From: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Thomas Haller <thaller@xxxxxxxxxx>
---
tests/shell/features/ctexpect.nft | 10 ++++
tests/shell/features/cttimeout.nft | 8 +++
tests/shell/testcases/listing/0013objects_0 | 50 +++++--------------
.../testcases/listing/dumps/0013objects_0.nft | 2 -
.../testcases/nft-f/0017ct_timeout_obj_0 | 2 +
5 files changed, 33 insertions(+), 39 deletions(-)
create mode 100644 tests/shell/features/ctexpect.nft
create mode 100644 tests/shell/features/cttimeout.nft
diff --git a/tests/shell/features/ctexpect.nft b/tests/shell/features/ctexpect.nft
new file mode 100644
index 000000000000..02c3dfd74bd4
--- /dev/null
+++ b/tests/shell/features/ctexpect.nft
@@ -0,0 +1,10 @@
+# 857b46027d6f ("netfilter: nft_ct: add ct expectations support")
+# v5.3-rc1~140^2~153^2~19
+table t {
+ ct expectation ctexpect {
+ protocol tcp
+ dport 5432
+ timeout 1h
+ size 12;
+ }
+}
diff --git a/tests/shell/features/cttimeout.nft b/tests/shell/features/cttimeout.nft
new file mode 100644
index 000000000000..4be58cd3c26b
--- /dev/null
+++ b/tests/shell/features/cttimeout.nft
@@ -0,0 +1,8 @@
+# 7e0b2b57f01d ("netfilter: nft_ct: add ct timeout support")
+# v4.19-rc1~140^2~64^2~3
+table t {
+ ct timeout cttime {
+ protocol tcp;
+ policy = {established: 120 }
+ }
+}
diff --git a/tests/shell/testcases/listing/0013objects_0 b/tests/shell/testcases/listing/0013objects_0
index c81b94e20f65..c78ada947a94 100755
--- a/tests/shell/testcases/listing/0013objects_0
+++ b/tests/shell/testcases/listing/0013objects_0
@@ -1,47 +1,23 @@
#!/bin/bash
-# list table with all objects and chains
-
-EXPECTED="table ip test {
- quota https-quota {
- 25 mbytes
- }
-
- ct helper cthelp {
- type \"sip\" protocol tcp
- l3proto ip
- }
-
- ct timeout cttime {
- protocol udp
- l3proto ip
- policy = { unreplied : 15s, replied : 12s }
- }
-
- ct expectation ctexpect {
- protocol tcp
- dport 5432
- timeout 1h
- size 12
- l3proto ip
- }
-
- chain input {
- }
-}"
-
set -e
$NFT add table test
$NFT add chain test input
$NFT add quota test https-quota 25 mbytes
$NFT add ct helper test cthelp { type \"sip\" protocol tcp \; }
-$NFT add ct timeout test cttime { protocol udp \; policy = {replied : 12, unreplied : 15 } \; }
-$NFT add ct expectation test ctexpect { protocol tcp \; dport 5432 \; timeout 1h \; size 12 \; }
-$NFT add table test-ip
+if [ "$NFT_TEST_HAVE_cttimeout" != n ] ; then
+ $NFT add ct timeout test cttime { protocol udp \; policy = {replied : 12, unreplied : 15 } \; }
+fi
+if [ "$NFT_TEST_HAVE_ctexpect" != n ] ; then
+ $NFT add ct expectation test ctexpect { protocol tcp \; dport 5432 \; timeout 1h \; size 12 \; }
+fi
-GET="$($NFT list table test)"
-if [ "$EXPECTED" != "$GET" ] ; then
- $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
- exit 1
+if [ "$NFT_TEST_HAVE_cttimeout" = n ] ; then
+ echo "Ran partial test due to NFT_TEST_HAVE_cttimeout=n (skipped)"
+ exit 77
+fi
+if [ "$NFT_TEST_HAVE_ctexpect" = n ] ; then
+ echo "Ran partial test due to NFT_TEST_HAVE_ctexpect=n (skipped)"
+ exit 77
fi
diff --git a/tests/shell/testcases/listing/dumps/0013objects_0.nft b/tests/shell/testcases/listing/dumps/0013objects_0.nft
index 1ea610f8b8d8..427db268163a 100644
--- a/tests/shell/testcases/listing/dumps/0013objects_0.nft
+++ b/tests/shell/testcases/listing/dumps/0013objects_0.nft
@@ -25,5 +25,3 @@ table ip test {
chain input {
}
}
-table ip test-ip {
-}
diff --git a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
index 4f407793b23b..cfb789501bea 100755
--- a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
+++ b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
@@ -1,5 +1,7 @@
#!/bin/bash
+# NFT_TEST_REQUIRES(NFT_TEST_HAVE_cttimeout)
+
EXPECTED='table ip filter {
ct timeout cttime{
protocol tcp
--
2.41.0
