tests: shell: auto-removal of chain hook on netns removal

This is the nft equivalent of the syzbot report that lead to
kernel commit 68a3765c659f8
("netfilter: nf_tables: skip netdev events generated on netns removal").

Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/tests/shell/testcases/chains/0043chain_ingress_0 b/tests/shell/testcases/chains/0043chain_ingress_0
index 86dc075d7923b93130111d1d5bdbbc6027a4d380..bff464687a6f8c46bad406598748edc54e82470f 100755 (executable)
--- a/tests/shell/testcases/chains/0043chain_ingress_0
+++ b/tests/shell/testcases/chains/0043chain_ingress_0
@@ -14,5 +14,11 @@ RULESET="table inet filter {
        }
 }"
 
+# Test auto-removal of chain hook on netns removal
+unshare -n bash -c "ip link add br0 type bridge; \
+ $NFT add table netdev test; \
+ $NFT add chain netdev test ingress { type filter hook ingress device \"br0\" priority 0\; policy drop\; } ; \
+" || exit 1
+
 $NFT -f - <<< "$RULESET" && exit 0
 exit 1