3 # check iif/iifname/oifgroup/iiftype match.
5 # Kselftest framework requirement - SKIP code is 4.
7 sfx=$(mktemp -u "XXXXXXXX")
10 if ! nft --version > /dev/null 2>&1; then
11 echo "SKIP: Could not run test without nft tool"
21 ip -net "$ns0" link set lo up
22 ip -net "$ns0" addr add 127.0.0.1 dev lo
26 currentyear=$(date +%Y)
27 lastyear=$((currentyear-1))
28 ip netns exec "$ns0" nft -f /dev/stdin <<EOF
31 counter iifnamecount {}
32 counter iifgroupcount {}
33 counter iiftypecount {}
34 counter infproto4count {}
35 counter il4protocounter {}
36 counter imarkcounter {}
37 counter icpu0counter {}
38 counter ilastyearcounter {}
39 counter icurrentyearcounter {}
42 counter oifnamecount {}
43 counter oifgroupcount {}
44 counter oiftypecount {}
45 counter onfproto4count {}
46 counter ol4protocounter {}
47 counter oskuidcounter {}
48 counter oskgidcounter {}
49 counter omarkcounter {}
52 type filter hook input priority 0; policy accept;
54 meta iif lo counter name "iifcount"
55 meta iifname "lo" counter name "iifnamecount"
56 meta iifgroup "default" counter name "iifgroupcount"
57 meta iiftype "loopback" counter name "iiftypecount"
58 meta nfproto ipv4 counter name "infproto4count"
59 meta l4proto icmp counter name "il4protocounter"
60 meta mark 42 counter name "imarkcounter"
61 meta cpu 0 counter name "icpu0counter"
62 meta time "$lastyear-01-01" - "$lastyear-12-31" counter name ilastyearcounter
63 meta time "$currentyear-01-01" - "$currentyear-12-31" counter name icurrentyearcounter
67 type filter hook output priority 0; policy accept;
68 meta oif lo counter name "oifcount" counter
69 meta oifname "lo" counter name "oifnamecount"
70 meta oifgroup "default" counter name "oifgroupcount"
71 meta oiftype "loopback" counter name "oiftypecount"
72 meta nfproto ipv4 counter name "onfproto4count"
73 meta l4proto icmp counter name "ol4protocounter"
74 meta skuid 0 counter name "oskuidcounter"
75 meta skgid 0 counter name "oskgidcounter"
76 meta mark 42 counter name "omarkcounter"
82 echo "SKIP: Could not add test ruleset"
91 local want="packets $2"
94 if ! ip netns exec "$ns0" nft list counter inet filter $cname | grep -q "$want"; then
95 echo "FAIL: $cname, want \"$want\", got"
97 ip netns exec "$ns0" nft list counter inet filter $cname
107 for counter in iifcount iifnamecount iifgroupcount iiftypecount infproto4count \
108 oifcount oifnamecount oifgroupcount oiftypecount onfproto4count \
109 il4protocounter icurrentyearcounter ol4protocounter \
111 check_one_counter "$counter" "$want" "$verbose"
115 check_lo_counters "0" false
116 ip netns exec "$ns0" ping -q -c 1 127.0.0.1 -m 42 > /dev/null
118 check_lo_counters "2" true
120 check_one_counter oskuidcounter "1" true
121 check_one_counter oskgidcounter "1" true
122 check_one_counter imarkcounter "1" true
123 check_one_counter omarkcounter "1" true
124 check_one_counter ilastyearcounter "0" true
126 if [ $ret -eq 0 ];then
127 echo "OK: nftables meta iif/oif counters at expected values"
132 #First CPU execution and counter
133 taskset -p 01 $$ > /dev/null
134 ip netns exec "$ns0" nft reset counters > /dev/null
135 ip netns exec "$ns0" ping -q -c 1 127.0.0.1 > /dev/null
136 check_one_counter icpu0counter "2" true
138 if [ $ret -eq 0 ];then
139 echo "OK: nftables meta cpu counter at expected values"