tests: shell: cover sets as set elems evaluation

Extend tests/shell coverage to exercise merging nested sets, provided
by fixes such as:

  a6b75b837f5e ("evaluate: set: Allow for set elems to be sets")

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/shell/testcases/sets/dumps/recursive_merge.nft b/tests/shell/testcases/sets/dumps/recursive_merge.nft
new file mode 100644 (file)
index 0000000..9206f9f
--- /dev/null
+++ b/tests/shell/testcases/sets/dumps/recursive_merge.nft
@@ -0,0 +1,8 @@
+table ip x {
+       chain y {
+               ip saddr { 1.1.1.0, 2.2.2.0, 3.3.3.0 }
+               ip saddr { 4.4.4.0, 5.5.5.0, 6.6.6.0 }
+               ip saddr { 4.4.4.0, 5.5.5.0, 6.6.6.0, 8.8.8.0 }
+               ip saddr { 1.1.1.0, 2.2.2.0, 7.7.7.0, 9.9.9.0 }
+       }
+}

diff --git a/tests/shell/testcases/sets/recursive_merge b/tests/shell/testcases/sets/recursive_merge
new file mode 100755 (executable)
index 0000000..f12f63b
--- /dev/null
+++ b/tests/shell/testcases/sets/recursive_merge
@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+RULESET="define myset2 = {
+      2.2.3.0,
+}
+define myset = {
+      1.1.1.0,
+      2.2.2.0,
+      $myset2,
+}
+define myset3 = {
+      { 1.1.1.0, 2.2.2.0 }
+}
+add table ip x
+add chain ip x y
+add rule ip x y ip saddr { \$myset, 3.3.3.0 }
+add rule ip x y ip saddr { { 4.4.4.0, 5.5.5.0 }, 6.6.6.0 }
+add rule ip x y ip saddr { { 8.8.8.0, { 4.4.4.0, 5.5.5.0 } }, 6.6.6.0 }
+add rule ip x y ip saddr { 9.9.9.0, \$myset3, 7.7.7.0 }"
+
+$NFT -f - <<< "$RULESET"