#!/bin/bash
# Make sure nft allows to delete existing ranges only
RULESET="
table t {
set s {
type ipv4_addr
flags interval
elements = { 192.168.1.0-192.168.1.254, 192.168.1.255 }
}
}"
$NFT -f - <<< "$RULESET" || { echo "E: Can't load basic ruleset" 1>&2; exit 1; }
$NFT delete element t s '{ 192.168.1.0/24 }' 2>/dev/null || exit 0
echo "E: Deletion of non-existing range allowed" 1>&2