commit 0c4cd3f86a40028845ad6f8af5b37165666404cd upstream. IPTables commands using 'iptables-nft' fail on old kernels, at least 5.15 because it doesn't see the default IPTables chains: $ iptables -L iptables/1.8.2 Failed to initialize nft: Protocol not supported As a first step before switching to NFTables, we can use iptables-legacy if available. Link: https://github.com/multipath-tcp/mptcp_net-next/issues/368 Fixes: 8d014eaa9254 ("selftests: mptcp: add ADD_ADDR timeout test case") Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Matthieu Baerts <matthieu.baerts@xxxxxxxxxxxx> Signed-off-by: Jakub Kicinski <kuba@xxxxxxxxxx> Signed-off-by: Matthieu Baerts <matthieu.baerts@xxxxxxxxxxxx> --- Applied on top of stable-rc/linux-5.15.y: d2efde0d1c2e ("Linux 5.15.119-rc1"). Conflicting with commits: - 87154755d90e ("selftests: mptcp: join: check for tools only if needed") - c7d49c033de0 ("selftests: mptcp: join: alt. to exec specific tests") - b6e074e171bc ("selftests: mptcp: add infinite map testcase") - 3469d72f135a ("selftests: mptcp: join: helper to filter TCP") The code checking if the "iptables" command is available has been moved, some modifications in the same context and new code we don't need because we just want to replace "iptables" by "$iptables". Signed-off-by: Matthieu Baerts <matthieu.baerts@xxxxxxxxxxxx> --- tools/testing/selftests/net/mptcp/mptcp_join.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 7330e32bb9ab..e6391e234e97 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -12,6 +12,8 @@ cinfail="" cinsent="" cout="" ksft_skip=4 +iptables="iptables" +ip6tables="ip6tables" timeout_poll=30 timeout_test=$((timeout_poll * 2 + 1)) mptcp_connect="" @@ -126,9 +128,9 @@ reset_with_add_addr_timeout() local ip="${1:-4}" local tables - tables="iptables" + tables="${iptables}" if [ $ip -eq 6 ]; then - tables="ip6tables" + tables="${ip6tables}" fi reset @@ -171,8 +173,10 @@ if [ $? -ne 0 ];then exit $ksft_skip fi -iptables -V > /dev/null 2>&1 -if [ $? -ne 0 ];then +if iptables-legacy -V &> /dev/null; then + iptables="iptables-legacy" + ip6tables="ip6tables-legacy" +elif ! iptables -V &> /dev/null; then echo "SKIP: Could not run all tests without iptables tool" exit $ksft_skip fi -- 2.40.1
