diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-09 13:08:37 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-09 13:08:37 +0000 |
| commit | 971e619d8602fa52b1bfcb3ea65b7ab96be85318 (patch) | |
| tree | 26feb2498c72b796e07b86349d17f544046de279 /tests/monitor/testcases/set-interval.t | |
| parent | Initial commit. (diff) | |
| download | nftables-upstream.tar.xz nftables-upstream.zip | |
Adding upstream version 1.0.9.upstream/1.0.9upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tests/monitor/testcases/set-interval.t')
| -rw-r--r-- | tests/monitor/testcases/set-interval.t | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/tests/monitor/testcases/set-interval.t b/tests/monitor/testcases/set-interval.t new file mode 100644 index 0000000..5053c59 --- /dev/null +++ b/tests/monitor/testcases/set-interval.t @@ -0,0 +1,30 @@ +# setup first +I add table ip t +I add chain ip t c +O - +J {"add": {"table": {"family": "ip", "name": "t", "handle": 0}}} +J {"add": {"chain": {"family": "ip", "table": "t", "name": "c", "handle": 0}}} + +# add set with elements, monitor output expectedly differs +I add set ip t s { type inet_service; flags interval; elements = { 20, 30-40 }; } +O add set ip t s { type inet_service; flags interval; } +O add element ip t s { 20 } +O add element ip t s { 30-40 } +J {"add": {"set": {"family": "ip", "name": "s", "table": "t", "type": "inet_service", "handle": 0, "flags": ["interval"]}}} +J {"add": {"element": {"family": "ip", "table": "t", "name": "s", "elem": {"set": [20]}}}} +J {"add": {"element": {"family": "ip", "table": "t", "name": "s", "elem": {"set": [{"range": [30, 40]}]}}}} + +# this would crash nft +I add rule ip t c tcp dport @s +O - +J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": "@s"}}]}}} + +# test anonymous interval sets as well +I add rule ip t c tcp dport { 20, 30-40 } +O - +J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"payload": {"protocol": "tcp", "field": "dport"}}, "right": {"set": [20, {"range": [30, 40]}]}}}]}}} + +# ... and anon concat range +I add rule ip t c ether saddr . ip saddr { 08:00:27:40:f7:09 . 192.168.56.10-192.168.56.12 } +O - +J {"add": {"rule": {"family": "ip", "table": "t", "chain": "c", "handle": 0, "expr": [{"match": {"op": "==", "left": {"concat": [{"payload": {"protocol": "ether", "field": "saddr"}}, {"payload": {"protocol": "ip", "field": "saddr"}}]}, "right": {"set": [{"concat": ["08:00:27:40:f7:09", {"range": ["192.168.56.10", "192.168.56.12"]}]}]}}}]}}} |