tests/shell/testcases/sets/0060set_multistmt_0


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

#!/bin/bash

# NFT_TEST_REQUIRES(NFT_TEST_HAVE_set_with_two_expressions)

RULESET="table x {
	set y {
		type ipv4_addr
		limit rate 1/second counter
		elements = { 5.5.5.5 limit rate 1/second counter packets 0 bytes 0 }
	}
	chain y {
		type filter hook output priority filter; policy accept;
		ip daddr @y
	}
}"

$NFT -f - <<< $RULESET
# should work
if [ $? -ne 0 ]
then
	exit 1
fi

# should work
$NFT add element x y { 1.1.1.1 limit rate 1/second counter }
if [ $? -ne 0 ]
then
	exit 1
fi

# should fail
$NFT add element x y { 2.2.2.2 limit rate 1/second }
if [ $? -eq 0 ]
then
	exit 1
fi

# should fail
$NFT add element x y { 3.3.3.3 counter limit rate 1/second }
if [ $? -eq 0 ]
then
	exit 1
fi

# should work
$NFT add element x y { 4.4.4.4 }
if [ $? -ne 0 ]
then
	exit 1
fi

exit 0