Blame tests/shell/testcases/transactions/0040set_0
|
Packit Service |
e7ae83 |
#!/bin/bash
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
set -e
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
RULESET="table ip filter {
|
|
Packit Service |
e7ae83 |
map client_to_any {
|
|
Packit Service |
e7ae83 |
type ipv4_addr : verdict
|
|
Packit Service |
e7ae83 |
elements = { 1.2.3.4 : goto CIn_1 }
|
|
Packit Service |
e7ae83 |
}
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
chain FORWARD {
|
|
Packit Service |
e7ae83 |
type filter hook forward priority filter; policy accept;
|
|
Packit Service |
e7ae83 |
goto client_to_any
|
|
Packit Service |
e7ae83 |
}
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
chain client_to_any {
|
|
Packit Service |
e7ae83 |
ip saddr vmap @client_to_any
|
|
Packit Service |
e7ae83 |
}
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
chain CIn_1 {
|
|
Packit Service |
e7ae83 |
}
|
|
Packit Service |
e7ae83 |
}"
|
|
Packit Service |
e7ae83 |
$NFT -f - <<< "$RULESET"
|
|
Packit Service |
e7ae83 |
if [ $? -ne 0 ] ; then
|
|
Packit Service |
e7ae83 |
echo "E: unable to load good ruleset" >&2
|
|
Packit Service |
e7ae83 |
exit 1
|
|
Packit Service |
e7ae83 |
fi
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
GET="$($NFT list ruleset)"
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
if [ "$RULESET" != "$GET" ] ; then
|
|
Packit Service |
fbe584 |
$DIFF -u <(echo "$RULESET") <(echo "$GET")
|
|
Packit Service |
e7ae83 |
exit 1
|
|
Packit Service |
e7ae83 |
fi
|
|
Packit Service |
e7ae83 |
|
|
Packit Service |
e7ae83 |
RULESET="delete element ip filter client_to_any { 1.2.3.4 : goto CIn_1 }
|
|
Packit Service |
e7ae83 |
delete chain ip filter CIn_1"
|
|
Packit Service |
e7ae83 |
$NFT -f - <<< "$RULESET"
|
|
Packit Service |
e7ae83 |
if [ $? -ne 0 ] ; then
|
|
Packit Service |
e7ae83 |
echo "E: unable to load good ruleset" >&2
|
|
Packit Service |
e7ae83 |
exit 1
|
|
Packit Service |
e7ae83 |
fi
|