rpms / firewalld

Clone
Source Code
GIT

Files

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   c7
  2.   SOURCES
  3.   0096-fix-tests-ignore-errors-about-setting-ipv6-forwardin.patch
Blob Blame History Raw 
From acab71f6c84fe5a9539768a5e45ab157e549eb31 Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Wed, 28 Aug 2019 08:52:44 -0400
Subject: [PATCH 96/99] fix: tests: ignore errors about setting ipv6 forwarding

On a host with ipv6.disable=1 the proc files and sysctls for setting
IPv6 forwarding will not be available, but nftables and iptables-nft
still allow creating rules that match IPv6. Instead of guarding all our
test cases for silly reasons (disabling IPv6), let's just ignore the
errors about setting IPv6 forwarding.

This only affects tests that explicitly use IPv6 (often rich rules) via
masquerading/forward-ports.

(cherry picked from commit b28611dee5a2e3a07521aa0fc499b1f70ad81d3b)
(cherry picked from commit 49dd9bcd29ca7948a514373aaf86f682cc13f5e7)
---
 src/tests/firewall-cmd.at     | 4 ++--
 src/tests/regression/gh335.at | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/tests/firewall-cmd.at b/src/tests/firewall-cmd.at
index 590194103a7e..2977cd6b5332 100644
--- a/src/tests/firewall-cmd.at
+++ b/src/tests/firewall-cmd.at
@@ -580,7 +580,7 @@ FWD_START_TEST([forward ports])
     FWD_CHECK([--permanent --query-forward-port port=100:proto=tcp:toport=200], 1, ignore)
     FWD_CHECK([--permanent --query-forward-port=port=88:proto=udp:toport=99], 1, ignore)
     FWD_CHECK([--permanent --list-forward-ports], 0, ignore)
-FWD_END_TEST
+FWD_END_TEST([-e '/ERROR: Failed to write to file .*\/proc\/sys\/net\/ipv6\/conf\/all\/forwarding.*/d'])
 
 FWD_START_TEST([ICMP block])
     FWD_CHECK([--list-icmp-blocks], 0, ignore)
@@ -988,7 +988,7 @@ FWD_START_TEST([rich rules good])
     rich_rule_test([rule forward-port port="99" to-port="10999" to-addr="1::2:3:4:7" protocol="dccp" family="ipv6" source address="1:2:3:4:6::"])
     ])
     rich_rule_test([rule family="ipv4" port port="222" protocol="tcp" mark set="0xff"])
-FWD_END_TEST
+FWD_END_TEST([-e '/ERROR: Failed to write to file .*\/proc\/sys\/net\/ipv6\/conf\/all\/forwarding.*/d'])
 FWD_START_TEST([rich rules audit])
 	CHECK_LOG_AUDIT
 	rich_rule_test([rule service name="ftp" audit limit value="1/m" accept])
diff --git a/src/tests/regression/gh335.at b/src/tests/regression/gh335.at
index 97d8b88e493c..cf307ef35365 100644
--- a/src/tests/regression/gh335.at
+++ b/src/tests/regression/gh335.at
@@ -64,4 +64,4 @@ NS_CHECK([[sysctl -a |grep "net.ipv4.conf.all.forwarding[ ]*=[ ]*1"]], 1, [ignor
 NS_CHECK([[sysctl -a |grep "net.ipv6.conf.all.forwarding[ ]*=[ ]*1"]], 1, [ignore], [ignore])
 ])
 
-FWD_END_TEST
+FWD_END_TEST([-e '/ERROR: Failed to write to file .*\/proc\/sys\/net\/ipv6\/conf\/all\/forwarding.*/d'])
-- 
2.20.1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation