tests/shell/testcases/sets/0029named_ifname_dtype_0 new file mode 100755 index 00000000..8b7ab982 --- /dev/null +++ b/tests/shell/testcases/sets/0029named_ifname_dtype_0 @@ -0,0 +1,35 @@ +#!/bin/bash + +# support for ifname in named sets + +tmpfile=$(mktemp) +if [ ! -w $tmpfile ] ; then + echo "Failed to create tmp file" >&2 + exit 0 +fi + +trap "rm -rf $tmpfile" EXIT # cleanup if aborted + +EXPECTED="table inet t { + set s { + type ifname + elements = { \"eth0\" } + } + + chain c { + iifname @s accept + oifname @s accept + } +}" + +set -e +echo "$EXPECTED" > $tmpfile +$NFT -f $tmpfile + +GET="$($NFT list ruleset)" +if [ "$EXPECTED" != "$GET" ] ; then + DIFF="$(which diff)" + [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") + exit 1 +fi + |