Blame tests/shell/testcases/sets/0022type_selective_flush_0
|
Packit |
c5a612 |
#!/bin/bash
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
# This tests the selectiveness of flush command on structures that use the
|
|
Packit |
c5a612 |
# generic set infrastructure (sets, maps and meters).
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
RULESET="
|
|
Packit |
c5a612 |
add table t
|
|
Packit |
c5a612 |
add chain t c
|
|
Packit |
c5a612 |
add set t s {type ipv4_addr;}
|
|
Packit |
c5a612 |
add map t m {type ipv4_addr : inet_service;}
|
|
Packit |
c5a612 |
add rule t c tcp dport 80 meter f size 1024 {ip saddr limit rate 10/second}
|
|
Packit |
c5a612 |
"
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
$NFT -f - <<< "$RULESET"
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
# Commands that should be invalid
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
declare -a cmds=(
|
|
Packit |
c5a612 |
"flush set t m" "flush set t f"
|
|
Packit |
c5a612 |
"flush map t s" "flush map t f"
|
|
Packit |
c5a612 |
"flush meter t s" "flush meter t m"
|
|
Packit |
c5a612 |
)
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
for i in "${cmds[@]}"
|
|
Packit |
c5a612 |
do
|
|
Packit |
c5a612 |
$NFT "$i" &>/dev/null
|
|
Packit |
c5a612 |
ret=$?
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
if [ $ret -eq 0 ]; then
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
done
|