On Thu, Jun 12, 2025 at 01:52:17PM +0200, Phil Sutter wrote:
[...]
> diff --git a/tests/shell/testcases/transactions/0050rule_1 b/tests/shell/testcases/transactions/0050rule_1
> deleted file mode 100755
> index 89e5f42fc9f4d..0000000000000
> --- a/tests/shell/testcases/transactions/0050rule_1
> +++ /dev/null
> @@ -1,19 +0,0 @@
> -#!/bin/bash
I would prefer this test does not go away, this is catching for a old
kernel bug if you take a look at the history, ie. it is an old
bug reproducer so...
> -
> -set -e
> -
> -RULESET="table inet filter {
> - flowtable ftable {
> - hook ingress priority 0; devices = { eno1, eno0, x };
> - }
> -
> -chain forward {
> - type filter hook forward priority 0; policy drop;
> -
> - ip protocol { tcp, udp } ct mark and 1 == 1 counter flow add @ftable
> - ip6 nexthdr { tcp, udp } ct mark and 2 == 2 counter flow add @ftable
> - ct mark and 30 == 30 ct state established,related log prefix \"nftables accept: \" level info accept
> - }
> -}"
> -
> -$NFT -f - <<< "$RULESET" >/dev/null || exit 0
maybe simply add here:
$NFT flush ruleset
to get the same behaviour in old and new kernels.
I did not look at other tests.
Please have a look at the history of other tests to check if they are
also catching very old kernel bugs.
