tests/shell/testcases/sets/sets_with_ifnames


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

#!/bin/bash

dumpfile=$(dirname $0)/dumps/$(basename $0).nft

[ -z "$NFT" ] && exit 111

$NFT -f "$dumpfile" || exit 1

rnd=$(mktemp -u XXXXXXXX)
ns1="nft1ifname-$rnd"
ns2="nft2ifname-$rnd"

cleanup()
{
	ip netns del "$ns1"
}

trap cleanup EXIT

check_elem()
{
	setname=$1
	ifname=$2
	fail=$3
	result=$4

	if [ -z "$result" ]; then
		result=$ifname
	fi

	if [ $fail -eq 1 ]; then
		ip netns exec "$ns1" $NFT get element inet testifsets $setname { "$ifname" } && exit 2
	else
		result=$(ip netns exec "$ns1" $NFT get element inet testifsets $setname { "$ifname" } | grep "$result" )

		if [ -z "$result" ] ; then
			echo "empty result, expected $ifname"
			ip netns exec "$ns1" $NFT get element inet testifsets $setname { "$ifname" }
			exit 1
		fi
	fi
}

# send pings, check all rules with sets that contain abcdef1 match.
# there are 4 rules in this chain, 4 should match.
check_matching_icmp_ppp()
{
	pkt=$((RANDOM%10))
	pkt=$((pkt+1))
	ip netns exec "$ns1" ping -f -c $pkt 10.1.2.2

	# replies should arrive via 'abcdeg', so, should NOT increment any counters.
	ip netns exec "$ns1" ping -f -c 100 10.2.2.2

	matches=$(ip netns exec "$ns1" $NFT list chain inet testifsets v4icmp | grep "counter packets $pkt " | wc -l)
	want=3

	if [ "$matches" -ne $want ] ;then
		echo "Excpected $matches matching rules, got $want, packets $pkt"
		ip netns exec "$ns1" $NFT list ruleset
		exit 1
	fi
}

ip netns add "$ns1" || exit 111
ip netns add "$ns2" || exit 111
ip netns exec "$ns1" $NFT -f "$dumpfile" || exit 3

for n in abcdef0 abcdef1 othername;do
	check_elem simple $n 0
done

check_elem simple foo 1

for n in ppp0 othername;do
	check_elem simple_wild $n 0
done

check_elem simple_wild enoent 1
check_elem simple_wild ppp0 0
check_elem simple_wild abcdefghijk 0 'abcdef\*'

set -e
ip -net "$ns1" link set lo up
ip -net "$ns2" link set lo up
ip netns exec "$ns1" ping -f -c 10 127.0.0.1

ip link add abcdef1 netns $ns1 type veth peer name veth0 netns $ns2
ip link add abcdeg  netns $ns1 type veth peer name veth1 netns $ns2

ip -net "$ns1" link set abcdef1 up
ip -net "$ns2" link set veth0 up
ip -net "$ns1" link set abcdeg up
ip -net "$ns2" link set veth1 up

ip -net "$ns1" addr add 10.1.2.1/24 dev abcdef1
ip -net "$ns1" addr add 10.2.2.1/24 dev abcdeg

ip -net "$ns2" addr add 10.1.2.2/24 dev veth0
ip -net "$ns2" addr add 10.2.2.2/24 dev veth1

check_matching_icmp_ppp