[PATCH nft,v2 3/3] tests: extend reset test case to cover interval set and map type

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Florian Westphal <fw@xxxxxxxxx>

Make sure segtree processing doesn't drop associated stateful elements.

Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
v2: add map tests.

 tests/shell/testcases/sets/reset_command_0 | 70 ++++++++++++++++++----
 1 file changed, 60 insertions(+), 10 deletions(-)

diff --git a/tests/shell/testcases/sets/reset_command_0 b/tests/shell/testcases/sets/reset_command_0
index d38ddb3ffeeb..c59cc56d20b8 100755
--- a/tests/shell/testcases/sets/reset_command_0
+++ b/tests/shell/testcases/sets/reset_command_0
@@ -17,6 +17,19 @@ RULESET="table t {
 			2.0.0.2 . tcp . 22 counter packets 10 bytes 100 timeout 15m expires 10m
 		}
 	}
+
+	set s2 {
+		type ipv4_addr
+		flags interval, timeout
+		counter
+		timeout 30m
+		elements = {
+			1.0.0.1 counter packets 5 bytes 30 expires 20m,
+			1.0.1.1-1.0.1.10 counter packets 5 bytes 30 expires 20m,
+			2.0.0.2 counter packets 10 bytes 100 timeout 15m expires 10m
+		}
+	}
+
 	map m {
 		type ipv4_addr : ipv4_addr
 		quota 50 bytes
@@ -25,6 +38,27 @@ RULESET="table t {
 			5.6.7.8 quota 100 bytes used 50 bytes : 50.6.7.8
 		}
 	}
+
+	map m1 {
+		type ipv4_addr : ipv4_addr
+		counter
+		timeout 30m
+		elements = {
+			1.2.3.4 counter packets 5 bytes 30 expires 20m : 10.2.3.4,
+			5.6.7.8 counter packets 10 bytes 100 timeout 15m expires 10m : 50.6.7.8
+		}
+	}
+
+	map m2 {
+		type ipv4_addr : ipv4_addr
+		flags interval, timeout
+		counter
+		timeout 30m
+		elements = {
+			1.2.3.4-1.2.3.10 counter packets 5 bytes 30 expires 20m : 10.2.3.4,
+			5.6.7.8-5.6.7.10 counter packets 10 bytes 100 timeout 15m expires 10m : 50.6.7.8
+		}
+	}
 }"
 
 echo -n "applying test ruleset: "
@@ -38,17 +72,33 @@ expires_minutes() {
 	sed -n 's/.*expires \([0-9]*\)m.*/\1/p'
 }
 
-echo -n "get set elem matches reset set elem: "
-elem='element t s { 1.0.0.1 . udp . 53 }'
-[[ $($NFT "get $elem ; reset $elem" | \
-	grep 'elements = ' | drop_seconds | uniq | wc -l) == 1 ]]
-echo OK
+get_and_reset()
+{
+	local setname="$1"
+	local key="$2"
 
-echo -n "counters are reset, expiry left alone: "
-NEW=$($NFT "get $elem")
-grep -q 'counter packets 0 bytes 0' <<< "$NEW"
-[[ $(expires_minutes <<< "$NEW") -lt 20 ]]
-echo OK
+	echo -n "get set elem matches reset set elem in set $setname: "
+
+	elem="element t $setname { $key }"
+	echo $NFT get $elem
+	$NFT get $elem
+	[[ $($NFT "get $elem ; reset $elem" | \
+		grep 'elements = ' | drop_seconds | uniq | wc -l) == 1 ]]
+	echo OK
+
+	echo -n "counters are reset, expiry left alone in set $setname: "
+	NEW=$($NFT "get $elem")
+	echo NEW $NEW
+	grep -q 'counter packets 0 bytes 0' <<< "$NEW"
+	[[ $(expires_minutes <<< "$NEW") -lt 20 ]]
+	echo OK
+}
+
+get_and_reset "s" "1.0.0.1 . udp . 53"
+get_and_reset "s2" "1.0.0.1"
+get_and_reset "s2" "1.0.1.1-1.0.1.10"
+get_and_reset "m1" "1.2.3.4"
+get_and_reset "m2" "1.2.3.4-1.2.3.10"
 
 echo -n "get map elem matches reset map elem: "
 elem='element t m { 1.2.3.4 }'
-- 
2.30.2





[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux