[Devel] [PATCH vz10] selftests: netfilter: avoid RULE_REPLACE error when zeroing rule counters

[Aleksei Oladko]

The rpath.sh test fails on certain iptables versions when
attempting to zero all table counters at once via 'iptables -Z'.
The operation returns

  RULE_REPLACE failed (Invalid argument): rule in chain PREROUTING

As a workaround, reset counters by iterating over rules and
zeroing them individually instead of using a single RULE_REPLACE
operation.

https://virtuozzo.atlassian.net/browse/VSTOR-121588

Signed-off-by: Aleksei Oladko <aleksey.oladko at virtuozzo.com>
---
 tools/testing/selftests/net/netfilter/rpath.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/tools/testing/selftests/net/netfilter/rpath.sh b/tools/testing/selftests/net/netfilter/rpath.sh
index 86ec4e68594d..1b15daa2e2da 100755
--- a/tools/testing/selftests/net/netfilter/rpath.sh
+++ b/tools/testing/selftests/net/netfilter/rpath.sh
@@ -133,8 +133,12 @@ netns_ping() { # (netns, args...)
 }
 
 clear_counters() {
-	[ -n "$iptables" ] && ip netns exec "$ns2" "$iptables" -t raw -Z
-	[ -n "$ip6tables" ] && ip netns exec "$ns2" "$ip6tables" -t raw -Z
+	[ -n "$iptables" ] && ip netns exec "$ns2" "$iptables" -t raw -Z || \
+	ip netns exec "$ns2" bash -c "'$iptables' -L PREROUTING -t raw -n --line-numbers | \
+	awk '\$1+0>0 {print \$1}' | xargs -rL1 '$iptables' -t raw -Z PREROUTING"
+	[ -n "$ip6tables" ] && ip netns exec "$ns2" "$ip6tables" -t raw -Z || \
+	ip netns exec "$ns2" bash -c "'$ip6tables' -L PREROUTING -t raw -n --line-numbers | \
+	awk '\$1+0>0 {print \$1}' | xargs -rL1 '$ip6tables' -t raw -Z PREROUTING"
 	if [ -n "$nft" ]; then
 		(
 			echo "delete table inet t";
-- 
2.43.0