From 5157b540532338184b3867bc0370a8a27cef56f9 Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Thu, 31 Oct 2019 12:57:23 -0400 Subject: [PATCH 120/122] fix: tests: convert ip6tables checks to runtime (cherry picked from commit 49d4021e6ebf74e82142ca4fa6e6715a80d9b547) (cherry picked from commit 7328e687353fbba92e303a97cf5f2c25884e6dae) --- src/tests/firewall-cmd.at | 2 +- src/tests/functions.at | 14 ++++++++------ src/tests/regression/rhbz1594657.at | 2 +- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/src/tests/firewall-cmd.at b/src/tests/firewall-cmd.at index 2977cd6b5332..e9d5b6d1abc0 100644 --- a/src/tests/firewall-cmd.at +++ b/src/tests/firewall-cmd.at @@ -831,7 +831,7 @@ FWD_START_TEST([direct passthrough]) FWD_CHECK([--direct --remove-passthrough ipv4 --table filter --append INPUT --in-interface dummy0 --protocol tcp --destination-port 67 --jump ACCEPT], 0, ignore) FWD_CHECK([--direct --query-passthrough ipv4 --table filter --append INPUT --in-interface dummy0 --protocol tcp --destination-port 67 --jump ACCEPT], 1, ignore, ignore) - m4_if(yes, HOST_SUPPORTS_IP6TABLES, [dnl + IF_HOST_SUPPORTS_IP6TABLES([ FWD_CHECK([--direct --add-passthrough ipv6 --table filter --append FORWARD --destination fd00:dead:beef:ff0::/64 --in-interface dummy0 --out-interface dummy0 --jump ACCEPT], 0, ignore) FWD_CHECK([--direct --get-passthroughs ipv6 | grep "fd00:dead:beef:ff0::/64"], 0, ignore) FWD_CHECK([--direct --get-all-passthroughs | grep "fd00:dead:beef:ff0::/64"], 0, ignore) diff --git a/src/tests/functions.at b/src/tests/functions.at index 97506cc1396f..97df8914444a 100644 --- a/src/tests/functions.at +++ b/src/tests/functions.at @@ -256,7 +256,7 @@ m4_define([IPTABLES_LIST_RULES], [ m4_define([IP6TABLES_LIST_RULES_ALWAYS], [ m4_ifdef([TESTING_FIREWALL_OFFLINE_CMD], [], [ - m4_if(yes, HOST_SUPPORTS_IP6TABLES, [ + IF_HOST_SUPPORTS_IP6TABLES([ NS_CHECK([$IP6TABLES -w -n -t $1 -L $2 | TRIM_WHITESPACE | tail -n +3], [$3], [m4_strip([$4])], [m4_strip([$5])], [$6], [$7]) ]) ]) @@ -422,13 +422,15 @@ m4_define([IF_HOST_SUPPORTS_NFT_FIB], [ fi ]) -m4_define([HOST_SUPPORTS_IP6TABLES], m4_esyscmd( +m4_define([IF_HOST_SUPPORTS_IP6TABLES], [ if $IP6TABLES -L >/dev/null 2>&1; then - echo -n "yes" + : + $1 else - echo -n "no" + : + $2 fi -)) +]) m4_define([HOST_SUPPORTS_IPV6], m4_esyscmd( if sysctl -a |grep -F "net.ipv6" >/dev/null 2>&1; then @@ -441,6 +443,6 @@ m4_define([HOST_SUPPORTS_IPV6], m4_esyscmd( m4_define([IF_IPV6_SUPPORTED], [ m4_ifdef([TESTING_FIREWALL_OFFLINE_CMD], [$1], [ m4_if(nftables, FIREWALL_BACKEND, [$1], [ - m4_if(yes, HOST_SUPPORTS_IP6TABLES, [$1], [$2]) + IF_HOST_SUPPORTS_IP6TABLES([$1], [$2]) ])]) ]) diff --git a/src/tests/regression/rhbz1594657.at b/src/tests/regression/rhbz1594657.at index 33b7bafe6b08..93cc2c2ef5b8 100644 --- a/src/tests/regression/rhbz1594657.at +++ b/src/tests/regression/rhbz1594657.at @@ -6,7 +6,7 @@ FWD_CHECK([--direct --passthrough ipv4 -t filter -C dummy_chain -j ACCEPT], 13, FWD_CHECK([--direct --passthrough ipv4 -t filter -L dummy_chain], 13, [ignore], [ignore]) FWD_CHECK([--direct --passthrough ipv4 -t filter -L INPUT], 0, [ignore]) -m4_if(yes, HOST_SUPPORTS_IP6TABLES, [dnl +IF_HOST_SUPPORTS_IP6TABLES([ FWD_CHECK([--direct --passthrough ipv6 -t filter -C dummy_chain -j ACCEPT], 13, [ignore], [ignore]) FWD_CHECK([--direct --passthrough ipv6 -t filter -L dummy_chain], 13, [ignore], [ignore]) FWD_CHECK([--direct --passthrough ipv6 -t filter -L INPUT], 0, [ignore]) -- 2.23.0