tests: py: Add test for ambiguity while setting the value

This test checks bug identified and fixed in the commit mentioned below
In a statement if there are  multiple src data then it  would be
totally ambiguous to decide which value to set.

Before the commit was made it returned 134(BUG), but now it returns 1
i.e, an error message.

Following rules tests ambiguity while setting the value:

 $ sudo nft add rule ip test-ip4 output ct mark set {0x11333, 0x11}
 <cmdline>:1:41-55: Error: you cannot use a set here, unknown value to use
 add rule ip test-ip4 output ct mark set {0x11333, 0x11}
                             ~~~~~~~~~~~~^^^^^^^^^^^^^^^

Test: 986dea8 ("evaluate: avoid reference to multiple src data in
statements which set values")
Signed-off-by: Shyam Saini <mayhs11saini@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/py/any/ct.t b/tests/py/any/ct.t
index 20f047a2963ba468d4aa06f9a7d1270b910428b4..275d2e71cf026fdebd5879e1427e1bb47f412876 100644 (file)
--- a/tests/py/any/ct.t
+++ b/tests/py/any/ct.t
@@ -58,6 +58,11 @@ ct mark set 0x11;ok;ct mark set 0x00000011
 ct mark set mark;ok;ct mark set mark
 ct mark set mark map { 1 : 10, 2 : 20, 3 : 30 };ok;ct mark set mark map { 0x00000003 : 0x0000001e, 0x00000002 : 0x00000014, 0x00000001 : 0x0000000a}
 
+ct mark set {0x11333, 0x11};fail
+ct zone set {123, 127};fail
+ct label set {123, 127};fail
+ct event set {new, related, destroy, label};fail
+
 ct expiration 30;ok;ct expiration 30s
 ct expiration 22;ok;ct expiration 22s
 ct expiration != 233;ok;ct expiration != 3m53s

diff --git a/tests/py/any/meta.t b/tests/py/any/meta.t
index 2ff942ff039d86ab65b989aa5cebbb0dac2ba1df..fc041bf5c184c81bda8ebf2943bda8408a9f6b3d 100644 (file)
--- a/tests/py/any/meta.t
+++ b/tests/py/any/meta.t
@@ -143,6 +143,9 @@ meta mark set 0xffffffde or 0x16;ok;mark set 0xffffffde
 meta mark set 0x32 or 0xfffff;ok;mark set 0x000fffff
 meta mark set 0xfffe xor 0x16;ok;mark set 0x0000ffe8
 
+meta mark set {0xffff, 0xcc};fail
+meta pkttype set {unicast, multicast, broadcast};fail
+
 meta iif "lo";ok;iif "lo"
 meta oif "lo";ok;oif "lo"
 meta oifname "dummy2" accept;ok;oifname "dummy2" accept

diff --git a/tests/py/bridge/ether.t b/tests/py/bridge/ether.t
index 5c6766eb2fa748f643ed76228bbc38bc0a3d36f7..15f5f857b19877b9bb496337adc094d742761300 100644 (file)
--- a/tests/py/bridge/ether.t
+++ b/tests/py/bridge/ether.t
@@ -8,3 +8,5 @@ tcp dport 22 ether saddr 00:0f:54:0c:11:04 ip daddr 1.2.3.4;ok
 ether saddr 00:0f:54:0c:11:04 ip daddr 1.2.3.4 accept;ok
 
 ether daddr 00:01:02:03:04:05 ether saddr set ff:fe:dc:ba:98:76 drop;ok
+
+ether daddr set {01:00:5e:00:01:01, 01:00:5e:00:02:02};fail

diff --git a/tests/py/inet/tcp.t b/tests/py/inet/tcp.t
index 5a0aab6755b52940f8b9bfcbf76f94e78ffc988e..f25be59969d7fd609ccba4713d5146bf265581dd 100644 (file)
--- a/tests/py/inet/tcp.t
+++ b/tests/py/inet/tcp.t
@@ -6,6 +6,8 @@
 *inet;test-inet;input
 *netdev;test-netdev;ingress
 
+tcp dport set {1, 2, 3};fail
+
 tcp dport 22;ok
 tcp dport != 233;ok
 tcp dport 33-45;ok

diff --git a/tests/py/inet/udp.t b/tests/py/inet/udp.t
index 2f16e6a19dfb2dc48bb6ebd2de89bc7af4b9689f..4e3eaa5105dcc564270cc4c87b62d9d8a90d4d87 100644 (file)
--- a/tests/py/inet/udp.t
+++ b/tests/py/inet/udp.t
@@ -15,6 +15,8 @@ udp sport != { 50, 60} accept;ok
 udp sport { 12-40};ok
 udp sport != { 13-24};ok
 
+udp dport set {1, 2, 3};fail
+
 udp dport 80 accept;ok
 udp dport != 60 accept;ok
 udp dport 70-75 accept;ok

diff --git a/tests/py/ip/ip.t b/tests/py/ip/ip.t
index f984646951decfbeb89f20c08e74d1a4a7be9a5e..9ab15df63a3d699124e7513f73b5d8812ef86f04 100644 (file)
--- a/tests/py/ip/ip.t
+++ b/tests/py/ip/ip.t
@@ -85,6 +85,8 @@ ip checksum != { 33, 55, 67, 88};ok
 ip checksum { 33-55};ok
 ip checksum != { 33-55};ok
 
+ip saddr set {192.19.1.2, 191.1.22.1};fail
+
 ip saddr 192.168.2.0/24;ok
 ip saddr != 192.168.2.0/24;ok
 ip saddr 192.168.3.1 ip daddr 192.168.3.100;ok