# ip saddr @set1 drop
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set set1 ]
  [ immediate reg 0 drop ]

# ip saddr != @set1 drop
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set set1 0x1 ]
  [ immediate reg 0 drop ]

# ip saddr @set2 drop
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set set2 ]
  [ immediate reg 0 drop ]

# ip saddr != @set2 drop
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set set2 0x1 ]
  [ immediate reg 0 drop ]

# ip saddr . ip daddr @set5 drop
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ payload load 4b @ network header + 16 => reg 9 ]
  [ lookup reg 1 set set5 ]
  [ immediate reg 0 drop ]

# add @set5 { ip saddr . ip daddr }
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ payload load 4b @ network header + 16 => reg 9 ]
  [ dynset add reg_key 1 set set5 ]

# ip saddr { { 1.1.1.0, 3.3.3.0 }, 2.2.2.0 }
__set%d t 3
__set%d t 0
	element 00010101  : 0 [end]	element 00030303  : 0 [end]	element 00020202  : 0 [end]
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __set%d ]

# ip saddr { { 1.1.1.0/24, 3.3.3.0/24 }, 2.2.2.0/24 }
__set%d t 7
__set%d t 0
	element 00000000  : 1 [end]	element 00010101  : 0 [end]	element 00020101  : 1 [end]	element 00020202  : 0 [end]	element 00030202  : 1 [end]	element 00030303  : 0 [end]	element 00040303  : 1 [end]
inet test-inet input
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __set%d ]

# ip saddr @set6 drop
inet
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set set6 ]
  [ immediate reg 0 drop ]

# ip saddr vmap { 1.1.1.1 : drop, * : accept }
__map%d test-inet b
__map%d test-inet 0
        element 01010101  : drop 0 [end]        element  : accept 2 [end]
inet
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 0 ]

# meta mark set ip saddr map { 1.1.1.1 : 0x00000001, * : 0x00000002 }
__map%d test-inet b
__map%d test-inet 0
        element 01010101  : 00000001 0 [end]    element  : 00000002 2 [end]
inet
  [ meta load nfproto => reg 1 ]
  [ cmp eq reg 1 0x00000002 ]
  [ payload load 4b @ network header + 12 => reg 1 ]
  [ lookup reg 1 set __map%d dreg 1 ]
  [ meta set mark with reg 1 ]