File: 0011sets_0

package info (click to toggle)
nftables 1.1.6-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 15,384 kB
  • sloc: ansic: 50,901; sh: 20,277; yacc: 5,861; python: 1,746; lex: 1,367; makefile: 392
file content (43 lines) | stat: -rwxr-xr-x 873 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
#!/bin/bash

# listing all sets, no anonymous sets allowed

EXPECTED="table ip nat {
}
table ip6 test {
}
table arp test_arp {
}
table bridge test_bridge {
}
table inet filter {
}"

set -e

$NFT add table ip nat
$NFT add chain ip nat test
$NFT add rule ip nat test tcp dport {123, 321}

$NFT add table ip6 test
$NFT add chain ip6 test test
$NFT add rule ip6 test test udp sport {123, 321}

$NFT add table arp test_arp
$NFT add chain arp test_arp test
$NFT add rule arp test_arp test meta mark {123, 321}

$NFT add table bridge test_bridge
$NFT add chain bridge test_bridge test
$NFT add rule bridge test_bridge test ip daddr {1.1.1.1, 2.2.2.2}

$NFT add table inet filter
$NFT add chain inet filter test
$NFT add rule inet filter test tcp dport {80, 443}

GET="$($NFT list sets)"

if [ "$EXPECTED" != "$GET" ] ; then
	$DIFF -u <(echo "$EXPECTED") <(echo "$GET")
	exit 1
fi