From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Fri, 1 Feb 2019 20:28:46 +0000 (+0100)
Subject: tests: shell: exercise abort path with anonymous set that is bound to rule
X-Git-Tag: v0.9.1~147
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a80997fa9a290462c5d001c5d448ddb2fbd7da5c;p=thirdparty%2Fnftables.git

tests: shell: exercise abort path with anonymous set that is bound to rule

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/tests/shell/testcases/transactions/0043set_1 b/tests/shell/testcases/transactions/0043set_1
new file mode 100755
index 00000000..a9135c19
--- /dev/null
+++ b/tests/shell/testcases/transactions/0043set_1
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+RULESET="add table ip test
+add set ip test foo { type ipv4_addr; }
+add chain ip test tc
+add element ip test foo { 1.2.3.4 }
+add rule ip test tc ip saddr { 1.2.3.4, 5.6.7.8 } accept
+delete table ip test
+add element ip test foo { 1.2.3.6 }"
+
+# kernel must return ENOENT
+$NFT -f - <<< "$RULESET" 2>/dev/null || exit 0
+echo "E: allowing element insertion on unexisting set"
+exit 1