tests: shell: flush connlimit sets

Restored elements via set declaration are removed almost inmediately by
GC, this is causing spurious failures in test runs.

Flush sets to ensure dump is always consistent. Still, cover that
restoring a set with connlimit elements do not.

Fixes: 95d348d55a9e ("tests: shell: extend connlimit test")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/shell/testcases/sets/0062set_connlimit_0 b/tests/shell/testcases/sets/0062set_connlimit_0
index 48d589fe68cc3b90b46e331200ffb06a669382bf..dab1da061795ac96d9878132f510df610bf19c9f 100755 (executable)
--- a/tests/shell/testcases/sets/0062set_connlimit_0
+++ b/tests/shell/testcases/sets/0062set_connlimit_0
@@ -24,3 +24,6 @@ RULESET="table ip x {
 }"
 
 $NFT -f - <<< $RULESET
+
+$NFT flush set ip x est-connlimit
+$NFT flush set ip x new-connlimit

diff --git a/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft b/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft
index 080d675c3ac7ab8a44d7014c02bc102086880fbe..13bbb953d8c244148e1e519e9292057b6705d89f 100644 (file)
--- a/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft
+++ b/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft
@@ -3,7 +3,6 @@ table ip x {
                type ipv4_addr
                size 65535
                flags dynamic
-               elements = { 84.245.120.167 ct count over 20 }
        }
 
        set new-connlimit {
@@ -11,6 +10,5 @@ table ip x {
                size 65535
                flags dynamic
                ct count over 20
-               elements = { 84.245.120.167 ct count over 20 }
        }
 }