iptables-translate <= v1.8.8 didn't use quotes: $ iptables-translate -A INPUT -s 127.0.0.1 -p icmp -j DROP nft add rule ip filter INPUT ip protocol icmp ip saddr 127.0.0.1 counter drop iptables-translate since v1.8.9 started to add quotes: $ iptables-translate -A INPUT -s 127.0.0.1 -p icmp -j DROP nft 'add rule ip filter INPUT ip protocol icmp ip saddr 127.0.0.1 counter drop' That broke nft01.sh test: Error: syntax error, unexpected junk 'add rule ip filter INPUT ip protocol icmp ip saddr 127.0.0.1 counter drop' ^ nft01 1 TFAIL: nft command failed to append new rule Therefore filter out also quotes (to existing backslash). Signed-off-by: Petr Vorel <pvorel@xxxxxxx> --- testcases/network/iptables/iptables_lib.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testcases/network/iptables/iptables_lib.sh b/testcases/network/iptables/iptables_lib.sh index ab76cbd416..7e138ea33b 100755 --- a/testcases/network/iptables/iptables_lib.sh +++ b/testcases/network/iptables/iptables_lib.sh @@ -22,7 +22,7 @@ NFRUN() if [ "$use_iptables" = 1 ]; then ip${TST_IPV6}tables $@ else - $(ip${TST_IPV6}tables-translate $@ | sed 's,\\,,g') + $(ip${TST_IPV6}tables-translate $@ | sed "s/[\']//g") fi } -- 2.39.1