diff options
| -rw-r--r-- | tests/shell/testcases/maps/dumps/vmap_timeout.nft | 2 | ||||
| -rwxr-xr-x | tests/shell/testcases/maps/vmap_timeout | 26 |
2 files changed, 22 insertions, 6 deletions
diff --git a/tests/shell/testcases/maps/dumps/vmap_timeout.nft b/tests/shell/testcases/maps/dumps/vmap_timeout.nft index 295971ab..095f894d 100644 --- a/tests/shell/testcases/maps/dumps/vmap_timeout.nft +++ b/tests/shell/testcases/maps/dumps/vmap_timeout.nft @@ -2,12 +2,14 @@ table inet filter { map portmap { type inet_service : verdict flags timeout + gc-interval 10s elements = { 22 : jump ssh_input } } map portaddrmap { typeof ip daddr . th dport : verdict flags timeout + gc-interval 10s elements = { 1.2.3.4 . 22 : jump ssh_input } } diff --git a/tests/shell/testcases/maps/vmap_timeout b/tests/shell/testcases/maps/vmap_timeout index a81ff4f5..e59d37ab 100755 --- a/tests/shell/testcases/maps/vmap_timeout +++ b/tests/shell/testcases/maps/vmap_timeout @@ -6,22 +6,36 @@ dumpfile=$(dirname $0)/dumps/$(basename $0).nft $NFT -f $dumpfile port=23 -for i in $(seq 1 400) ; do - timeout=$((RANDOM%3)) +for i in $(seq 1 100) ; do + timeout=$((RANDOM%5)) timeout=$((timeout+1)) j=1 batched="{ $port timeout 3s : jump other_input " - batched_addr="{ 10.0.$((i%256)).$j . $port timeout 3s : jump other_input " + batched_addr="{ 10.0.$((i%256)).$j . $port timeout ${timeout}s : jump other_input " port=$((port + 1)) - for j in $(seq 2 100); do + for j in $(seq 2 400); do + timeout=$((RANDOM%5)) + timeout=$((timeout+1)) + batched="$batched, $port timeout ${timeout}s : jump other_input " - batched_addr="$batched_addr, 10.0.$((i%256)).$j . $port timeout ${timeout}s : jump other_input " + batched_addr="$batched_addr, 10.0.$((i%256)).$((j%256)) . $port timeout ${timeout}s : jump other_input " port=$((port + 1)) done + fail_addr="$batched_addr, 1.2.3.4 . 23 timeout 5m : jump other_input, + 1.2.3.4 . 23 timeout 3m : jump other_input }" + fail="$batched, 23 timeout 1m : jump other_input, 23 : jump other_input }" + batched="$batched }" batched_addr="$batched_addr }" + + if [ $i -gt 90 ]; then + # must fail, we create and $fail/$fail_addr contain one element twice. + $NFT create element inet filter portmap "$fail" && exit 111 + $NFT create element inet filter portaddrmap "$fail_addr" && exit 112 + fi + $NFT add element inet filter portmap "$batched" $NFT add element inet filter portaddrmap "$batched_addr" done @@ -30,4 +44,4 @@ $NFT add element inet filter portaddrmap { "* timeout 2s : drop" } $NFT add element inet filter portmap { "* timeout 3s : drop" } # wait for elements to time out -sleep 4 +sleep 5 |