[CRIU] [PATCH] [vzt] ./test/zdtm/static:conntracks: Support nftables
Andrei Vagin
avagin at gmail.com
Sun Nov 3 20:06:06 MSK 2019
Applied, thanks!
On Fri, Nov 01, 2019 at 09:00:23AM +0000, Vitaly Ostrosablin wrote:
> Update test to support both iptables and nft to create conntrack rules.
>
> PSBM-99101
>
> Signed-off-by: Vitaly Ostrosablin <vostrosablin at virtuozzo.com>
> ---
> test/zdtm/static/conntracks | 36 ++++++++++++++++++++++++++++++++++--
> 1 file changed, 34 insertions(+), 2 deletions(-)
>
> diff --git a/test/zdtm/static/conntracks b/test/zdtm/static/conntracks
> index a30e0e268..26220f97c 100755
> --- a/test/zdtm/static/conntracks
> +++ b/test/zdtm/static/conntracks
> @@ -23,7 +23,7 @@ do_or_fail()
> fail "$failmsg: $output"
> }
>
> -do_start()
> +do_start_ipt()
> {
> [ -f "$statefile" ] && die "state file $statefile aleady exists"
>
> @@ -35,7 +35,7 @@ do_start()
> iptables -L \> "$statefile"
> }
>
> -do_stop()
> +do_stop_ipt()
> {
> do_or_fail "can't compare the iptables" \
> iptables -L \| diff -u "$statefile" -
> @@ -45,6 +45,38 @@ do_stop()
> echo "PASS" > $outfile
> }
>
> +do_start_nft()
> +{
> + [ -f "$statefile" ] && die "state file $statefile aleady exists"
> +
> + do_or_fail "can't install a state match" \
> + nft add rule filter INPUT \
> + ct state related,established accept
> +
> + do_or_fail "can't list the loaded nftables" \
> + nft list ruleset \> "$statefile"
> +}
> +
> +do_stop_nft()
> +{
> + do_or_fail "can't compare the nftables" \
> + nft list ruleset \| diff -u "$statefile" -
> +
> + rm -f "$statefile"
> +
> + echo "PASS" > $outfile
> +}
> +
> +do_start()
> +{
> + [ -x "$(command -v nft)" ] && do_start_nft || do_start_ipt
> +}
> +
> +do_stop()
> +{
> + [ -x "$(command -v nft)" ] && do_stop_nft || do_stop_ipt
> +}
> +
> tmpargs="$(../lib/parseargs.sh --name=$0 \
> --flags-req=statefile,outfile \
> --flags-opt="start,stop" -- "$@")" ||
> --
> 2.23.0
>
>
> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu
More information about the CRIU
mailing list