[PATCH net-next 12/15] selftests: netfilter: nft_conntrack_helper.sh: test to lib.sh infra

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

prefer socat over nc, nc has too many incompatible versions around.

Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
 .../net/netfilter/nft_conntrack_helper.sh     | 132 +++++++-----------
 1 file changed, 53 insertions(+), 79 deletions(-)

diff --git a/tools/testing/selftests/net/netfilter/nft_conntrack_helper.sh b/tools/testing/selftests/net/netfilter/nft_conntrack_helper.sh
index faa7778d7bd1..abcaa7337197 100755
--- a/tools/testing/selftests/net/netfilter/nft_conntrack_helper.sh
+++ b/tools/testing/selftests/net/netfilter/nft_conntrack_helper.sh
@@ -5,72 +5,48 @@
 # 2. auto-assign still works.
 #
 # Kselftest framework requirement - SKIP code is 4.
-ksft_skip=4
+
+source lib.sh
+
 ret=0
 
-sfx=$(mktemp -u "XXXXXXXX")
-ns1="ns1-$sfx"
-ns2="ns2-$sfx"
 testipv6=1
 
+checktool "socat -h" "run test without socat"
+checktool "conntrack --version" "run test without conntrack"
+checktool "nft --version" "run test without nft"
+
 cleanup()
 {
-	ip netns del ${ns1}
-	ip netns del ${ns2}
-}
-
-nft --version > /dev/null 2>&1
-if [ $? -ne 0 ];then
-	echo "SKIP: Could not run test without nft tool"
-	exit $ksft_skip
-fi
-
-ip -Version > /dev/null 2>&1
-if [ $? -ne 0 ];then
-	echo "SKIP: Could not run test without ip tool"
-	exit $ksft_skip
-fi
-
-conntrack -V > /dev/null 2>&1
-if [ $? -ne 0 ];then
-	echo "SKIP: Could not run test without conntrack tool"
-	exit $ksft_skip
-fi
+	ip netns pids "$ns1" | xargs kill 2>/dev/null
 
-which nc >/dev/null 2>&1
-if [ $? -ne 0 ];then
-	echo "SKIP: Could not run test without netcat tool"
-	exit $ksft_skip
-fi
+	ip netns del "$ns1"
+	ip netns del "$ns2"
+}
 
 trap cleanup EXIT
 
-ip netns add ${ns1}
-ip netns add ${ns2}
+setup_ns ns1 ns2
 
-ip link add veth0 netns ${ns1} type veth peer name veth0 netns ${ns2} > /dev/null 2>&1
-if [ $? -ne 0 ];then
+if ! ip link add veth0 netns "$ns1" type veth peer name veth0 netns "$ns2" > /dev/null 2>&1;then
     echo "SKIP: No virtual ethernet pair device support in kernel"
     exit $ksft_skip
 fi
 
-ip -net ${ns1} link set lo up
-ip -net ${ns1} link set veth0 up
+ip -net "$ns1" link set veth0 up
+ip -net "$ns2" link set veth0 up
 
-ip -net ${ns2} link set lo up
-ip -net ${ns2} link set veth0 up
+ip -net "$ns1" addr add 10.0.1.1/24 dev veth0
+ip -net "$ns1" addr add dead:1::1/64 dev veth0 nodad
 
-ip -net ${ns1} addr add 10.0.1.1/24 dev veth0
-ip -net ${ns1} addr add dead:1::1/64 dev veth0
-
-ip -net ${ns2} addr add 10.0.1.2/24 dev veth0
-ip -net ${ns2} addr add dead:1::2/64 dev veth0
+ip -net "$ns2" addr add 10.0.1.2/24 dev veth0
+ip -net "$ns2" addr add dead:1::2/64 dev veth0 nodad
 
 load_ruleset_family() {
 	local family=$1
 	local ns=$2
 
-ip netns exec ${ns} nft -f - <<EOF
+ip netns exec "$ns" nft -f - <<EOF
 table $family raw {
 	ct helper ftp {
              type "ftp" protocol tcp
@@ -94,22 +70,21 @@ check_for_helper()
 	local message=$2
 	local port=$3
 
-	if echo $message |grep -q 'ipv6';then
+	if echo "$message" |grep -q 'ipv6';then
 		local family="ipv6"
 	else
 		local family="ipv4"
 	fi
 
-	ip netns exec ${netns} conntrack -L -f $family -p tcp --dport $port 2> /dev/null |grep -q 'helper=ftp'
-	if [ $? -ne 0 ] ; then
-		if [ $autoassign -eq 0 ] ;then
+	if ! ip netns exec "$netns" conntrack -L -f $family -p tcp --dport "$port" 2> /dev/null |grep -q 'helper=ftp';then
+		if [ "$autoassign" -eq 0 ] ;then
 			echo "FAIL: ${netns} did not show attached helper $message" 1>&2
 			ret=1
 		else
 			echo "PASS: ${netns} did not show attached helper $message" 1>&2
 		fi
 	else
-		if [ $autoassign -eq 0 ] ;then
+		if [ "$autoassign" -eq 0 ] ;then
 			echo "PASS: ${netns} connection on port $port has ftp helper attached" 1>&2
 		else
 			echo "FAIL: ${netns} connection on port $port has ftp helper attached" 1>&2
@@ -120,69 +95,68 @@ check_for_helper()
 	return 0
 }
 
