tests: shell: add endless jump loop tests

Add some tests for endless jump loop validation.

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

2 files changed, 23 insertions, 0 deletions

diff --git a/tests/shell/testcases/chains/0010endless_jump_loop_1 b/tests/shell/testcases/chains/0010endless_jump_loop_1
new file mode 100755
index 00000000..dba70e14
--- /dev/null
+++ b/tests/shell/testcases/chains/0010endless_jump_loop_1
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -e
+
+$NFT add table t
+$NFT add chain t c
+# kernel should return ELOOP
+$NFT add rule t c tcp dport vmap {1 : jump c} 2>/dev/null
+echo "E: accepted endless jump loop in a vmap" >&2
diff --git a/tests/shell/testcases/chains/0011endless_jump_loop_1 b/tests/shell/testcases/chains/0011endless_jump_loop_1
new file mode 100755
index 00000000..adbff8d4
--- /dev/null
+++ b/tests/shell/testcases/chains/0011endless_jump_loop_1
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -e
+
+$NFT add table t
+$NFT add chain t c1
+$NFT add chain t c2
+$NFT add map t m {type inet_service : verdict \;}
+$NFT add element t m {2 : jump c2}
+$NFT add rule t c1 tcp dport vmap @m
+
+# kernel should return ELOOP
+$NFT add element t m {1 : jump c1} 2>/dev/null
+echo "E: accepted endless jump loop in a vmap" >&2