Even if iptables-nft doesn't generate them anymore, it should continue
to correctly parse them. Make sure this is tested for.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
.../nft-only/0010-native-delinearize_0 | 26 +++++++++++++++++++
1 file changed, 26 insertions(+)
create mode 100755 iptables/tests/shell/testcases/nft-only/0010-native-delinearize_0
diff --git a/iptables/tests/shell/testcases/nft-only/0010-native-delinearize_0 b/iptables/tests/shell/testcases/nft-only/0010-native-delinearize_0
new file mode 100755
index 0000000000000..cca36fd88d6c7
--- /dev/null
+++ b/iptables/tests/shell/testcases/nft-only/0010-native-delinearize_0
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+[[ $XT_MULTI == *xtables-nft-multi ]] || { echo "skip $XT_MULTI"; exit 0; }
+nft -v >/dev/null || exit 0
+
+set -e
+
+nft -f - <<EOF
+table ip filter {
+ chain FORWARD {
+ type filter hook forward priority filter;
+ limit rate 10/day counter
+ udp dport 42 counter
+ }
+}
+EOF
+
+EXPECT="*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A FORWARD -m limit --limit 10/day
+-A FORWARD -p udp -m udp --dport 42
+COMMIT"
+
+diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables-save | grep -v '^#')
--
2.34.1
