From 571c32c466f0516d0543926828ce49b004ce584f Mon Sep 17 00:00:00 2001

From: Eric Garver <eric@garver.life>

Date: Mon, 11 May 2020 17:19:12 -0400

Subject: [PATCH 25/45] test(functions): add macro

 IF_HOST_SUPPORTS_NFT_RULE_INDEX

(cherry picked from commit 735eb589b2a18129b2b8a9d4dfe8b9375757619a)

(cherry picked from commit cda25d11a9e333ee5cdd9d7e084e7075cb1550bb)

---

 src/tests/functions.at | 24 ++++++++++++++++++++++++

 1 file changed, 24 insertions(+)

diff --git a/src/tests/functions.at b/src/tests/functions.at

index 8f5ceba4d3f2..f83720595d2f 100644

--- a/src/tests/functions.at

+++ b/src/tests/functions.at

@@ -598,3 +598,27 @@ m4_define([NMCLI_CHECK], [

     NS_CHECK([PIPESTATUS0([nmcli $1], [TRIM_WHITESPACE])],

              [$2], [m4_strip([$3])], [m4_strip([$4])], [$5], [$6])

 ])

+

+m4_define([IF_HOST_SUPPORTS_NFT_RULE_INDEX], [

+    m4_if(nftables, FIREWALL_BACKEND, [

+        AT_DATA([./nft_rule_index.nft], [

+            add table inet firewalld_check_rule_index

+            add chain inet firewalld_check_rule_index foobar { type filter hook input priority 0 ; }

+            add rule inet firewalld_check_rule_index foobar tcp dport 1234 accept

+            add rule inet firewalld_check_rule_index foobar accept

+            insert rule inet firewalld_check_rule_index foobar index 1 udp dport 4321 accept

+])

+        NS_CHECK([nft -f ./nft_rule_index.nft])

+

+        if test "$( NS_CMD([nft list chain inet firewalld_check_rule_index foobar | head -n 5 |tail -n 1 | TRIM_WHITESPACE]) )" = "udp dport 4321 accept"; then

+            :

+            $1

+        else

+            :

+            $2

+        fi

+

+        NS_CHECK([rm ./nft_rule_index.nft])

+        NS_CHECK([nft delete table inet firewalld_check_rule_index])

+    ], [$1])

+])

-- 

2.27.0