tests: add insert-failure test

It should not be possible to add a ip6 restricted helper to ip family.

Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/py/ip/objects.t b/tests/py/ip/objects.t
index ec8e8fd916d405df9f11e166e969591af61b2063..742ec6af25726bbf0d0af2c7f7f4e0aa3d2f5d27 100644 (file)
--- a/tests/py/ip/objects.t
+++ b/tests/py/ip/objects.t
@@ -6,6 +6,7 @@
 %cnt2 type counter;ok
 %qt1 type quota 25 mbytes;ok
 %qt2 type quota over 1 kbytes;ok
+%cthelp2 type ct helper { type \"ftp\" protocol tcp\; l3proto ip6\; };fail
 
 ip saddr 192.168.1.3 counter name "cnt2";ok
 ip saddr 192.168.1.3 counter name "cnt3";fail

diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py
index b22404076eddcef4626d5a4bb8549d98aee04fd5..8d1df3bc517aadb42d67072851b993ed70667adf 100755 (executable)
--- a/tests/py/nft-test.py
+++ b/tests/py/nft-test.py
@@ -517,12 +517,23 @@ def obj_add(o, test_result, filename, lineno):
             print_error(reason, filename, lineno)
             return -1
 
-        if not _obj_exist(o, filename, lineno):
-            reason = "I have just added the " + obj_handle + \
-                     " to the table " + table.name + " but it does not exist"
+        exist = _obj_exist(o, filename, lineno)
+
+        if exist:
+            if test_result == "ok":
+                 return 0
+            reason = "I added the " + obj_handle + \
+                     " to the table " + table.name + " but it should have failed"
             print_error(reason, filename, lineno)
             return -1
 
+        if test_result == "fail":
+            return 0
+
+        reason = "I have just added the " + obj_handle + \
+                 " to the table " + table.name + " but it does not exist"
+        print_error(reason, filename, lineno)
+        return -1
 
 def obj_delete(table, filename=None, lineno=None):
     '''