diff options
author | Taehee Yoo <ap420073@gmail.com> | 2018-11-01 23:32:50 +0900 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-11-01 23:32:55 +0100 |
commit | 9ff99156b63ee39af3e8fce5ae5b0a2e2e8f0170 (patch) | |
tree | b4637e05ad000f46e56c3c73da3aa33bfb9b6f69 | |
parent | 8c918db6a7afc171fb2baf9c20ec6385940d2bfc (diff) |
iptables-test: fix netns test
The libxt_rateest test always fails because dependent command is not
executed in netns.
(@iptables -I INPUT -j RATEEST --rateest-name RE1 --rateest-interval \
250.0ms --rateest-ewmalog 500.0ms)
After this path, adding netns command is executed first.
Then test commands are executed.
Fixes: 0123183f43a9 ("iptables-test: add -N option to exercise netns removal path")
Reported-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rwxr-xr-x | iptables-test.py | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/iptables-test.py b/iptables-test.py index 5e6bfb7e..331fe59d 100755 --- a/iptables-test.py +++ b/iptables-test.py @@ -147,12 +147,6 @@ def run_test(iptables, rule, rule_save, res, filename, lineno, netns): return delete_rule(iptables, rule, filename, lineno) -def run_test_netns(iptables, rule, rule_save, res, filename, lineno): - execute_cmd("ip netns add ____iptables-container-test", filename, lineno) - ret = run_test(iptables, rule, rule_save, res, filename, lineno, True) - execute_cmd("ip netns del ____iptables-container-test", filename, lineno) - return ret - def execute_cmd(cmd, filename, lineno): ''' Executes a command, checking for segfaults and returning the command exit @@ -207,6 +201,9 @@ def run_test_file(filename, netns): table = "" total_test_passed = True + if netns: + execute_cmd("ip netns add ____iptables-container-test", filename, 0) + for lineno, line in enumerate(f): if line[0] == "#": continue @@ -218,6 +215,8 @@ def run_test_file(filename, netns): # external non-iptables invocation, executed as is. if line[0] == "@": external_cmd = line.rstrip()[1:] + if netns: + external_cmd = "ip netns exec ____iptables-container-test " + EXECUTEABLE + " " + external_cmd execute_cmd(external_cmd, filename, lineno) continue @@ -245,13 +244,8 @@ def run_test_file(filename, netns): rule_save = chain + " " + item[1] res = item[2].rstrip() - - if netns: - ret = run_test_netns(iptables, rule, rule_save, - res, filename, lineno + 1) - else: - ret = run_test(iptables, rule, rule_save, - res, filename, lineno + 1, False) + ret = run_test(iptables, rule, rule_save, + res, filename, lineno + 1, netns) if ret < 0: test_passed = False @@ -261,6 +255,8 @@ def run_test_file(filename, netns): if test_passed: passed += 1 + if netns: + execute_cmd("ip netns del ____iptables-container-test", filename, 0) if total_test_passed: print filename + ": " + Colors.GREEN + "OK" + Colors.ENDC |