From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Chander Govindarajan <mail@chandergovind.org>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH] nft: allow deletion of rule by full statement form
Date: Thu, 23 Jun 2022 11:21:30 +0200 [thread overview]
Message-ID: <YrQwmiXtaXBv2IqN@salvia> (raw)
In-Reply-To: <d1711872-0d71-0e7a-fe2e-931b65c898d7@chandergovind.org>
[-- Attachment #1: Type: text/plain, Size: 643 bytes --]
Hi,
On Thu, Jun 23, 2022 at 02:31:44PM +0530, Chander Govindarajan wrote:
> Hi Pablo,
>
> Would it be possible to share your changes to tests/py? Would
> like to see how bad it is.
>
> I would like to still go with the plain (non-json) approach if
> possible at all.
I'm attaching the patch... it's from 2017. It does not apply,
rule_add() in tests/py/nft-tests.py has changed quite a bit, since
there are tests for the netlink payload, json and so on.
I was basically checking if removing the rule that was possible to
make sure there is symmetry between add and delete.
I'm afraid you'll have to dig into tests/py file to update this.
[-- Attachment #2: 0001-tests-py-test-deletion-from-rule-definition.patch --]
[-- Type: text/x-diff, Size: 1602 bytes --]
From 32e7cfa5dd683db33e757b46b4944c18a0f2826c Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sun, 8 Jan 2017 19:55:20 +0100
Subject: [PATCH] tests: py: test deletion from rule definition
This patch checks that rule deletion works fine.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
tests/py/nft-test.py | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/tests/py/nft-test.py b/tests/py/nft-test.py
index 7bb5437805d5..1c1b430cc1fa 100755
--- a/tests/py/nft-test.py
+++ b/tests/py/nft-test.py
@@ -661,6 +661,7 @@ def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
return [-1, warning, error, unit_tests]
payload_expected = []
+ delete_error = False
for table in table_list:
try:
@@ -770,6 +771,19 @@ def rule_add(rule, filename, lineno, force_all_family_option, filename_path):
if not force_all_family_option:
return [ret, warning, error, unit_tests]
+ if delete_error == True:
+ continue
+
+ cmd = NFT_BIN + " delete rule " + table_info + \
+ chain.name + " " + rule[0]
+ ret = execute_cmd(cmd, filename, lineno)
+ if ret != 0:
+ reason = "Cannot delete rule: " + cmd
+ print_error(reason, filename, lineno)
+ ret = -1
+ error += 1
+ delete_error = True
+
return [ret, warning, error, unit_tests]
--
2.30.2
prev parent reply other threads:[~2022-06-23 9:21 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-26 13:41 [PATCH] nft: allow deletion of rule by full statement form Chander Govindarajan
2022-06-13 11:47 ` Pablo Neira Ayuso
2022-06-23 9:01 ` Chander Govindarajan
2022-06-23 9:21 ` Pablo Neira Ayuso [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YrQwmiXtaXBv2IqN@salvia \
--to=pablo@netfilter.org \
--cc=mail@chandergovind.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).