From c150db55fdd5d5fa32fa957b84db506561b0f501 Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Mon, 2 Dec 2019 09:08:00 -0500
Subject: [PATCH 123/146] fix: test: CHECK_NAT_COEXISTENCE: only check for
 kernel version

Calling modprobe is problematic inside a container. Just check if the
running kernel is >4.18 as this is when NAT coexistence was fixed.

(cherry picked from commit 2b7d150d4b15b4b3876df0179cd08aaae33f2e38)
(cherry picked from commit 837e15fa66478db597161f89c2364ccb10012bce)
---
 src/tests/functions.at | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/src/tests/functions.at b/src/tests/functions.at
index d663716cb138..74cb889c7a29 100644
--- a/src/tests/functions.at
+++ b/src/tests/functions.at
@@ -376,13 +376,8 @@ m4_define([CHECK_NAT_COEXISTENCE], [
     m4_if(nftables, FIREWALL_BACKEND, [
         KERNEL_MAJOR=`uname -r | cut -d. -f1`
         KERNEL_MINOR=`uname -r | cut -d. -f2`
-        if test ${KERNEL_MAJOR} -eq 4 && test ${KERNEL_MINOR} -ge 16 || test ${KERNEL_MAJOR} -gt 4; then
-            dnl Only check >=4.16 kernels. Previous versions did not explicitly
-            dnl deny it, but had undefined behavior.
-            AT_SKIP_IF([! modprobe iptable_nat])
-            AT_SKIP_IF([! NS_CMD([nft add table ip foobar])])
-            AT_SKIP_IF([! NS_CMD([nft add chain ip foobar foobar_chain { type nat hook postrouting priority 100 \; }])])
-            NS_CHECK([nft delete table ip foobar])
+        if test ${KERNEL_MAJOR} -eq 4 && test ${KERNEL_MINOR} -ge 18 || test ${KERNEL_MAJOR} -gt 4; then
+            :
         else
             AT_SKIP_IF([true])
         fi
-- 
2.23.0