tests: shell: combine flowtable devices with variable expression

Expand test with flowtable devices defined with variables to improve
coverage.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/shell/testcases/flowtable/0012flowtable_variable_0 b/tests/shell/testcases/flowtable/0012flowtable_variable_0
index ff35548ed8543b7df9a12bd8fe2d539c469a679a..71d2638b49760a9f8252af7c9615caf0ec4ef7ce 100755 (executable)
--- a/tests/shell/testcases/flowtable/0012flowtable_variable_0
+++ b/tests/shell/testcases/flowtable/0012flowtable_variable_0
@@ -9,14 +9,20 @@ ft_deldev() {
 }
 
 iface_cleanup() {
+       ip link del dummy0 &>/dev/null || :
        ip link del dummy1 &>/dev/null || :
        if [ "$NFT_TEST_HAVE_ifname_based_hooks" = y ]; then
                ft_deldev filter1 Main_ft1 dummy1
                ft_deldev filter2 Main_ft2 dummy1
+               ft_deldev filter3 Main_ft3 dummy0
+               ft_deldev filter3 Main_ft3 dummy1
+               ft_deldev filter4 Main_ft4 dummy0
+               ft_deldev filter4 Main_ft4 dummy1
        fi
 }
 trap 'iface_cleanup' EXIT
 
+ip link add name dummy0 type dummy
 ip link add name dummy1 type dummy
 
 EXPECTED="define if_main = { lo, dummy1 }
@@ -42,3 +48,31 @@ table filter2 {
 }"
 
 $NFT -f - <<< $EXPECTED
+
+RULESET="define var1 = \"dummy0\"
+define var2 = { dummy1 }
+define var3 = { lo, \$var1, \$var2 }
+
+table filter3 {
+       flowtable Main_ft3 {
+               hook ingress priority filter
+               counter
+               devices = { \$var3 }
+       }
+}"
+
+$NFT -f - <<< $RULESET
+
+RULESET="define var1 = \"dummy0\"
+define var2 = { dummy1 }
+define var3 = { lo, \$var1, \$var2 }
+
+table filter4 {
+       flowtable Main_ft4 {
+               hook ingress priority filter
+               counter
+               devices = \$var3
+       }
+}"
+
+$NFT -f - <<< $RULESET

diff --git a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft
index 10f1df98874abf6a50c6afd4f68d13115b6e1e73..70f039fafbedfbe932d5827e75fdee650c08c451 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft
+++ b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.json-nft
@@ -42,6 +42,42 @@
         "prio": 0,
         "dev": "lo"
       }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter3",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "Main_ft3",
+        "table": "filter3",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
+    },
+    {
+      "table": {
+        "family": "ip",
+        "name": "filter4",
+        "handle": 0
+      }
+    },
+    {
+      "flowtable": {
+        "family": "ip",
+        "name": "Main_ft4",
+        "table": "filter4",
+        "handle": 0,
+        "hook": "ingress",
+        "prio": 0,
+        "dev": "lo"
+      }
     }
   ]
 }

diff --git a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft
index 7863822d754b900e9da202de0a74b3a48f9093b6..b598420a3451170807b79ae82a42ef4699edaf49 100644 (file)
--- a/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft
+++ b/tests/shell/testcases/flowtable/dumps/0012flowtable_variable_0.nft
@@ -12,3 +12,17 @@ table ip filter2 {
                counter
        }
 }
+table ip filter3 {
+       flowtable Main_ft3 {
+               hook ingress priority filter
+               devices = { "lo" }
+               counter
+       }
+}
+table ip filter4 {
+       flowtable Main_ft4 {
+               hook ingress priority filter
+               devices = { "lo" }
+               counter
+       }
+}