+listener_ready()
+{
+	ns="$1"
+	port="$2"
+	proto="$3"
+	ss -N "$ns" -lnt -o "sport = :$port" | grep -q "$port"
+}
+
 test_helper()
 {
 	local port=$1
 	local autoassign=$2
 
-	if [ $autoassign -eq 0 ] ;then
+	if [ "$autoassign" -eq 0 ] ;then
 		msg="set via ruleset"
 	else
 		msg="auto-assign"
 	fi
 
-	sleep 3 | ip netns exec ${ns2} nc -w 2 -l -p $port > /dev/null &
+	ip netns exec "$ns2" socat -t 3 -u -4 TCP-LISTEN:"$port",reuseaddr STDOUT > /dev/null &
+	busywait "$BUSYWAIT_TIMEOUT" listener_ready "$ns2" "$port" "-4"
 
-	sleep 1 | ip netns exec ${ns1} nc -w 2 10.0.1.2 $port > /dev/null &
-	sleep 1
+	ip netns exec "$ns1" socat -u -4 STDIN TCP:10.0.1.2:"$port" < /dev/null > /dev/null
 
-	check_for_helper "$ns1" "ip $msg" $port $autoassign
-	check_for_helper "$ns2" "ip $msg" $port $autoassign
-
-	wait
+	check_for_helper "$ns1" "ip $msg" "$port" "$autoassign"
+	check_for_helper "$ns2" "ip $msg" "$port" "$autoassign"
 
 	if [ $testipv6 -eq 0 ] ;then
 		return 0
 	fi
 
-	ip netns exec ${ns1} conntrack -F 2> /dev/null
-	ip netns exec ${ns2} conntrack -F 2> /dev/null
-
-	sleep 3 | ip netns exec ${ns2} nc -w 2 -6 -l -p $port > /dev/null &
+	ip netns exec "$ns1" conntrack -F 2> /dev/null
+	ip netns exec "$ns2" conntrack -F 2> /dev/null
 
-	sleep 1 | ip netns exec ${ns1} nc -w 2 -6 dead:1::2 $port > /dev/null &
-	sleep 1
+	ip netns exec "$ns2" socat -t 3 -u -6 TCP-LISTEN:"$port",reuseaddr STDOUT > /dev/null &
+	busywait $BUSYWAIT_TIMEOUT listener_ready "$ns2" "$port" "-6"
 
-	check_for_helper "$ns1" "ipv6 $msg" $port
-	check_for_helper "$ns2" "ipv6 $msg" $port
+	ip netns exec "$ns1" socat -t 3 -u -6 STDIN TCP:"[dead:1::2]":"$port" < /dev/null > /dev/null
 
-	wait
+	check_for_helper "$ns1" "ipv6 $msg" "$port"
+	check_for_helper "$ns2" "ipv6 $msg" "$port"
 }
 
-load_ruleset_family ip ${ns1}
-if [ $? -ne 0 ];then
+if ! load_ruleset_family ip "$ns1"; then
 	echo "FAIL: ${ns1} cannot load ip ruleset" 1>&2
 	exit 1
 fi
 
-load_ruleset_family ip6 ${ns1}
-if [ $? -ne 0 ];then
+if ! load_ruleset_family ip6 "$ns1"; then
 	echo "SKIP: ${ns1} cannot load ip6 ruleset" 1>&2
 	testipv6=0
 fi
 
-load_ruleset_family inet ${ns2}
-if [ $? -ne 0 ];then
+if ! load_ruleset_family inet "${ns2}"; then
 	echo "SKIP: ${ns1} cannot load inet ruleset" 1>&2
-	load_ruleset_family ip ${ns2}
-	if [ $? -ne 0 ];then
+	if ! load_ruleset_family ip "${ns2}"; then
 		echo "FAIL: ${ns2} cannot load ip ruleset" 1>&2
 		exit 1
 	fi
 
-	if [ $testipv6 -eq 1 ] ;then
-		load_ruleset_family ip6 ${ns2}
-		if [ $? -ne 0 ];then
+	if [ "$testipv6" -eq 1 ] ;then
+		if ! load_ruleset_family ip6 "$ns2"; then
 			echo "FAIL: ${ns2} cannot load ip6 ruleset" 1>&2
 			exit 1
 		fi
@@ -190,8 +164,8 @@ if [ $? -ne 0 ];then
 fi
 
 test_helper 2121 0
-ip netns exec ${ns1} sysctl -qe 'net.netfilter.nf_conntrack_helper=1'
-ip netns exec ${ns2} sysctl -qe 'net.netfilter.nf_conntrack_helper=1'
+ip netns exec "$ns1" sysctl -qe 'net.netfilter.nf_conntrack_helper=1'
+ip netns exec "$ns2" sysctl -qe 'net.netfilter.nf_conntrack_helper=1'
 test_helper 21 1
 
 exit $ret
-- 
2.43.2
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux