[libvirt] [PATCH 1/2] [TCK] nwfilter: Adapt test program and cases to recent iptables
Stefan Berger
stefanb at linux.vnet.ibm.com
Thu Apr 26 19:50:52 UTC 2012
Anyone have an ACK or comments?
Stefan
On 04/23/2012 08:21 AM, Stefan Berger wrote:
> Recent iptables fixes a lot of issues with missing spaces and
> other information that was previously not reported properly. To make
> the test program and test cases work on old and newer installations
> of iptables tools, some adjustments need to be made.
>
> Fix a 'file not found error' when running this tool from the shell
> directly.
>
> ---
> scripts/nwfilter/nwfilter2vmtest.sh | 6 +++---
> scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall | 12 ++++++------
> 2 files changed, 9 insertions(+), 9 deletions(-)
>
> Index: libvirt-tck/scripts/nwfilter/nwfilter2vmtest.sh
> ===================================================================
> --- libvirt-tck.orig/scripts/nwfilter/nwfilter2vmtest.sh
> +++ libvirt-tck/scripts/nwfilter/nwfilter2vmtest.sh
> @@ -9,7 +9,7 @@ VIRSH=virsh
> # For each line starting with uri=, remove the prefix and set the hold
> # space to the rest of the line. Then at file end, print the hold
> # space, which is effectively the last uri= line encountered.
> -uri=$(sed -n '/^uri[ ]*=[ ]*/ {
> +[ -r "$LIBVIRT_TCK_CONFIG" ]&& uri=$(sed -n '/^uri[ ]*=[ ]*/ {
> s///
> h
> }
> @@ -147,12 +147,12 @@ checkExpectedOutput() {
> break
> fi
>
> - diff ${tmpfile} ${tmpfile2}>/dev/null
> + diff -w ${tmpfile} ${tmpfile2}>/dev/null
>
> if [ $? -ne 0 ]; then
> if [ $(($flags& $FLAG_VERBOSE)) -ne 0 ]; then
> echo "FAIL ${xmlfile} : ${cmd}"
> - diff ${tmpfile} ${tmpfile2}
> + diff -w ${tmpfile} ${tmpfile2}
> fi
> failctr=$(($failctr + 1))
> if [ $(($flags& $FLAG_WAIT)) -ne 0 ]; then
> Index: libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall
> ===================================================================
> --- libvirt-tck.orig/scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall
> +++ libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall
> @@ -1,18 +1,18 @@
> -#iptables -L FI-vnet0 -n
> +#iptables -L FI-vnet0 -n | sed 's|#conn/|#conn src/|'
> Chain FI-vnet0 (1 references)
> target prot opt source destination
> -DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn/32> 1
> -DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn/32> 2
> +DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32> 1
> +DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32> 2
> RETURN all -- 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED ctdir REPLY
> #iptables -L FO-vnet0 -n
> Chain FO-vnet0 (1 references)
> target prot opt source destination
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED ctdir ORIGINAL
> -#iptables -L HI-vnet0 -n
> +#iptables -L HI-vnet0 -n | sed 's|#conn/|#conn src/|'
> Chain HI-vnet0 (1 references)
> target prot opt source destination
> -DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn/32> 1
> -DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn/32> 2
> +DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32> 1
> +DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32> 2
> RETURN all -- 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED ctdir REPLY
> #iptables -L libvirt-host-in -n | grep vnet0 | tr -s " "
> HI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
More information about the libvir-list
mailing list