3 # check iif/iifname/oifgroup/iiftype match.
5 # Kselftest framework requirement - SKIP code is 4.
7 sfx=$(mktemp -u "XXXXXXXX")
10 nft --version > /dev/null 2>&1
12 echo "SKIP: Could not run test without nft tool"
22 ip -net "$ns0" link set lo up
23 ip -net "$ns0" addr add 127.0.0.1 dev lo
27 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
30 counter iifnamecount {}
31 counter iifgroupcount {}
32 counter iiftypecount {}
33 counter infproto4count {}
34 counter il4protocounter {}
35 counter imarkcounter {}
38 counter oifnamecount {}
39 counter oifgroupcount {}
40 counter oiftypecount {}
41 counter onfproto4count {}
42 counter ol4protocounter {}
43 counter oskuidcounter {}
44 counter oskgidcounter {}
45 counter omarkcounter {}
48 type filter hook input priority 0; policy accept;
50 meta iif lo counter name "iifcount"
51 meta iifname "lo" counter name "iifnamecount"
52 meta iifgroup "default" counter name "iifgroupcount"
53 meta iiftype "loopback" counter name "iiftypecount"
54 meta nfproto ipv4 counter name "infproto4count"
55 meta l4proto icmp counter name "il4protocounter"
56 meta mark 42 counter name "imarkcounter"
60 type filter hook output priority 0; policy accept;
61 meta oif lo counter name "oifcount" counter
62 meta oifname "lo" counter name "oifnamecount"
63 meta oifgroup "default" counter name "oifgroupcount"
64 meta oiftype "loopback" counter name "oiftypecount"
65 meta nfproto ipv4 counter name "onfproto4count"
66 meta l4proto icmp counter name "ol4protocounter"
67 meta skuid 0 counter name "oskuidcounter"
68 meta skgid 0 counter name "oskgidcounter"
69 meta mark 42 counter name "omarkcounter"
75 echo "SKIP: Could not add test ruleset"
84 local want="packets $2"
87 cnt=$(ip netns exec "$ns0" nft list counter inet filter $cname | grep -q "$want")
89 echo "FAIL: $cname, want \"$want\", got"
91 ip netns exec "$ns0" nft list counter inet filter $counter
101 for counter in iifcount iifnamecount iifgroupcount iiftypecount infproto4count \
102 oifcount oifnamecount oifgroupcount oiftypecount onfproto4count \
106 check_one_counter "$counter" "$want" "$verbose"
110 check_lo_counters "0" false
111 ip netns exec "$ns0" ping -q -c 1 127.0.0.1 -m 42 > /dev/null
113 check_lo_counters "2" true
115 check_one_counter oskuidcounter "1" true
116 check_one_counter oskgidcounter "1" true
117 check_one_counter imarkcounter "1" true
118 check_one_counter omarkcounter "1" true
120 if [ $ret -eq 0 ];then
121 echo "OK: nftables meta iif/oif counters at expected values"