|
|
136e2c |
From acab71f6c84fe5a9539768a5e45ab157e549eb31 Mon Sep 17 00:00:00 2001
|
|
|
136e2c |
From: Eric Garver <eric@garver.life>
|
|
|
136e2c |
Date: Wed, 28 Aug 2019 08:52:44 -0400
|
|
|
136e2c |
Subject: [PATCH 96/99] fix: tests: ignore errors about setting ipv6 forwarding
|
|
|
136e2c |
|
|
|
136e2c |
On a host with ipv6.disable=1 the proc files and sysctls for setting
|
|
|
136e2c |
IPv6 forwarding will not be available, but nftables and iptables-nft
|
|
|
136e2c |
still allow creating rules that match IPv6. Instead of guarding all our
|
|
|
136e2c |
test cases for silly reasons (disabling IPv6), let's just ignore the
|
|
|
136e2c |
errors about setting IPv6 forwarding.
|
|
|
136e2c |
|
|
|
136e2c |
This only affects tests that explicitly use IPv6 (often rich rules) via
|
|
|
136e2c |
masquerading/forward-ports.
|
|
|
136e2c |
|
|
|
136e2c |
(cherry picked from commit b28611dee5a2e3a07521aa0fc499b1f70ad81d3b)
|
|
|
136e2c |
(cherry picked from commit 49dd9bcd29ca7948a514373aaf86f682cc13f5e7)
|
|
|
136e2c |
---
|
|
|
136e2c |
src/tests/firewall-cmd.at | 4 ++--
|
|
|
136e2c |
src/tests/regression/gh335.at | 2 +-
|
|
|
136e2c |
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
|
136e2c |
|
|
|
136e2c |
diff --git a/src/tests/firewall-cmd.at b/src/tests/firewall-cmd.at
|
|
|
136e2c |
index 590194103a7e..2977cd6b5332 100644
|
|
|
136e2c |
--- a/src/tests/firewall-cmd.at
|
|
|
136e2c |
+++ b/src/tests/firewall-cmd.at
|
|
|
136e2c |
@@ -580,7 +580,7 @@ FWD_START_TEST([forward ports])
|
|
|
136e2c |
FWD_CHECK([--permanent --query-forward-port port=100:proto=tcp:toport=200], 1, ignore)
|
|
|
136e2c |
FWD_CHECK([--permanent --query-forward-port=port=88:proto=udp:toport=99], 1, ignore)
|
|
|
136e2c |
FWD_CHECK([--permanent --list-forward-ports], 0, ignore)
|
|
|
136e2c |
-FWD_END_TEST
|
|
|
136e2c |
+FWD_END_TEST([-e '/ERROR: Failed to write to file .*\/proc\/sys\/net\/ipv6\/conf\/all\/forwarding.*/d'])
|
|
|
136e2c |
|
|
|
136e2c |
FWD_START_TEST([ICMP block])
|
|
|
136e2c |
FWD_CHECK([--list-icmp-blocks], 0, ignore)
|
|
|
136e2c |
@@ -988,7 +988,7 @@ FWD_START_TEST([rich rules good])
|
|
|
136e2c |
rich_rule_test([rule forward-port port="99" to-port="10999" to-addr="1::2:3:4:7" protocol="dccp" family="ipv6" source address="1:2:3:4:6::"])
|
|
|
136e2c |
])
|
|
|
136e2c |
rich_rule_test([rule family="ipv4" port port="222" protocol="tcp" mark set="0xff"])
|
|
|
136e2c |
-FWD_END_TEST
|
|
|
136e2c |
+FWD_END_TEST([-e '/ERROR: Failed to write to file .*\/proc\/sys\/net\/ipv6\/conf\/all\/forwarding.*/d'])
|
|
|
136e2c |
FWD_START_TEST([rich rules audit])
|
|
|
136e2c |
CHECK_LOG_AUDIT
|
|
|
136e2c |
rich_rule_test([rule service name="ftp" audit limit value="1/m" accept])
|
|
|
136e2c |
diff --git a/src/tests/regression/gh335.at b/src/tests/regression/gh335.at
|
|
|
136e2c |
index 97d8b88e493c..cf307ef35365 100644
|
|
|
136e2c |
--- a/src/tests/regression/gh335.at
|
|
|
136e2c |
+++ b/src/tests/regression/gh335.at
|
|
|
136e2c |
@@ -64,4 +64,4 @@ NS_CHECK([[sysctl -a |grep "net.ipv4.conf.all.forwarding[ ]*=[ ]*1"]], 1, [ignor
|
|
|
136e2c |
NS_CHECK([[sysctl -a |grep "net.ipv6.conf.all.forwarding[ ]*=[ ]*1"]], 1, [ignore], [ignore])
|
|
|
136e2c |
])
|
|
|
136e2c |
|
|
|
136e2c |
-FWD_END_TEST
|
|
|
136e2c |
+FWD_END_TEST([-e '/ERROR: Failed to write to file .*\/proc\/sys\/net\/ipv6\/conf\/all\/forwarding.*/d'])
|
|
|
136e2c |
--
|
|
|
136e2c |
2.20.1
|
|
|
136e2c |
|