1 files changed, 19 insertions, 10 deletions

diff --git a/iptables-test.py b/iptables-test.py
index de1e1e95..cefe4233 100755
--- a/iptables-test.py
+++ b/iptables-test.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/env python3
 #
 # (C) 2012-2013 by Pablo Neira Ayuso <pablo@netfilter.org>
 #
@@ -15,6 +15,7 @@ import sys
 import os
 import subprocess
 import argparse
+from difflib import unified_diff
 
 IPTABLES = "iptables"
 IP6TABLES = "ip6tables"
@@ -136,13 +137,14 @@ def run_test(iptables, rule, rule_save, res, filename, lineno, netns):
     # check for segfaults
     #
     if proc.returncode == -11:
-        reason = "iptables-save segfaults: " + cmd
+        reason = command + " segfaults!"
         print_error(reason, filename, lineno)
         delete_rule(iptables, rule, filename, lineno, netns)
         return -1
 
     # find the rule
-    matching = out.find(rule_save.encode('utf-8'))
+    matching = out.find("\n-A {}\n".format(rule_save).encode('utf-8'))
+
     if matching < 0:
         if res == "OK":
             reason = "cannot find: " + iptables + " -I " + rule
@@ -333,8 +335,11 @@ def run_test_file_fast(iptables, filename, netns):
     out, err = proc.communicate(input = restore_data)
 
     if proc.returncode == -11:
-        reason = iptables + "-restore segfaults: " + cmd
+        reason = iptables + "-restore segfaults!"
         print_error(reason, filename, lineno)
+        msg = [iptables + "-restore segfault from:"]
+        msg.extend(["input: " + l for l in restore_data.split("\n")])
+        print("\n".join(msg), file=log_file)
         return -1
 
     if proc.returncode != 0:
@@ -355,7 +360,7 @@ def run_test_file_fast(iptables, filename, netns):
     out, err = proc.communicate()
 
     if proc.returncode == -11:
-        reason = iptables + "-save segfaults: " + cmd
+        reason = iptables + "-save segfaults!"
         print_error(reason, filename, lineno)
         return -1
 
@@ -364,11 +369,12 @@ def run_test_file_fast(iptables, filename, netns):
 
     out = out.decode('utf-8').rstrip()
     if out.find(out_expect) < 0:
-        msg = ["dumps differ!"]
-        msg.extend(["expect: " + l for l in out_expect.split("\n")])
-        msg.extend(["got: " + l for l in out.split("\n")
-                                if not l[0] in ['*', ':', '#']])
-        print("\n".join(msg), file=log_file)
+        print("dumps differ!", file=log_file)
+        out_clean = [ l for l in out.split("\n")
+                        if not l[0] in ['*', ':', '#']]
+        diff = unified_diff(out_expect.split("\n"), out_clean,
+                            fromfile="expect", tofile="got", lineterm='')
+        print("\n".join(diff), file=log_file)
         return -1
 
     return tests
@@ -465,6 +471,9 @@ def run_test_file(filename, netns):
             else:
                 rule_save = chain + " " + item[1]
 
+            if iptables == EBTABLES and rule_save.find('-j') < 0:
+                rule_save += " -j CONTINUE"
+
             res = item[2].rstrip()
             if len(item) > 3:
                 variant = item[3].rstrip()