From: Florian Westphal <fw@strlen.de>
Date: Mon, 4 May 2026 07:33:33 +0000 (+0200)
Subject: tests: shell: rate_limit: also check byte-based limit
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=c3e5593c06a6153600a83642d356bcaf44ea2709;p=thirdparty%2Fnftables.git

tests: shell: rate_limit: also check byte-based limit

Existing test case covered packets, also check the byte-based
rate-limiter.

Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/tests/shell/testcases/packetpath/rate_limit b/tests/shell/testcases/packetpath/rate_limit
index e0a8abc9..e39ce5a4 100755
--- a/tests/shell/testcases/packetpath/rate_limit
+++ b/tests/shell/testcases/packetpath/rate_limit
@@ -134,3 +134,19 @@ assert_fail result "tcp connection limit rate 1/sec burst 1 reject"
 sleep 1
 ip netns exec $C socat -u - TCP:${ip_sc}:80,reuseport,connect-timeout=1 <<< 'AAA'
 assert_pass result "tcp connection limit rate 1/sec burst 1 accept"
+
+ip netns exec $S $NFT flush chain filter in_tcp
+assert_pass "flush chain"
+
+ip netns exec $S $NFT add rule filter in_tcp iifname s_c tcp dport 80 limit rate over 1 mbytes/second drop
+assert_pass "limit rate"
+
+s=(date +%s)
+dd if=/dev/zero bs=1M count=4 | ip netns exec $C socat -u - TCP:${ip_sc}:80,reuseport,connect-timeout=1
+e=(date +%s)
+d=$((e-s))
+if [ $d -ge 4 ] && [ $d -le 5 ];then
+	echo "FAIL: limit not effective (xfer took $d s)"; exit 1
+else
+	echo "PASS: socat xfer took $d seconds"
+fi