tests: shell: add tests for ct timeout objects

Add tests for listing ct timeout objects and input from file.

Signed-off-by: Harsha Sharma <harshasharmaiitr@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/tests/shell/testcases/listing/0013objects_0 b/tests/shell/testcases/listing/0013objects_0
index c5e0e323de3faa79b8e169db37b6b76548cde23e..2d72dbb53cc3d7af6f75489bac78f4839bea58c2 100755 (executable)
--- a/tests/shell/testcases/listing/0013objects_0
+++ b/tests/shell/testcases/listing/0013objects_0
@@ -12,6 +12,12 @@ EXPECTED="table ip test {
                l3proto ip
        }
 
+       ct timeout cttime {
+               protocol udp;
+               l3proto ip
+               policy = {unreplied: 15, replied: 12}
+       }
+
        chain input {
        }
 }"
@@ -22,6 +28,7 @@ $NFT add table test
 $NFT add chain test input
 $NFT add quota test https-quota 25 mbytes
 $NFT add ct helper test cthelp { type \"sip\" protocol tcp \; }
+$NFT add ct timeout test cttime { protocol udp \; policy = {replied: 12, unreplied: 15 } \; }
 $NFT add table test-ip
 
 GET="$($NFT list table test)"

diff --git a/tests/shell/testcases/nft-f/0017ct_timeout_obj_0 b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
new file mode 100755 (executable)
index 0000000..1d03dbf
--- /dev/null
+++ b/tests/shell/testcases/nft-f/0017ct_timeout_obj_0
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+EXPECTED='table ip filter {
+       ct timeout cttime{
+               protocol tcp;
+               l3proto ip
+               policy = {established: 123, close: 12}
+       }
+
+       chain c {
+               ct timeout set "cttime"
+       }
+}'
+
+set -e
+$NFT -f - <<< $EXPECTED