diff options
Diffstat (limited to 'tests/shell/testcases/transactions')
36 files changed, 90 insertions, 263 deletions
diff --git a/tests/shell/testcases/transactions/0001table_0 b/tests/shell/testcases/transactions/0001table_0 index 0bde1018..83f9fd0d 100755 --- a/tests/shell/testcases/transactions/0001table_0 +++ b/tests/shell/testcases/transactions/0001table_0 @@ -21,16 +21,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { -} -table ip y { -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0002table_0 b/tests/shell/testcases/transactions/0002table_0 index c5f319e4..dbd2f4ab 100755 --- a/tests/shell/testcases/transactions/0002table_0 +++ b/tests/shell/testcases/transactions/0002table_0 @@ -21,15 +21,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - flags dormant -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0003table_0 b/tests/shell/testcases/transactions/0003table_0 index f17285e5..004ce513 100755 --- a/tests/shell/testcases/transactions/0003table_0 +++ b/tests/shell/testcases/transactions/0003table_0 @@ -20,13 +20,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0010chain_0 b/tests/shell/testcases/transactions/0010chain_0 index f4c1fbd1..d1918680 100755 --- a/tests/shell/testcases/transactions/0010chain_0 +++ b/tests/shell/testcases/transactions/0010chain_0 @@ -22,16 +22,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip w { - chain y { - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0011chain_0 b/tests/shell/testcases/transactions/0011chain_0 index 71afa6ed..aac33d56 100755 --- a/tests/shell/testcases/transactions/0011chain_0 +++ b/tests/shell/testcases/transactions/0011chain_0 @@ -22,17 +22,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - chain y { - type filter hook input priority 0; policy drop; - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0012chain_0 b/tests/shell/testcases/transactions/0012chain_0 index 757bc750..c3bfe130 100755 --- a/tests/shell/testcases/transactions/0012chain_0 +++ b/tests/shell/testcases/transactions/0012chain_0 @@ -26,17 +26,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip w { - chain y { - type filter hook output priority 0; policy accept; - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0013chain_0 b/tests/shell/testcases/transactions/0013chain_0 index 2c75bd4f..67c31c8a 100755 --- a/tests/shell/testcases/transactions/0013chain_0 +++ b/tests/shell/testcases/transactions/0013chain_0 @@ -27,17 +27,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip w { - chain y { - type filter hook output priority 0; policy accept; - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0020rule_0 b/tests/shell/testcases/transactions/0020rule_0 index 1ad43625..e38634d3 100755 --- a/tests/shell/testcases/transactions/0020rule_0 +++ b/tests/shell/testcases/transactions/0020rule_0 @@ -21,13 +21,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0021rule_0 b/tests/shell/testcases/transactions/0021rule_0 index 2467124f..284a9e71 100755 --- a/tests/shell/testcases/transactions/0021rule_0 +++ b/tests/shell/testcases/transactions/0021rule_0 @@ -24,17 +24,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - chain y { - ip saddr 2.2.2.2 counter packets 0 bytes 0 - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0030set_0 b/tests/shell/testcases/transactions/0030set_0 index 1fefb944..ad08b7e5 100755 --- a/tests/shell/testcases/transactions/0030set_0 +++ b/tests/shell/testcases/transactions/0030set_0 @@ -21,14 +21,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0031set_0 b/tests/shell/testcases/transactions/0031set_0 index 87848b4b..6c5757cc 100755 --- a/tests/shell/testcases/transactions/0031set_0 +++ b/tests/shell/testcases/transactions/0031set_0 @@ -21,17 +21,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - set y { - type ipv4_addr - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0032set_0 b/tests/shell/testcases/transactions/0032set_0 index d4d7e7ed..1b41cf09 100755 --- a/tests/shell/testcases/transactions/0032set_0 +++ b/tests/shell/testcases/transactions/0032set_0 @@ -22,17 +22,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip w { - set y { - type ipv4_addr - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0033set_0 