www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Florian Westphal <fw@strlen.de>
	Wed, 21 May 2025 09:38:49 +0000 (11:38 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 23 May 2025 11:57:12 +0000 (13:57 +0200)
commit	996d62ece03137b2462308acc15acadebe357c66
tree	6f110e289c7b314937151930cbde3eebc613878a	tree
parent	9a119669fb1924cd9658c16da39a5a585e129e50	commit \| diff

selftests: netfilter: nft_fib.sh: add type and oif tests with and without VRFs

Replace the existing VRF test with a more comprehensive one.

It tests following combinations:
- fib type (returns address type, e.g. unicast)
- fib oif (route output interface index
- both with and without 'iif' keyword (changes result, e.g.
  'fib daddr type local' will be true when the destination address
  is configured on the local machine, but
  'fib daddr . iif type local' will only be true when the destination
  address is configured on the incoming interface.

Add all types of addresses to test with for both ipv4 and ipv6:
- local address on the incoming interface
- local address on another interface
- local address on another interface thats part of a vrf
- address on another host

The ruleset stores obtained results from 'fib' in nftables sets and
then queries the sets to check that it has the expected results.

Perform one pass while packets are coming in on interface NOT part of
a VRF and then again when it was added and make sure fib returns the
expected routes and address types for the various addresses in the
setup.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>