diff options
Diffstat (limited to 'tests/shell/testcases/sets')
-rwxr-xr-x | tests/shell/testcases/sets/0001named_interval_0 | 14 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0008create_verdict_map_0 | 14 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0014malformed_set_is_not_defined_0 | 14 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0015rulesetflush_0 | 16 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0021nesting_0 | 11 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0022type_selective_flush_0 | 17 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0024named_objects_0 | 14 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0026named_limit_0 | 14 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0027ipv6_maps_ipv4_0 | 14 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0029named_ifname_dtype_0 | 11 | ||||
-rwxr-xr-x | tests/shell/testcases/sets/0031set_timeout_size_0 | 14 |
11 files changed, 31 insertions, 122 deletions
diff --git a/tests/shell/testcases/sets/0001named_interval_0 b/tests/shell/testcases/sets/0001named_interval_0 index 8d08b755..74098125 100755 --- a/tests/shell/testcases/sets/0001named_interval_0 +++ b/tests/shell/testcases/sets/0001named_interval_0 @@ -4,15 +4,7 @@ # * creating a valid interval set # * referencing it from a valid rule -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo " +RULESET=" table inet t { set s1 { type ipv4_addr @@ -41,7 +33,7 @@ table inet t { ip6 nexthdr @s3 accept tcp dport @s4 accept } -}" > $tmpfile +}" set -e -$NFT -f $tmpfile +$NFT -f - <<< $RULESET diff --git a/tests/shell/testcases/sets/0008create_verdict_map_0 b/tests/shell/testcases/sets/0008create_verdict_map_0 index 8ebb4509..1188e977 100755 --- a/tests/shell/testcases/sets/0008create_verdict_map_0 +++ b/tests/shell/testcases/sets/0008create_verdict_map_0 @@ -1,14 +1,6 @@ #!/bin/bash -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo " +RULESET=" table ip t { map sourcemap { type ipv4_addr : verdict; @@ -19,7 +11,7 @@ table ip t { } add chain t c add element t sourcemap { 100.123.10.2 : jump c } -" > $tmpfile +" set -e -$NFT -f $tmpfile +$NFT -f - <<< $RULESET diff --git a/tests/shell/testcases/sets/0014malformed_set_is_not_defined_0 b/tests/shell/testcases/sets/0014malformed_set_is_not_defined_0 index 5d1a2dab..61d6b49c 100755 --- a/tests/shell/testcases/sets/0014malformed_set_is_not_defined_0 +++ b/tests/shell/testcases/sets/0014malformed_set_is_not_defined_0 @@ -7,22 +7,14 @@ # In this case, nft should error out because the set doesn't exist instead of # segfaulting -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo " +RULESET=" add table t add chain t c add set t s {type ipv4_addr\;} add rule t c ip saddr @s -" >$tmpfile +" -$NFT -f $tmpfile +$NFT -f - <<< $RULESET ret=$? trap - EXIT diff --git a/tests/shell/testcases/sets/0015rulesetflush_0 b/tests/shell/testcases/sets/0015rulesetflush_0 index 27242b36..3bfab97c 100755 --- a/tests/shell/testcases/sets/0015rulesetflush_0 +++ b/tests/shell/testcases/sets/0015rulesetflush_0 @@ -1,14 +1,6 @@ #!/bin/bash -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo "flush ruleset +RULESET="flush ruleset add table t add chain t c @@ -18,9 +10,9 @@ table inet filter { add element inet filter blacklist_v4 { 192.168.0.1/24, -}" >$tmpfile +}" -$NFT -f $tmpfile +$NFT -f - <<< $RULESET # make sure flush ruleset works right -$NFT -f $tmpfile +$NFT -f - <<< $RULESET diff --git a/tests/shell/testcases/sets/0021nesting_0 b/tests/shell/testcases/sets/0021nesting_0 index 4779f264..c0ac396f 100755 --- a/tests/shell/testcases/sets/0021nesting_0 +++ b/tests/shell/testcases/sets/0021nesting_0 @@ -2,14 +2,6 @@ set -e -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -#trap "rm -rf $tmpfile" EXIT # cleanup if aborted - RULESET=' define set1 = { 2.2.2.0/24, @@ -24,8 +16,7 @@ table ip x { } }' -echo "$RULESET" > $tmpfile -$NFT -f $tmpfile +$NFT -f - <<< $RULESET if [ $? -ne 0 ] ; then echo "E: unable to load ruleset" >&2 exit 1 diff --git a/tests/shell/testcases/sets/0022type_selective_flush_0 b/tests/shell/testcases/sets/0022type_selective_flush_0 index 659bf70c..0c39cbad 100755 --- a/tests/shell/testcases/sets/0022type_selective_flush_0 +++ b/tests/shell/testcases/sets/0022type_selective_flush_0 @@ -3,23 +3,15 @@ # This tests the selectiveness of flush command on structures that use the # generic set infrastructure (sets, maps and meters). -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo " +RULESET=" add table t add chain t c add set t s {type ipv4_addr;} add map t m {type ipv4_addr : inet_service;} add rule t c tcp dport 80 meter f {ip saddr limit rate 10/second} -" >$tmpfile +" -$NFT -f $tmpfile +$NFT -f - <<< $RULESET # Commands that should be invalid @@ -31,8 +23,7 @@ declare -a cmds=( for i in "${cmds[@]}" do - echo "$i" >$tmpfile - $NFT -f $tmpfile &>/dev/null + $NFT "$i" &>/dev/null ret=$? if [ $ret -eq 0 ]; then diff --git a/tests/shell/testcases/sets/0024named_objects_0 b/tests/shell/testcases/sets/0024named_objects_0 index 19dd1cd5..772247e0 100755 --- a/tests/shell/testcases/sets/0024named_objects_0 +++ b/tests/shell/testcases/sets/0024named_objects_0 @@ -4,15 +4,7 @@ # * creating valid named objects # * referencing them from a valid rule -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo " +RULESET=" table inet x { counter user123 { packets 12 bytes 1433 @@ -35,7 +27,7 @@ table inet x { counter name ip saddr map { 192.168.2.2 : "user123", 1.1.1.1 : "user123", 2.2.2.2 : "user123"} quota name ip saddr map @test drop } -}" > $tmpfile +}" set -e -$NFT -f $tmpfile +$NFT -f - <<< $RULESET diff --git a/tests/shell/testcases/sets/0026named_limit_0 b/tests/shell/testcases/sets/0026named_limit_0 index 91553f34..23bc0b02 100755 --- a/tests/shell/testcases/sets/0026named_limit_0 +++ b/tests/shell/testcases/sets/0026named_limit_0 @@ -4,15 +4,7 @@ # * creating valid named limits # * referencing them from a valid rule -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo " +RULESET=" table ip filter { limit http-traffic { rate 1/second @@ -21,7 +13,7 @@ table ip filter { type filter hook input priority 0; policy accept; limit name tcp dport map { 80 : "http-traffic", 443 : "http-traffic"} } -}" > $tmpfile +}" set -e -$NFT -f $tmpfile +$NFT -f - <<< $RULESET diff --git a/tests/shell/testcases/sets/0027ipv6_maps_ipv4_0 b/tests/shell/testcases/sets/0027ipv6_maps_ipv4_0 index 7ac271a0..846e3226 100755 --- a/tests/shell/testcases/sets/0027ipv6_maps_ipv4_0 +++ b/tests/shell/testcases/sets/0027ipv6_maps_ipv4_0 @@ -4,15 +4,7 @@ set -e -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo " +RULESET=" table inet t { set s { type ipv6_addr @@ -20,6 +12,6 @@ table inet t { elements = { ::ffff:0.0.0.0/96 } } } -" > $tmpfile +" -$NFT -f $tmpfile +$NFT -f - <<< $RULESET diff --git a/tests/shell/testcases/sets/0029named_ifname_dtype_0 b/tests/shell/testcases/sets/0029named_ifname_dtype_0 index 92f4a4ad..532d8927 100755 --- a/tests/shell/testcases/sets/0029named_ifname_dtype_0 +++ b/tests/shell/testcases/sets/0029named_ifname_dtype_0 @@ -2,14 +2,6 @@ # support for ifname in named sets -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - EXPECTED="table inet t { set s { type ifname @@ -23,5 +15,4 @@ EXPECTED="table inet t { }" set -e -echo "$EXPECTED" > $tmpfile -$NFT -f $tmpfile +$NFT -f - <<< $EXPECTED diff --git a/tests/shell/testcases/sets/0031set_timeout_size_0 b/tests/shell/testcases/sets/0031set_timeout_size_0 index 89af58f3..3d3f919a 100755 --- a/tests/shell/testcases/sets/0031set_timeout_size_0 +++ b/tests/shell/testcases/sets/0031set_timeout_size_0 @@ -1,15 +1,7 @@ #!/bin/bash -tmpfile=$(mktemp) -if [ ! -w $tmpfile ] ; then - echo "Failed to create tmp file" >&2 - exit 0 -fi - -trap "rm -rf $tmpfile" EXIT # cleanup if aborted - -echo "add table x -add set x y { type ipv4_addr; size 128; timeout 30s; }" > $tmpfile +RULESET="add table x +add set x y { type ipv4_addr; size 128; timeout 30s; }" set -e -$NFT -f $tmpfile +$NFT -f - <<< $RULESET |