[Devel] [PATCH 0/3] selftests: forwarding: fix br_netfilter related test failures

[Pavel Tikhomirov]

Just an idea, could we avoid patching the test if we disable

/proc/sys/net/bridge/bridge-nf-call-arptables
/proc/sys/net/bridge/bridge-nf-call-ip6tables
/proc/sys/net/bridge/bridge-nf-call-iptables

in tests netns? (to avoid passing packets to br_netfilter)

On 2/1/26 00:19, Aleksei Oladko wrote:
> This patch series fixes kselftests that fail when the br_nefilter
> module is loaded. The failures occur because the tests generate
> packets that are either modified or encapsulated, but their IP
> headers are not fully correct for sanity checks performed by
> be_netfilter.
> 
> https://virtuozzo.atlassian.net/browse/VSTOR-123249
> 
> Aleksei Oladko (3):
>   selftests: forwarding: vxlan_bridge_1d: fix test failure with
>     br_netfilter enabled
>   selftests: forwarding: vxlan_bridge_1d_ipv6: fix test failure with
>     br_netfilter enabled
>   selftests: forwarding: fix pedit tests failure with br_netfilter
>     enabled
> 
>  .../selftests/net/forwarding/pedit_dsfield.sh |  2 +-
>  .../selftests/net/forwarding/pedit_ip.sh      |  2 +-
>  .../net/forwarding/vxlan_bridge_1d.sh         | 26 ++++++++++++-------
>  .../net/forwarding/vxlan_bridge_1d_ipv6.sh    |  2 +-
>  4 files changed, 19 insertions(+), 13 deletions(-)
> 

-- 
Best regards, Pavel Tikhomirov
Senior Software Developer, Virtuozzo.