tests: restrict meta nfproto test cases to inet family

Followup patch will reject meta nfproto for non-inet families.

Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/py/any/meta.t b/tests/py/any/meta.t
index fc041bf5c184c81bda8ebf2943bda8408a9f6b3d..dd335ab86f7170e38293072f3a4d898c9319c126 100644 (file)
--- a/tests/py/any/meta.t
+++ b/tests/py/any/meta.t
@@ -25,11 +25,6 @@ meta protocol != {ip, arp, ip6, vlan};ok
 meta protocol ip;ok
 meta protocol != ip;ok
 
-meta nfproto ipv4;ok
-meta nfproto ipv6;ok
-meta nfproto {ipv4, ipv6};ok
-meta nfproto != {ipv4, ipv6};ok
-
 meta l4proto 22;ok
 meta l4proto != 233;ok
 meta l4proto 33-45;ok

diff --git a/tests/py/any/meta.t.payload b/tests/py/any/meta.t.payload
index 871f1ada5abe9bac39dc73037bbdca57187cbc82..b2065f3d920b4487831554975f0b424ec2936744 100644 (file)
--- a/tests/py/any/meta.t.payload
+++ b/tests/py/any/meta.t.payload
@@ -104,32 +104,6 @@ ip test-ip4 input
   [ meta load protocol => reg 1 ]
   [ cmp neq reg 1 0x00000008 ]
 
-# meta nfproto ipv4
-ip test-ip4 input
-  [ meta load nfproto => reg 1 ]
-  [ cmp eq reg 1 0x00000002 ]
-
-# meta nfproto ipv6
-ip test-ip4 input
-  [ meta load nfproto => reg 1 ]
-  [ cmp eq reg 1 0x0000000a ]
-
-# meta nfproto {ipv4, ipv6}
-__set%d test-ip4 3
-__set%d test-ip4 0
-       element 00000002  : 0 [end]     element 0000000a  : 0 [end]
-ip test-ip4 input
-  [ meta load nfproto => reg 1 ]
-  [ lookup reg 1 set __set%d ]
-
-# meta nfproto != {ipv4, ipv6}
-__set%d test-ip4 3
-__set%d test-ip4 0
-       element 00000002  : 0 [end]     element 0000000a  : 0 [end]
-ip test-ip4 input
-  [ meta load nfproto => reg 1 ]
-  [ lookup reg 1 set __set%d 0x1 ]
-
 # meta l4proto 22
 ip test-ip4 input
   [ meta load l4proto => reg 1 ]

diff --git a/tests/py/inet/meta.t b/tests/py/inet/meta.t
new file mode 100644 (file)
index 0000000..723dd46
--- /dev/null
+++ b/tests/py/inet/meta.t
@@ -0,0 +1,10 @@
+:input;type filter hook input priority 0
+:ingress;type filter hook ingress device lo priority 0
+
+*inet;test-inet;input
+
+meta nfproto ipv4;ok
+meta nfproto ipv6;ok
+meta nfproto {ipv4, ipv6};ok
+meta nfproto != {ipv4, ipv6};ok
+

diff --git a/tests/py/inet/meta.t.payload b/tests/py/inet/meta.t.payload
new file mode 100644 (file)
index 0000000..8b6759a
--- /dev/null
+++ b/tests/py/inet/meta.t.payload
@@ -0,0 +1,25 @@
+# meta nfproto ipv4
+ip test-ip4 input
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x00000002 ]
+
+# meta nfproto ipv6
+ip test-ip4 input
+  [ meta load nfproto => reg 1 ]
+  [ cmp eq reg 1 0x0000000a ]
+
+# meta nfproto {ipv4, ipv6}
+__set%d test-ip4 3
+__set%d test-ip4 0
+       element 00000002  : 0 [end]     element 0000000a  : 0 [end]
+ip test-ip4 input
+  [ meta load nfproto => reg 1 ]
+  [ lookup reg 1 set __set%d ]
+
+# meta nfproto != {ipv4, ipv6}
+__set%d test-ip4 3
+__set%d test-ip4 0
+       element 00000002  : 0 [end]     element 0000000a  : 0 [end]
+ip test-ip4 input
+  [ meta load nfproto => reg 1 ]
+  [ lookup reg 1 set __set%d 0x1 ]

diff --git a/tests/shell/testcases/listing/0011sets_0 b/tests/shell/testcases/listing/0011sets_0
index 75f2895ff7e50b74ae0e919f69804b4d279e0038..f021962a3881245bcea6cb39e70ef03f1cee1b21 100755 (executable)
--- a/tests/shell/testcases/listing/0011sets_0
+++ b/tests/shell/testcases/listing/0011sets_0
@@ -25,7 +25,7 @@ $NFT add rule ip6 test test udp sport {123}
 
 $NFT add table arp test_arp
 $NFT add chain arp test_arp test
-$NFT add rule arp test_arp test meta nfproto {ipv4}
+$NFT add rule arp test_arp test meta mark {123}
 
 $NFT add table bridge test_bridge
 $NFT add chain bridge test_bridge test