#!/bin/bash

# test a kernel rollback operation
# fail reason: invalid jump

GOOD_RULESET="table ip t {
	set t {
		type ipv4_addr
		elements = { 1.1.1.1 }
	}

	chain c {
		ct state new
		tcp dport { 22222, 33333 }
		ip saddr @t drop
		jump other
	}

	chain other {
	}
}"

BAD_RULESET="flush ruleset
table ip t2 {
	chain c2 {
		jump other
	}
}"

$NFT -f - <<< "$GOOD_RULESET"
if [ $? -ne 0 ] ; then
	echo "E: unable to load good ruleset" >&2
	exit 1
fi

$NFT -f - <<< "$BAD_RULESET" 2>/dev/null
if [ $? -eq 0 ]	; then
	echo "E: bogus ruleset loaded?" >&2
	exit 1
fi