[PATCH v2 nftables 0/4] src: print count variable in normal set listings

Florian Westphal <fw@xxxxxxxxx> · Tue, 8 Apr 2025 16:21:28 +0200

Print the number of allocated set elements if the set provided
an upper size limit and there is at least one element.

Example:

table ip t {
   set s {
       type ipv4_addr
       size 65535      # count 1
       flags dynamic
       counter
       elements = { 1.1.1.1 counter packets 1 bytes 11 }
   }
   ...

First patch prepares python tests to skip the new debug
information coming with updated libnftnl.
This is needed to avoid a (large) update of all the
existing / recorded dumpinfo.

Second patch dumps set debug info with --debug=netlink flag,
i.e.:
nft --debug=netlink list ruleset
family 2 s t 0 backend nft_set_rhash_type
family 2 __set0 t 3 size 3 backend nft_set_hash_fast_type count 3
(actual ruleset omitted)

Third patch includes the new 'size <value> # count <value>'
output.

Last patch fixes shell tests:
Dumps are updated with the new format (not too many changes,
the change is only needed for sets that have both 'size' set
and are not empty at the end of the test).

For old kernels (missing COUNT attribute), the dumps will be
postprocessed after failure to strip '# count', then re-diff
happens.

Florian Westphal (4):
  tests/py: prepare for set debug change
  debug: include kernel set information on cache fill
  src: print count variable in normal set listings
  tests: shell: add feature check for count output change

 include/rule.h                                |  2 ++
 src/mnl.c                                     | 15 +++++++--
 src/netlink.c                                 |  6 ++++
 src/rule.c                                    |  9 +++--
 tests/py/nft-test.py                          | 15 ++++++---
 tests/shell/features/setcount.sh              | 13 ++++++++
 tests/shell/helpers/test-wrapper.sh           | 33 +++++++++++++++----
 .../testcases/rule_management/0011reset_0     | 30 ++++++++++-------
 .../rule_management/dumps/0011reset_0.nft     |  2 +-
 .../sets/dumps/0016element_leak_0.nft         |  2 +-
 .../sets/dumps/0017add_after_flush_0.nft      |  2 +-
 .../sets/dumps/0018set_check_size_1.nft       |  2 +-
 .../sets/dumps/0019set_check_size_0.nft       |  2 +-
 .../sets/dumps/0045concat_ipv4_service.nft    |  2 +-
 .../sets/dumps/0057set_create_fails_0.nft     |  2 +-
 .../sets/dumps/0060set_multistmt_1.nft        |  2 +-
 16 files changed, 102 insertions(+), 37 deletions(-)
 create mode 100755 tests/shell/features/setcount.sh

-- 
2.49.0