[libvirt] [PATCH 1/2] [TCK] nwfilter: Adapt test program and cases to recent iptables

Recent iptables fixes a lot of issues with missing spaces and other information that was previously not reported properly. To make the test program and test cases work on old and newer installations of iptables tools, some adjustments need to be made. Fix a 'file not found error' when running this tool from the shell directly. --- scripts/nwfilter/nwfilter2vmtest.sh | 6 +++--- scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) Index: libvirt-tck/scripts/nwfilter/nwfilter2vmtest.sh =================================================================== --- libvirt-tck.orig/scripts/nwfilter/nwfilter2vmtest.sh +++ libvirt-tck/scripts/nwfilter/nwfilter2vmtest.sh @@ -9,7 +9,7 @@ VIRSH=virsh # For each line starting with uri=, remove the prefix and set the hold # space to the rest of the line. Then at file end, print the hold # space, which is effectively the last uri= line encountered. -uri=$(sed -n '/^uri[ ]*=[ ]*/ { +[ -r "$LIBVIRT_TCK_CONFIG" ] && uri=$(sed -n '/^uri[ ]*=[ ]*/ { s/// h } @@ -147,12 +147,12 @@ checkExpectedOutput() { break fi - diff ${tmpfile} ${tmpfile2} >/dev/null + diff -w ${tmpfile} ${tmpfile2} >/dev/null if [ $? -ne 0 ]; then if [ $(($flags & $FLAG_VERBOSE)) -ne 0 ]; then echo "FAIL ${xmlfile} : ${cmd}" - diff ${tmpfile} ${tmpfile2} + diff -w ${tmpfile} ${tmpfile2} fi failctr=$(($failctr + 1)) if [ $(($flags & $FLAG_WAIT)) -ne 0 ]; then Index: libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall =================================================================== --- libvirt-tck.orig/scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall +++ libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/conntrack-test.fwall @@ -1,18 +1,18 @@ -#iptables -L FI-vnet0 -n +#iptables -L FI-vnet0 -n | sed 's|#conn/|#conn src/|' Chain FI-vnet0 (1 references) target prot opt source destination -DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn/32 > 1 -DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn/32 > 2 +DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32 > 1 +DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32 > 2 RETURN all -- 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED ctdir REPLY #iptables -L FO-vnet0 -n Chain FO-vnet0 (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED ctdir ORIGINAL -#iptables -L HI-vnet0 -n +#iptables -L HI-vnet0 -n | sed 's|#conn/|#conn src/|' Chain HI-vnet0 (1 references) target prot opt source destination -DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn/32 > 1 -DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn/32 > 2 +DROP icmp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32 > 1 +DROP tcp -- 0.0.0.0/0 0.0.0.0/0 #conn src/32 > 2 RETURN all -- 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED ctdir REPLY #iptables -L libvirt-host-in -n | grep vnet0 | tr -s " " HI-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-in vnet0