Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
.../maps/dumps/typeof_maps_add_delete.nft | 22 ++++++++++++
.../testcases/maps/typeof_maps_add_delete | 35 +++++++++++++++++++
2 files changed, 57 insertions(+)
create mode 100644 tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft
create mode 100755 tests/shell/testcases/maps/typeof_maps_add_delete
diff --git a/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft b/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft
new file mode 100644
index 000000000000..9134673cf48a
--- /dev/null
+++ b/tests/shell/testcases/maps/dumps/typeof_maps_add_delete.nft
@@ -0,0 +1,22 @@
+table ip dynset {
+ map dynmark {
+ typeof ip daddr : meta mark
+ size 64
+ counter
+ timeout 5m
+ }
+
+ chain test_ping {
+ ip saddr @dynmark counter packets 0 bytes 0 comment "should not increment"
+ ip saddr != @dynmark add @dynmark { ip saddr : 0x00000001 } counter packets 1 bytes 84
+ ip saddr @dynmark counter packets 1 bytes 84 comment "should increment"
+ ip saddr @dynmark delete @dynmark { ip saddr : 0x00000001 }
+ ip saddr @dynmark counter packets 0 bytes 0 comment "delete should be instant but might fail under memory pressure"
+ }
+
+ chain input {
+ type filter hook input priority filter; policy accept;
+ add @dynmark { 10.2.3.4 timeout 1s : 0x00000002 } comment "also check timeout-gc"
+ meta l4proto icmp ip daddr 127.0.0.42 jump test_ping
+ }
+}
diff --git a/tests/shell/testcases/maps/typeof_maps_add_delete b/tests/shell/testcases/maps/typeof_maps_add_delete
new file mode 100755
index 000000000000..341de538e90e
--- /dev/null
+++ b/tests/shell/testcases/maps/typeof_maps_add_delete
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+EXPECTED='table ip dynset {
+ map dynmark {
+ typeof ip daddr : meta mark
+ counter
+ size 64
+ timeout 5m
+ }
+
+ chain test_ping {
+ ip saddr @dynmark counter comment "should not increment"
+ ip saddr != @dynmark add @dynmark { ip saddr : 0x1 } counter
+ ip saddr @dynmark counter comment "should increment"
+ ip saddr @dynmark delete @dynmark { ip saddr : 0x1 }
+ ip saddr @dynmark counter comment "delete should be instant but might fail under memory pressure"
+ }
+
+ chain input {
+ type filter hook input priority 0; policy accept;
+
+ add @dynmark { 10.2.3.4 timeout 1s : 0x2 } comment "also check timeout-gc"
+ meta l4proto icmp ip daddr 127.0.0.42 jump test_ping
+ }
+}'
+
+set -e
+$NFT -f - <<< $EXPECTED
+$NFT list ruleset
+
+ip link set lo up
+ping -c 1 127.0.0.42
+
+# wait so that 10.2.3.4 times out.
+sleep 2
--
2.41.0
