On Wed, Feb 07, 2018 at 09:04:57PM -0500, Laine Stump wrote:
Once the correct filter is enabled for the no-mac-broadcast test,
the
original test to validate ebtables rules is no longer correct - it was
checking for the presence of the test guest's MAC address in the
ebtables output on the host, but the no-mac-broadcast filter doesn't
have the guest's MAC address anywhere. This patch changes the code to
look for "-d Broadcast -j DROP", which actually is added to ebtables
for no-mac-broadcast.
---
scripts/nwfilter/230-no-mac-broadcast.t | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/scripts/nwfilter/230-no-mac-broadcast.t
b/scripts/nwfilter/230-no-mac-broadcast.t
index 292c056..8895a53 100644
--- a/scripts/nwfilter/230-no-mac-broadcast.t
+++ b/scripts/nwfilter/230-no-mac-broadcast.t
@@ -74,12 +74,9 @@ diag "ip is $guestip";
# check ebtables entry
my $ebtables = (-e '/sbin/ebtables') ? '/sbin/ebtables' :
'/usr/sbin/ebtables';
-my $ebtable = `$ebtables -L;$ebtables -t nat -L`;
+my $ebtable = `$ebtables -t nat -L`;
diag $ebtable;
-# ebtables shortens :00: to :0: so we need to do that too
-$_ = $mac;
-s/00/0/g;
-ok($ebtable =~ $_, "check ebtables entry");
+ok($ebtable =~ "-d Broadcast -j DROP", "check ebtables entry for
\"-d Broadcast -j DROP\"");
# prepare tcpdump
diag "prepare tcpdump";
Reviewed-by: Daniel P. Berrange <berrange(a)redhat.com>
Regards,
Daniel
--
|:
https://berrange.com -o-
https://www.flickr.com/photos/dberrange :|
|:
https://libvirt.org -o-
https://fstop138.berrange.com :|
|:
https://entangle-photo.org -o-
https://www.instagram.com/dberrange :|