On 02/08/2018 02:19 PM, Laine Stump wrote:
In the no-mac-broadcast test, a ping is sent to 192.168.122.255, but
tcpdump is set to look for packets with a destination IP of
255.255.255.255. Change it to check for the correct IP address and
also for mac broadcast (which is what the no-mac-broadcast filter
actually looks at). This should eliminate the "false success" that was
happening because tcpdump wasn't actually seeing the broadcast packet
the guest was sending, as well as catching the "false failure" caused
by tcpdump seeing other traffic from the guest unrelated to the test
(which happened to be broadcasts sent to 255.255.255.255).
Signed-off-by: Laine Stump <laine(a)laine.org>
Review-by: Stefan Berger
<stefanb(a)linux.vnet.ibm.com>
---
Unchanged from V1, it just had no review.
scripts/nwfilter/230-no-mac-broadcast.t | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/nwfilter/230-no-mac-broadcast.t
b/scripts/nwfilter/230-no-mac-broadcast.t
index 6ab20d8..758005c 100644
--- a/scripts/nwfilter/230-no-mac-broadcast.t
+++ b/scripts/nwfilter/230-no-mac-broadcast.t
@@ -80,7 +80,7 @@ ok($ebtable =~ "-d Broadcast -j DROP", "check ebtables
entry for \"-d Broadcast
# prepare tcpdump
diag "prepare tcpdump";
-system("/usr/sbin/tcpdump -v -i virbr0 -n host 255.255.255.255 2>
/tmp/tcpdump.log &");
+system("/usr/sbin/tcpdump -v -i virbr0 -n host 192.168.122.255 and ether host
ff:ff:ff:ff:ff:ff 2> /tmp/tcpdump.log &");
# log into guest
diag "ssh'ing into $guestip";