Re: [libvirt] [PATCH] [RESEND] [TCK] nwfilter: Adapt to changes how filters are instantiated

I am resending the patch with 'evolution' and hope no patch-mangling occurs. At least it looks ok before sending (also sending patch as an attachment)

Recent changes to how filters are being instantiated require follow-up changes to the test suite. The following changes are related to - usage of 'ctdir' - changes to the host's incoming filter chain Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com&gt;

#iptables -L HI-vnet0 -n Chain HI-vnet0 (1 references) target prot opt source destination -ACCEPT udplite-- 0.0.0.0/0 10.1.2.3 MAC 01:02:03:04:05:06 DSCP match 0x02 -ACCEPT udplite-- 0.0.0.0/0 10.1.0.0/22 DSCP match 0x21 -ACCEPT udplite-- 0.0.0.0/0 10.1.0.0/22 DSCP match 0x21 +RETURN udplite-- 0.0.0.0/0 10.1.2.3 MAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY +RETURN udplite-- 0.0.0.0/0 10.1.0.0/22 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL +RETURN udplite-- 0.0.0.0/0 10.1.0.0/22 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL

Chain HI-vnet0 (1 references) target prot opt source destination -ACCEPT udp -- 0.0.0.0/0 10.1.2.3 MAC 01:02:03:04:05:06 DSCP match 0x22udp spts:291:400 dpts:564:1092 +RETURN udp -- 0.0.0.0/0 10.1.2.3 MAC 01:02:03:04:05:06 DSCP match 0x22udp spts:291:400 dpts:564:1092 state NEW,ESTABLISHED ctdir REPLY #iptables -L libvirt-host-in -n | grep HI-vnet0 | tr -s " " HI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0 #iptables -L libvirt-in -n | grep FI-vnet0 | tr -s " "

#ip6tables -L HI-vnet0 -n Chain HI-vnet0 (1 references) target prot opt source destination -ACCEPT tcp ::/0 a:b:c::/128 tcp spts:256:4369 dpts:32:33 +RETURN tcp ::/0 a:b:c::/128 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL #ip6tables -L libvirt-host-in -n | grep vnet0 | tr -s " " HI-vnet0 all ::/0 ::/0 [goto] PHYSDEV match --physdev-in vnet0 #ip6tables -L libvirt-in -n | grep vnet0 | tr -s " "