tests: shell: split single element in anonymous set

Split this to move set stateful expression support into a separated test
not to harm existing coverage.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/shell/testcases/optimizations/dumps/single_anon_set.nft b/tests/shell/testcases/optimizations/dumps/single_anon_set.nft
index 3f703034d80f6a8cafd9d744a746614bf4c9da5a..35e3f36e1a548fe859f0a7ee65fae4ac0dcce689 100644 (file)
--- a/tests/shell/testcases/optimizations/dumps/single_anon_set.nft
+++ b/tests/shell/testcases/optimizations/dumps/single_anon_set.nft
@@ -11,6 +11,5 @@ table ip test {
                ip daddr . tcp dport { 192.168.0.1 . 22 } accept
                meta mark set ip daddr map { 192.168.0.1 : 0x00000001 }
                ct state { established, related } accept
-               meta mark { 0x0000000a counter packets 0 bytes 0 }
        }
 }

diff --git a/tests/shell/testcases/optimizations/dumps/single_anon_set_expr.nft b/tests/shell/testcases/optimizations/dumps/single_anon_set_expr.nft
new file mode 100644 (file)
index 0000000..54880b9
--- /dev/null
+++ b/tests/shell/testcases/optimizations/dumps/single_anon_set_expr.nft
@@ -0,0 +1,5 @@
+table ip test {
+       chain test {
+               meta mark { 0x0000000a counter packets 0 bytes 0 }
+       }
+}

diff --git a/tests/shell/testcases/optimizations/single_anon_set b/tests/shell/testcases/optimizations/single_anon_set
index 84fc2a7f03a88d3440bbe300a8158179c211efb2..632e965f37a798ffe6c00317f81a55a6b86ccde2 100755 (executable)
--- a/tests/shell/testcases/optimizations/single_anon_set
+++ b/tests/shell/testcases/optimizations/single_anon_set
@@ -46,9 +46,6 @@ table ip test {
                # ct state cannot be both established and related
                # at the same time, but this needs extra work.
                ct state { established, related } accept
-
-               # with stateful statement
-               meta mark { 0x0000000a counter }
        }
 }
 EOF

diff --git a/tests/shell/testcases/optimizations/single_anon_set_expr b/tests/shell/testcases/optimizations/single_anon_set_expr
new file mode 100755 (executable)
index 0000000..81b7ceb
--- /dev/null
+++ b/tests/shell/testcases/optimizations/single_anon_set_expr
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# NFT_TEST_REQUIRES(NFT_TEST_HAVE_set_expr)
+
+set -e
+
+test -d "$NFT_TEST_TESTTMPDIR"
+
+# Input file contains rules with anon sets that contain
+# one element, plus extra rule with two elements (that should be
+# left alone).
+
+# Dump file has the simplified rules where anon sets have been
+# replaced by equality tests where possible.
+file_input1="$NFT_TEST_TESTTMPDIR/input1.nft"
+
+cat <<EOF > "$file_input1"
+table ip test {
+       chain test {
+               # with stateful statement
+               meta mark { 0x0000000a counter }
+       }
+}
+EOF
+
+$NFT -f "$file_input1"