Extend existing test to reset counters for rules with anonymous set. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1763 Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- .../testcases/rule_management/0011reset_0 | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/shell/testcases/rule_management/0011reset_0 b/tests/shell/testcases/rule_management/0011reset_0 index 3fede56fb7d8..2004b17d5822 100755 --- a/tests/shell/testcases/rule_management/0011reset_0 +++ b/tests/shell/testcases/rule_management/0011reset_0 @@ -4,6 +4,27 @@ set -e +echo "loading ruleset with anonymous set" +$NFT -f - <<EOF +table t { + chain dns-nat-pre { + type nat hook prerouting priority filter; policy accept; + meta l4proto { tcp, udp } th dport 53 ip saddr 10.24.0.0/24 ip daddr != 10.25.0.1 counter packets 1000 bytes 1000 dnat to 10.25.0.1 + } +} +EOF + +echo "resetting ruleset with anonymous set" +$NFT reset rules +EXPECT='table ip t { + chain dns-nat-pre { + type nat hook prerouting priority filter; policy accept; + meta l4proto { tcp, udp } th dport 53 ip saddr 10.24.0.0/24 ip daddr != 10.25.0.1 counter packets 0 bytes 0 dnat to 10.25.0.1 + } +}' +$DIFF -u <(echo "$EXPECT") <($NFT list ruleset) +$NFT flush ruleset + echo "loading ruleset" $NFT -f - <<EOF table ip t { -- 2.30.2