From 9edaa6a51eab49a378dd358e0b4254d0398c629f Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 20 Jul 2021 12:17:33 +0200 Subject: src: add --define key=value This patch adds a new option to define variables from the command line. # cat test.nft table netdev x { chain y { type filter hook ingress devices = $dev priority 0; counter accept } } # nft --define dev="{ eth0, eth1 }" -f test.nft You can only combine it with -f/--filename. Signed-off-by: Pablo Neira Ayuso --- tests/shell/testcases/nft-f/0028variable_cmdline_0 | 17 +++++++++++++++++ .../testcases/nft-f/dumps/0028variable_cmdline_0.nft | 8 ++++++++ 2 files changed, 25 insertions(+) create mode 100755 tests/shell/testcases/nft-f/0028variable_cmdline_0 create mode 100644 tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft (limited to 'tests/shell/testcases/nft-f') diff --git a/tests/shell/testcases/nft-f/0028variable_cmdline_0 b/tests/shell/testcases/nft-f/0028variable_cmdline_0 new file mode 100755 index 00000000..a2bbd5da --- /dev/null +++ b/tests/shell/testcases/nft-f/0028variable_cmdline_0 @@ -0,0 +1,17 @@ +#!/bin/bash + + +RULESET="table inet filter { + set whitelist_v4 { type ipv4_addr; } +} +add element inet filter whitelist_v4 \$whitelist_v4 +" + +# this is intentional: exercise error path +$NFT --define whitelist_v4="{ wrong }" -f - <<< "$RULESET" +$NFT --define whitelist_v4="{ 1.1.1.1, \$wrong }" -f - <<< "$RULESET" + +set -e + +$NFT --define whitelist_v4="{ 1.1.1.1, 2.2.2.2 }" -f - <<< "$RULESET" +$NFT --define x={5.5.5.5} --define whitelist_v4="{ 3.3.3.3, 4.4.4.4, \$x }" -f - <<< "$RULESET" diff --git a/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft b/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft new file mode 100644 index 00000000..aa081122 --- /dev/null +++ b/tests/shell/testcases/nft-f/dumps/0028variable_cmdline_0.nft @@ -0,0 +1,8 @@ +table inet filter { + set whitelist_v4 { + type ipv4_addr + elements = { 1.1.1.1, 2.2.2.2, + 3.3.3.3, 4.4.4.4, + 5.5.5.5 } + } +} -- cgit v1.2.3