Blame tests/shell/testcases/transactions/0040set_0
|
Packit |
c5a612 |
#!/bin/bash
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
set -e
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
RULESET="table ip filter {
|
|
Packit |
c5a612 |
map client_to_any {
|
|
Packit |
c5a612 |
type ipv4_addr : verdict
|
|
Packit |
c5a612 |
elements = { 1.2.3.4 : goto CIn_1 }
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
chain FORWARD {
|
|
Packit |
c5a612 |
type filter hook forward priority filter; policy accept;
|
|
Packit |
c5a612 |
goto client_to_any
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
chain client_to_any {
|
|
Packit |
c5a612 |
ip saddr vmap @client_to_any
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
chain CIn_1 {
|
|
Packit |
c5a612 |
}
|
|
Packit |
c5a612 |
}"
|
|
Packit |
c5a612 |
$NFT -f - <<< "$RULESET"
|
|
Packit |
c5a612 |
if [ $? -ne 0 ] ; then
|
|
Packit |
c5a612 |
echo "E: unable to load good ruleset" >&2
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
GET="$($NFT list ruleset)"
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
if [ "$RULESET" != "$GET" ] ; then
|
|
Packit Service |
1227cd |
DIFF="$(which diff)"
|
|
Packit Service |
1227cd |
[ -x $DIFF ] && $DIFF -u <(echo "$RULESET") <(echo "$GET")
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|
|
Packit |
c5a612 |
|
|
Packit |
c5a612 |
RULESET="delete element ip filter client_to_any { 1.2.3.4 : goto CIn_1 }
|
|
Packit |
c5a612 |
delete chain ip filter CIn_1"
|
|
Packit |
c5a612 |
$NFT -f - <<< "$RULESET"
|
|
Packit |
c5a612 |
if [ $? -ne 0 ] ; then
|
|
Packit |
c5a612 |
echo "E: unable to load good ruleset" >&2
|
|
Packit |
c5a612 |
exit 1
|
|
Packit |
c5a612 |
fi
|