diff options
| author | Florian Westphal <fw@strlen.de> | 2023-08-02 15:54:28 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2023-08-03 13:06:18 +0200 |
| commit | a8260c056a69aaca33d6604079ebac3d07d2551c (patch) | |
| tree | 3c80d7db50bc7fd44fcad1370e0eeaef6d4ed3ef /tests/shell/testcases | |
| parent | aef2a35f67160fd4447f2a7585baf379866eefb2 (diff) | |
tests: add dynmap datapath add/delete test case
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'tests/shell/testcases')
| -rw-r--r-- | tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft | 22 | ||||
| -rwxr-xr-x | tests/shell/testcases/maps/typeof_maps_add_delete | 35 |
2 files changed, 57 insertions, 0 deletions
diff --git a/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft b/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft new file mode 100644 index 00000000..9134673c --- /dev/null +++ b/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft @@ -0,0 +1,22 @@ +table ip dynset { + map dynmark { + typeof ip daddr : meta mark + size 64 + counter + timeout 5m + } + + chain test_ping { + ip saddr @dynmark counter packets 0 bytes 0 comment "should not increment" + ip saddr != @dynmark add @dynmark { ip saddr : 0x00000001 } counter packets 1 bytes 84 + ip saddr @dynmark counter packets 1 bytes 84 comment "should increment" + ip saddr @dynmark delete @dynmark { ip saddr : 0x00000001 } + ip saddr @dynmark counter packets 0 bytes 0 comment "delete should be instant but might fail under memory pressure" + } + + chain input { + type filter hook input priority filter; policy accept; + add @dynmark { 10.2.3.4 timeout 1s : 0x00000002 } comment "also check timeout-gc" + meta l4proto icmp ip daddr 127.0.0.42 jump test_ping + } +} diff --git a/tests/shell/testcases/maps/typeof_maps_add_delete b/tests/shell/testcases/maps/typeof_maps_add_delete new file mode 100755 index 00000000..341de538 --- /dev/null +++ b/tests/shell/testcases/maps/typeof_maps_add_delete @@ -0,0 +1,35 @@ +#!/bin/bash + +EXPECTED='table ip dynset { + map dynmark { + typeof ip daddr : meta mark + counter + size 64 + timeout 5m + } + + chain test_ping { + ip saddr @dynmark counter comment "should not increment" + ip saddr != @dynmark add @dynmark { ip saddr : 0x1 } counter + ip saddr @dynmark counter comment "should increment" + ip saddr @dynmark delete @dynmark { ip saddr : 0x1 } + ip saddr @dynmark counter comment "delete should be instant but might fail under memory pressure" + } + + chain input { + type filter hook input priority 0; policy accept; + + add @dynmark { 10.2.3.4 timeout 1s : 0x2 } comment "also check timeout-gc" + meta l4proto icmp ip daddr 127.0.0.42 jump test_ping + } +}' + +set -e +$NFT -f - <<< $EXPECTED +$NFT list ruleset + +ip link set lo up +ping -c 1 127.0.0.42 + +# wait so that 10.2.3.4 times out. +sleep 2 |