package/network/utils/nftables/patches/204-tests-shell-add-flowtable-tests.patch

   1 From: Pablo Neira Ayuso <pablo@netfilter.org>
   2 Date: Mon, 22 Jan 2018 19:54:36 +0100
   3 Subject: [PATCH] tests: shell: add flowtable tests
   4
   5 Add basic flowtable tests.
   6
   7 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   8 ---
   9  create mode 100755 tests/shell/testcases/flowtable/0001flowtable_0
  10  create mode 100755 tests/shell/testcases/flowtable/0002create_flowtable_0
  11  create mode 100755 tests/shell/testcases/flowtable/0003add_after_flush_0
  12  create mode 100755 tests/shell/testcases/flowtable/0004delete_after_add0
  13  create mode 100755 tests/shell/testcases/flowtable/0005delete_in_use_1
  14
  15 --- a/tests/shell/run-tests.sh
  16 +++ b/tests/shell/run-tests.sh
  17 @@ -68,7 +68,9 @@ kernel_cleanup() {
  18         nft_set_hash nft_set_rbtree nft_set_bitmap \
  19         nft_chain_nat_ipv4 nft_chain_nat_ipv6 \
  20         nf_tables_inet nf_tables_bridge nf_tables_arp \
  21 -       nf_tables_ipv4 nf_tables_ipv6 nf_tables
  22 +       nf_tables_ipv4 nf_tables_ipv6 nf_tables \
  23 +       nf_flow_table nf_flow_table_ipv4 nf_flow_tables_ipv6 \
  24 +       nf_flow_table_inet nft_flow_offload
  25  }
  26
  27  find_tests() {
  28 --- /dev/null
  29 +++ b/tests/shell/testcases/flowtable/0001flowtable_0
  30 @@ -0,0 +1,33 @@
  31 +#!/bin/bash
  32 +
  33 +tmpfile=$(mktemp)
  34 +if [ ! -w $tmpfile ] ; then
  35 +       echo "Failed to create tmp file" >&2
  36 +       exit 0
  37 +fi
  38 +
  39 +trap "rm -rf $tmpfile" EXIT # cleanup if aborted
  40 +
  41 +
  42 +EXPECTED='table inet t {
  43 +       flowtable f {
  44 +               hook ingress priority 10
  45 +               devices = { eth0, wlan0 }
  46 +       }
  47 +
  48 +       chain c {
  49 +               flow offload @f
  50 +       }
  51 +}'
  52 +
  53 +echo "$EXPECTED" > $tmpfile
  54 +set -e
  55 +$NFT -f $tmpfile
  56 +
  57 +GET="$($NFT list ruleset)"
  58 +
  59 +if [ "$EXPECTED" != "$GET" ] ; then
  60 +       DIFF="$(which diff)"
  61 +       [ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
  62 +       exit 1
  63 +fi
  64 --- /dev/null
  65 +++ b/tests/shell/testcases/flowtable/0002create_flowtable_0
  66 @@ -0,0 +1,12 @@
  67 +#!/bin/bash
  68 +
  69 +set -e
  70 +$NFT add table t
  71 +$NFT add flowtable t f { hook ingress priority 10 \; devices = { eth0, wlan0 }\; }
  72 +if $NFT create flowtable t f { hook ingress priority 10 \; devices = { eth0, wlan0 }\; } 2>/dev/null ; then
  73 +       echo "E: flowtable creation not failing on existing set" >&2
  74 +       exit 1
  75 +fi
  76 +$NFT add flowtable t f { hook ingress priority 10 \; devices = { eth0, wlan0 }\; }
  77 +
  78 +exit 0
  79 --- /dev/null
  80 +++ b/tests/shell/testcases/flowtable/0003add_after_flush_0
  81 @@ -0,0 +1,8 @@
  82 +#!/bin/bash
  83 +
  84 +set -e
  85 +$NFT add table x
  86 +$NFT add flowtable x y { hook ingress priority 0\; devices = { eth0, wlan0 }\;}
  87 +$NFT flush ruleset
  88 +$NFT add table x
  89 +$NFT add flowtable x y { hook ingress priority 0\; devices = { eth0, wlan0 }\;}
  90 --- /dev/null
  91 +++ b/tests/shell/testcases/flowtable/0004delete_after_add0
  92 @@ -0,0 +1,6 @@
  93 +#!/bin/bash
  94 +
  95 +set -e
  96 +$NFT add table x
  97 +$NFT add flowtable x y { hook ingress priority 0\; devices = { eth0, wlan0 }\;}
  98 +$NFT delete flowtable x y
  99 --- /dev/null
 100 +++ b/tests/shell/testcases/flowtable/0005delete_in_use_1
 101 @@ -0,0 +1,9 @@
 102 +#!/bin/bash
 103 +
 104 +set -e
 105 +$NFT add table x
 106 +$NFT add chain x x
 107 +$NFT add flowtable x y { hook ingress priority 0\; devices = { eth0, wlan0 }\;}
 108 +$NFT add rule x x flow offload @y
 109 +$NFT delete flowtable x y
 110 +echo "E: delete flowtable in use"