b/tests/shell/testcases/transactions/0033set_0 index b73b6fc8..19543b3c 100755 --- a/tests/shell/testcases/transactions/0033set_0 +++ b/tests/shell/testcases/transactions/0033set_0 @@ -20,14 +20,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0034set_0 b/tests/shell/testcases/transactions/0034set_0 index 25e65007..4cddb94d 100755 --- a/tests/shell/testcases/transactions/0034set_0 +++ b/tests/shell/testcases/transactions/0034set_0 @@ -21,17 +21,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - set y { - type ipv4_addr - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0035set_0 b/tests/shell/testcases/transactions/0035set_0 index 0788e2fe..9b20746b 100755 --- a/tests/shell/testcases/transactions/0035set_0 +++ b/tests/shell/testcases/transactions/0035set_0 @@ -23,18 +23,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - set y { - type ipv4_addr - elements = { 3.3.3.3 } - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0037set_0 b/tests/shell/testcases/transactions/0037set_0 index 3e48c801..75b1d453 100755 --- a/tests/shell/testcases/transactions/0037set_0 +++ b/tests/shell/testcases/transactions/0037set_0 @@ -21,18 +21,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - set y { - type ipv4_addr - flags interval - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0038set_0 b/tests/shell/testcases/transactions/0038set_0 index 76550755..3120e916 100755 --- a/tests/shell/testcases/transactions/0038set_0 +++ b/tests/shell/testcases/transactions/0038set_0 @@ -23,19 +23,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - set y { - type ipv4_addr - flags interval - elements = { 192.168.4.0/24 } - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0039set_0 b/tests/shell/testcases/transactions/0039set_0 index 76550755..3120e916 100755 --- a/tests/shell/testcases/transactions/0039set_0 +++ b/tests/shell/testcases/transactions/0039set_0 @@ -23,19 +23,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -EXPECTED="table ip x { - set y { - type ipv4_addr - flags interval - elements = { 192.168.4.0/24 } - } -}" - -GET="$($NFT list ruleset)" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/0040set_0 b/tests/shell/testcases/transactions/0040set_0 index 241703d9..0ffc4416 100755 --- a/tests/shell/testcases/transactions/0040set_0 +++ b/tests/shell/testcases/transactions/0040set_0 @@ -51,26 +51,3 @@ if [ $? -ne 0 ] ; then echo "E: unable to load good ruleset" >&2 exit 1 fi - -GET="$($NFT list ruleset)" - -EXPECTED="table ip filter { - map client_to_any { - type ipv4_addr : verdict - } - - chain FORWARD { - type filter hook forward priority 0; policy accept; - goto client_to_any - } - - chain client_to_any { - ip saddr vmap @client_to_any - } -}" - -if [ "$EXPECTED" != "$GET" ] ; then - DIFF="$(which diff)" - [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET") - exit 1 -fi diff --git a/tests/shell/testcases/transactions/dumps/0001table_0.nft b/tests/shell/testcases/transactions/dumps/0001table_0.nft new file mode 100644 index 00000000..e4e5f9b1 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0001table_0.nft @@ -0,0 +1,4 @@ +table ip x { +} +table ip y { +} diff --git a/tests/shell/testcases/transactions/dumps/0002table_0.nft b/tests/shell/testcases/transactions/dumps/0002table_0.nft new file mode 100644 index 00000000..6eb70726 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0002table_0.nft @@ -0,0 +1,3 @@ +table ip x { + flags dormant +} diff --git a/tests/shell/testcases/transactions/dumps/0010chain_0.nft b/tests/shell/testcases/transactions/dumps/0010chain_0.nft new file mode 100644 index 00000000..aa4a521f --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0010chain_0.nft @@ -0,0 +1,4 @@ +table ip w { + chain y { + } +} diff --git a/tests/shell/testcases/transactions/dumps/0011chain_0.nft b/tests/shell/testcases/transactions/dumps/0011chain_0.nft new file mode 100644 index 00000000..02cdb238 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0011chain_0.nft @@ -0,0 +1,5 @@ +table ip x { + chain y { + type filter hook input priority 0; policy drop; + } +} diff --git a/tests/shell/testcases/transactions/dumps/0012chain_0.nft b/tests/shell/testcases/transactions/dumps/0012chain_0.nft new