[PATCH nft] tests: shell: flush connlimit sets

[PATCH nft] tests: shell: flush connlimit sets

[Pablo Neira Ayuso]

Restored elements via set declaration are removed almost inmediately by
GC, this is causing spurious failures in test runs.

Flush sets to ensure dump is always consistent. Still, cover that
restoring a set with connlimit elements do not.

Fixes: 95d348d55a9e ("tests: shell: extend connlimit test")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/shell/testcases/sets/0062set_connlimit_0           | 3 +++
 tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft | 2 --
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/tests/shell/testcases/sets/0062set_connlimit_0 b/tests/shell/testcases/sets/0062set_connlimit_0
index 48d589fe68cc..dab1da061795 100755
--- a/tests/shell/testcases/sets/0062set_connlimit_0
+++ b/tests/shell/testcases/sets/0062set_connlimit_0
@@ -24,3 +24,6 @@ RULESET="table ip x {
 }"
 
 $NFT -f - <<< $RULESET
+
+$NFT flush set ip x est-connlimit
+$NFT flush set ip x new-connlimit
diff --git a/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft b/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft
index 080d675c3ac7..13bbb953d8c2 100644
--- a/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft
+++ b/tests/shell/testcases/sets/dumps/0062set_connlimit_0.nft
@@ -3,7 +3,6 @@ table ip x {
 		type ipv4_addr
 		size 65535
 		flags dynamic
-		elements = { 84.245.120.167 ct count over 20 }
 	}
 
 	set new-connlimit {
@@ -11,6 +10,5 @@ table ip x {
 		size 65535
 		flags dynamic
 		ct count over 20
-		elements = { 84.245.120.167 ct count over 20 }
 	}
 }
-- 
2.30.2