Re: [PATCH net] selftests: netfilter: Pass the family parameter to conntrack tool
From: Pablo Neira Ayuso
Date: Mon Jan 04 2021 - 07:01:59 EST
Please, Cc netfilter-devel@xxxxxxxxxxxxxxx, and a more few comments
below.
On Mon, Jan 04, 2021 at 07:07:23PM +0800, Yi Chen wrote:
> From: yiche <yiche@xxxxxxxxxx>
>
> Fix nft_conntrack_helper.sh fake fail:
> conntrack tool need "-f ipv6" parameter to show out ipv6 traffic items.
> sleep 1 second after background nc send packet, to make sure check
> result after this statement is executed.
Missing Fixes: tag ?
> Signed-off-by: yiche <yiche@xxxxxxxxxx>
> ---
> .../selftests/netfilter/nft_conntrack_helper.sh | 12 +++++++++---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/tools/testing/selftests/netfilter/nft_conntrack_helper.sh b/tools/testing/selftests/netfilter/nft_conntrack_helper.sh
> index edf0a48da6bf..ebdf2b23c8e3 100755
> --- a/tools/testing/selftests/netfilter/nft_conntrack_helper.sh
> +++ b/tools/testing/selftests/netfilter/nft_conntrack_helper.sh
> @@ -94,7 +94,13 @@ check_for_helper()
> local message=$2
> local port=$3
>
> - ip netns exec ${netns} conntrack -L -p tcp --dport $port 2> /dev/null |grep -q 'helper=ftp'
> + if [[ "$2" =~ "ipv6" ]];then
> + local family=ipv6
> + else
> + local family=ipv4
This branch coding style diverges from the existing code.
> + fi