[CRIU] [PATCH 3/3] test: check that contracks are dumped and restored

Andrey Vagin avagin at openvz.org
Thu Feb 4 11:36:16 PST 2016 

From: Andrew Vagin <avagin at virtuozzo.com>

This tests sets filters which drops all packets which don't
belongs to current tcp connections and creates one tcp connection.

Signed-off-by: Andrew Vagin <avagin at virtuozzo.com>
---
 test/zdtm/live/static/Makefile                    |  2 ++
 test/zdtm/live/static/socket-tcp-nfconntrack.c    |  1 +
 test/zdtm/live/static/socket-tcp-nfconntrack.desc |  1 +
 test/zdtm/live/static/socket-tcp.c                | 13 +++++++++++++
 4 files changed, 17 insertions(+)
 create mode 120000 test/zdtm/live/static/socket-tcp-nfconntrack.c
 create mode 100644 test/zdtm/live/static/socket-tcp-nfconntrack.desc

diff --git a/test/zdtm/live/static/Makefile b/test/zdtm/live/static/Makefile
index 357b784..86477d9 100644
--- a/test/zdtm/live/static/Makefile
+++ b/test/zdtm/live/static/Makefile
@@ -64,6 +64,7 @@ TST_NOFILE	=				\
 		socket-tcp			\
 		socket-tcp6			\
 		socket-tcp-local		\
+		socket-tcp-nfconntrack		\
 		socket-tcp6-local		\
 		socket-tcpbuf			\
 		socket-tcpbuf-local		\
@@ -357,6 +358,7 @@ socket-tcpbuf-local: override CFLAGS += -D ZDTM_TCP_LOCAL
 socket-tcpbuf6-local: override CFLAGS += -D ZDTM_TCP_LOCAL -D ZDTM_IPV6
 socket-tcp6-local: override CFLAGS += -D ZDTM_TCP_LOCAL -D ZDTM_IPV6
 socket-tcp-local: override CFLAGS += -D ZDTM_TCP_LOCAL
+socket-tcp-nfconntrack: override CFLAGS += -D ZDTM_TCP_LOCAL -DZDTM_CONNTRACK
 socket_listen6: override CFLAGS += -D ZDTM_IPV6
 sigpending:		override LDLIBS += -lrt
 vdso01:			override LDLIBS += -lrt
diff --git a/test/zdtm/live/static/socket-tcp-nfconntrack.c b/test/zdtm/live/static/socket-tcp-nfconntrack.c
new file mode 120000
index 0000000..8cb60dd
--- /dev/null
+++ b/test/zdtm/live/static/socket-tcp-nfconntrack.c
@@ -0,0 +1 @@
+socket-tcp.c
\ No newline at end of file
diff --git a/test/zdtm/live/static/socket-tcp-nfconntrack.desc b/test/zdtm/live/static/socket-tcp-nfconntrack.desc
new file mode 100644
index 0000000..add2513
--- /dev/null
+++ b/test/zdtm/live/static/socket-tcp-nfconntrack.desc
@@ -0,0 +1 @@
+{'flavor': 'h', 'opts': '--tcp-established', 'flags': 'suid'}
diff --git a/test/zdtm/live/static/socket-tcp.c b/test/zdtm/live/static/socket-tcp.c
index ea669d9..3eca8de 100644
--- a/test/zdtm/live/static/socket-tcp.c
+++ b/test/zdtm/live/static/socket-tcp.c
@@ -1,3 +1,6 @@
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
 #include "zdtmtst.h"
 
 #ifdef ZDTM_IPV6
@@ -16,6 +19,7 @@ const char *test_author = "Andrey Vagin <avagin at parallels.com";
 #include <errno.h>
 #include <stdlib.h>
 #include <signal.h>
+#include <sched.h>
 #include <netinet/tcp.h>
 
 static int port = 8880;
@@ -61,6 +65,15 @@ int main(int argc, char **argv)
 	int val;
 	socklen_t optlen;
 
+#ifdef ZDTM_CONNTRACK
+	unshare(CLONE_NEWNET);
+	if (system("ip link set up dev lo"))
+		return 1;
+	if (system("iptables -A INPUT -i lo -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT"))
+		return 1;
+	system("iptables -A INPUT -j DROP");
+#endif
+
 #ifdef ZDTM_TCP_LOCAL
 	test_init(argc, argv);
 #endif
-- 
2.4.3

More information about the CRIU mailing list