summaryrefslogtreecommitdiffstats
path: root/tests/shell/testcases/listing/0020flowtable_0
Commit message (Collapse)AuthorAgeFilesLines
* tests: shell: skip if kernel does not support flowtable with no devicesPablo Neira Ayuso2023-11-151-0/+2
| | | | | | | | Originally, flowtables required devices in place to work, this was later relaxed to allow flowtable with no initial devices, see 05abe4456fa3 ("netfilter: nf_tables: allow to register flowtable with no devices"). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* tests/shell: cleanup creating dummy interfaces in testsThomas Haller2023-09-181-5/+7
| | | | | | | | | | | | | | | | | | | | | | | In "tests/shell/testcases/chains/netdev_chain_0", calling "trap ... EXIT" multiple times does not work. Fix it, by calling one cleanup function. Note that we run in separate namespaces, so the cleanup is usually not necessary. Still do it, we might want to run without unshare (via NFT_TEST_UNSHARE_CMD=""). Without unshare, it's important that the cleanup always works. In practice it might not, for example, "trap ... EXIT" does not run for SIGTERM. A leaked interface might break the follow up test and tests interfere with each other. Try to workaround that by first trying to delete the interface. Also failures to create the interfaces are not considered fatal. I don't understand under what circumstances this might fail, note that there are other tests that create dummy interface and don't "exit 77" on failure. We want to know when something odd is going on. Signed-off-by: Thomas Haller <thaller@redhat.com> Signed-off-by: Florian Westphal <fw@strlen.de>
* tests/shell: return 77/skip for tests that fail to create dummy deviceThomas Haller2023-09-081-1/+1
| | | | | | | | | | | | | There are some existing tests, that skip operation when they fail to create a dummy interface. Use the new exit code 77 to indicate "SKIPPED". I wonder why creating a dummy device would ever fail and why we don't just fail the test altogether in that case. But the patch does not change that. Signed-off-by: Thomas Haller <thaller@redhat.com> Signed-off-by: Florian Westphal <fw@strlen.de>
* cache: Support filtering for a specific flowtablePhil Sutter2021-12-031-5/+46
| | | | | | | | | | Extend nft_cache_filter to hold a flowtable name so 'list flowtable' command causes fetching the requested flowtable only. Dump flowtables just once instead of for each table, merely assign fetched data to tables inside the loop. Signed-off-by: Phil Sutter <phil@nwl.cc>
* tests: shell: Search diff tool once and for allPhil Sutter2020-01-161-2/+1
| | | | | | | | | | | | | | | Instead of calling 'which diff' over and over again, just detect the tool's presence in run-tests.sh and pass $DIFF to each testcase just like with nft binary. Fall back to using 'true' command to avoid the need for any conditional calling in test cases. While being at it, unify potential diff calls so that a string comparison in shell happens irrespective of diff presence. Signed-off-by: Phil Sutter <phil@nwl.cc> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: flowtable: add support for named flowtable listingEric Jallot2019-10-311-0/+21
This patch allows you to dump a named flowtable. # nft list flowtable inet t f table inet t { flowtable f { hook ingress priority filter + 10 devices = { eth0, eth1 } } } Also: libnftables-json.adoc: fix missing quotes. Fixes: db0697ce7f60 ("src: support for flowtable listing") Fixes: 872f373dc50f ("doc: Add JSON schema documentation") Signed-off-by: Eric Jallot <ejallot@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
generated by cgit v1.2.3 (git 2.25.0) at 2025-05-09 09:22:47 +0000