tests: shell: add open interval overlap tests

Extend coverage with corner cases with open interval overlaps.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/tests/shell/testcases/maps/open-interval-anonymous_0 b/tests/shell/testcases/maps/open-interval-anonymous_0
new file mode 100755 (executable)
index 0000000..0d7972e
--- /dev/null
+++ b/tests/shell/testcases/maps/open-interval-anonymous_0
@@ -0,0 +1,33 @@
+#/bin/bash
+
+RULESET="table ip x {
+       chain y {
+               type filter hook output priority 0;
+       }
+}"
+
+$NFT -f - <<< $RULESET
+
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.255 : 1}
+[ $? -ne 0 ] && echo "failed to add rule with open interval" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.254 : 2}
+[ $? -ne 0 ] && echo "failed to add rule without open interval" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.1 : 1, 255.255.255.2-255.255.255.254 : 2}
+[ $? -ne 0 ] && echo "failed to add adjacent intervals" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.1 : 1, 255.255.255.2-255.255.255.255 : 2}
+[ $? -ne 0 ] && echo "failed to add adjacent intervals with open interval" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.2-255.255.255.255 : 1, 255.255.255.0-255.255.255.1 : 2}
+[ $? -ne 0 ] && echo "failed to add adjacent intervals with open interval (different order)" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.255 : 1, 255.255.255.0-255.255.255.254 : 2}
+[ $? -eq 0 ] && echo "unexpected open interval overlap with multiple intervals" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.254 : 1, 255.255.255.0-255.255.255.255 : 2}
+[ $? -eq 0 ] && echo "unexpected open interval overlap with multiple intervals (different order)" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.3 : 1, 255.255.255.0-255.255.255.2 : 2}
+[ $? -eq 0 ] && echo "unexpected overlapping interval on start" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.0-255.255.255.3 : 1, 255.255.255.1-255.255.255.3 : 2}
+[ $? -eq 0 ] && echo "unexpected overlapping interval on end" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.1-255.255.255.3 : 1, 255.255.255.0-255.255.255.4 : 2}
+[ $? -eq 0 ] && echo "unexpected overlapping interval" && exit 1
+$NFT add rule ip x y meta mark set ip saddr map { 255.255.255.1-255.255.255.5 : 1, 255.255.255.2-255.255.255.3 : 2}
+[ $? -eq 0 ] && echo "unexpected overlapping interval again" && exit 1
+exit 0

diff --git a/tests/shell/testcases/sets/open-interval_0 b/tests/shell/testcases/sets/open-interval_0
new file mode 100755 (executable)
index 0000000..1be926a
--- /dev/null
+++ b/tests/shell/testcases/sets/open-interval_0
@@ -0,0 +1,65 @@
+#/bin/bash
+
+RULESET="table ip x {
+       set y {
+               type ipv4_addr
+               flags interval
+               counter
+       }
+
+       chain y {
+               type filter hook output priority 0;
+               ip daddr @y
+       }
+}"
+
+$NFT -f - <<< $RULESET
+
+# validate same interval
+$NFT add element ip x y { 1.1.1.1-2.2.2.2, 3.3.3.3-4.4.4.4 }
+[ $? -ne 0 ] && echo "failed to add simple intervals" && exit 1
+$NFT add element ip x y { 1.1.1.1-4.4.4.4 }
+[ $? -eq 0 ] && echo "unexpected add simple interval" && exit 1
+$NFT delete element ip x y { 1.1.1.1-4.4.4.4 }
+[ $? -eq 0 ] && echo "unexpected delete simple interval" && exit 1
+$NFT add element ip x y { 1.1.1.1-2.2.2.2 }
+[ $? -ne 0 ] && echo "failed to re-add simple interval" && exit 1
+$NFT delete element ip x y { 1.1.1.1-2.2.2.2 }
+[ $? -ne 0 ] && echo "failed to delete simple interval" && exit 1
+$NFT add element ip x y { 1.1.1.1-2.2.2.2 }
+[ $? -ne 0 ] && echo "failed to add simple interval again" && exit 1
+
+# now validate open interval
+$NFT add element ip x y { 255.255.255.0-255.255.255.255 }
+[ $? -ne 0 ] && echo "failed to add open interval" && exit 1
+$NFT add element ip x y { 255.255.255.0-255.255.255.255 }
+[ $? -ne 0 ] && echo "failed to re-add open interval" && exit 1
+# try add overlap on open interval
+$NFT add element ip x y { 255.255.255.0-255.255.255.254 }
+[ $? -eq 0 ] && echo "unexpected open interval overlap" && exit 1
+# try add overlap on open interval in one command
+$NFT add element ip x y { 255.255.255.0-255.255.255.255, 255.255.255.0-255.255.255.254 }
+[ $? -eq 0 ] && echo "unexpected open interval overlap with multiple intervals" && exit 1
+$NFT add element ip x y { 255.255.255.0-255.255.255.254, 255.255.255.0-255.255.255.255 }
+[ $? -eq 0 ] && echo "unexpected open interval overlap with multiple intervals (different order)" && exit 1
+# try more overlaps on existing open interval
+$NFT add element ip x y { 255.255.255.1-255.255.255.255 }
+[ $? -eq 0 ] && echo "unexpected inner open interval overlap" && exit 1
+$NFT add element ip x y { 255.255.255.1-255.255.255.254 }
+[ $? -eq 0 ] && echo "unexpected inner interval overlap" && exit 1
+$NFT flush set ip x y
+$NFT add element ip x y { 255.255.255.0-255.255.255.254 }
+[ $? -ne 0 ] && echo "failed to add interval" && exit 1
+$NFT add element ip x y { 255.255.255.0-255.255.255.254 }
+[ $? -ne 0 ] && echo "failed to re-add interval" && exit 1
+# try open interval overlap on existing interval
+$NFT add element ip x y { 255.255.255.0-255.255.255.255 }
+[ $? -eq 0 ] && echo "unexpected open interval over interval" && exit 1
+# try open interval overlap on existing interval
+$NFT add element ip x y { 255.255.255.1-255.255.255.255 }
+[ $? -eq 0 ] && echo "unexpected inner open interval over interval" && exit 1
+$NFT add element ip x y { 255.255.255.0-255.255.255.254, 255.255.255.0-255.255.255.255 }
+[ $? -eq 0 ] && echo "unexpected inner open interval over with multiple intervals" && exit 1
+$NFT add element ip x y { 255.255.255.0-255.255.255.255, 255.255.255.0-255.255.255.254 }
+[ $? -eq 0 ] && echo "unexpected inner open interval over with multiple intervals (different order)" && exit 1
+exit 0