From a80997fa9a290462c5d001c5d448ddb2fbd7da5c Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Fri, 1 Feb 2019 21:28:46 +0100
Subject: tests: shell: exercise abort path with anonymous set that is bound to
 rule

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/shell/testcases/transactions/0043set_1 | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100755 tests/shell/testcases/transactions/0043set_1

diff --git a/tests/shell/testcases/transactions/0043set_1 b/tests/shell/testcases/transactions/0043set_1
new file mode 100755
index 00000000..a9135c19
--- /dev/null
+++ b/tests/shell/testcases/transactions/0043set_1
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+RULESET="add table ip test
+add set ip test foo { type ipv4_addr; }
+add chain ip test tc
+add element ip test foo { 1.2.3.4 }
+add rule ip test tc ip saddr { 1.2.3.4, 5.6.7.8 } accept
+delete table ip test
+add element ip test foo { 1.2.3.6 }"
+
+# kernel must return ENOENT
+$NFT -f - <<< "$RULESET" 2>/dev/null || exit 0
+echo "E: allowing element insertion on unexisting set"
+exit 1
-- 
cgit v1.2.3