file mode 100644 index 00000000..1fddecbb --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0012chain_0.nft @@ -0,0 +1,5 @@ +table ip w { + chain y { + type filter hook output priority 0; policy accept; + } +} diff --git a/tests/shell/testcases/transactions/dumps/0013chain_0.nft b/tests/shell/testcases/transactions/dumps/0013chain_0.nft new file mode 100644 index 00000000..1fddecbb --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0013chain_0.nft @@ -0,0 +1,5 @@ +table ip w { + chain y { + type filter hook output priority 0; policy accept; + } +} diff --git a/tests/shell/testcases/transactions/dumps/0021rule_0.nft b/tests/shell/testcases/transactions/dumps/0021rule_0.nft new file mode 100644 index 00000000..a6c41309 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0021rule_0.nft @@ -0,0 +1,5 @@ +table ip x { + chain y { + ip saddr 2.2.2.2 counter packets 0 bytes 0 + } +} diff --git a/tests/shell/testcases/transactions/dumps/0030set_0.nft b/tests/shell/testcases/transactions/dumps/0030set_0.nft new file mode 100644 index 00000000..5d4d2caf --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0030set_0.nft @@ -0,0 +1,2 @@ +table ip x { +} diff --git a/tests/shell/testcases/transactions/dumps/0031set_0.nft b/tests/shell/testcases/transactions/dumps/0031set_0.nft new file mode 100644 index 00000000..e3d4aee6 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0031set_0.nft @@ -0,0 +1,5 @@ +table ip x { + set y { + type ipv4_addr + } +} diff --git a/tests/shell/testcases/transactions/dumps/0032set_0.nft b/tests/shell/testcases/transactions/dumps/0032set_0.nft new file mode 100644 index 00000000..7d11892a --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0032set_0.nft @@ -0,0 +1,5 @@ +table ip w { + set y { + type ipv4_addr + } +} diff --git a/tests/shell/testcases/transactions/dumps/0033set_0.nft b/tests/shell/testcases/transactions/dumps/0033set_0.nft new file mode 100644 index 00000000..5d4d2caf --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0033set_0.nft @@ -0,0 +1,2 @@ +table ip x { +} diff --git a/tests/shell/testcases/transactions/dumps/0034set_0.nft b/tests/shell/testcases/transactions/dumps/0034set_0.nft new file mode 100644 index 00000000..e3d4aee6 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0034set_0.nft @@ -0,0 +1,5 @@ +table ip x { + set y { + type ipv4_addr + } +} diff --git a/tests/shell/testcases/transactions/dumps/0035set_0.nft b/tests/shell/testcases/transactions/dumps/0035set_0.nft new file mode 100644 index 00000000..e1114947 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0035set_0.nft @@ -0,0 +1,6 @@ +table ip x { + set y { + type ipv4_addr + elements = { 3.3.3.3 } + } +} diff --git a/tests/shell/testcases/transactions/dumps/0037set_0.nft b/tests/shell/testcases/transactions/dumps/0037set_0.nft new file mode 100644 index 00000000..ca69cee2 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0037set_0.nft @@ -0,0 +1,6 @@ +table ip x { + set y { + type ipv4_addr + flags interval + } +} diff --git a/tests/shell/testcases/transactions/dumps/0038set_0.nft b/tests/shell/testcases/transactions/dumps/0038set_0.nft new file mode 100644 index 00000000..651a11bf --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0038set_0.nft @@ -0,0 +1,7 @@ +table ip x { + set y { + type ipv4_addr + flags interval + elements = { 192.168.4.0/24 } + } +} diff --git a/tests/shell/testcases/transactions/dumps/0039set_0.nft b/tests/shell/testcases/transactions/dumps/0039set_0.nft new file mode 100644 index 00000000..651a11bf --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0039set_0.nft @@ -0,0 +1,7 @@ +table ip x { + set y { + type ipv4_addr + flags interval + elements = { 192.168.4.0/24 } + } +} diff --git a/tests/shell/testcases/transactions/dumps/0040set_0.nft b/tests/shell/testcases/transactions/dumps/0040set_0.nft new file mode 100644 index 00000000..fe864058 --- /dev/null +++ b/tests/shell/testcases/transactions/dumps/0040set_0.nft @@ -0,0 +1,14 @@ +table ip filter { + map client_to_any { + type ipv4_addr : verdict + } + + chain FORWARD { + type filter hook forward priority 0; policy accept; + goto client_to_any + } + + chain client_to_any { + ip saddr vmap @client_to_any + } +} |