diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2013-07-02 14:01:38 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2014-04-02 11:55:05 +0200 |
| commit | 7a61bf9032dab58956ee6ad72986b1bc1a642668 (patch) | |
| tree | 2a0b3679f1b1618857630cbf794d80a407bda570 | |
| parent | f678bce84c2beace8b89ea5ffa9537271a7125fb (diff) | |
| download | strongswan-7a61bf9032dab58956ee6ad72986b1bc1a642668.tar.bz2 strongswan-7a61bf9032dab58956ee6ad72986b1bc1a642668.tar.xz | |
testing: Run 'conntrack -F' before all test scenarios
This prevents failures due to remaining conntrack entries.
28 files changed, 14 insertions, 41 deletions
diff --git a/testing/do-tests b/testing/do-tests index 979cb487f..becb7f181 100755 --- a/testing/do-tests +++ b/testing/do-tests @@ -373,6 +373,15 @@ do done fi + ########################################################################## + # flush conntrack table on all hosts + # + + for host in $STRONGSWANHOSTS + do + ssh $SSHCONF root@`eval echo \\\$ipv4_$host` 'conntrack -F' >/dev/null 2>&1 + done + ########################################################################## # execute pre-test commands diff --git a/testing/tests/ha/both-active/posttest.dat b/testing/tests/ha/both-active/posttest.dat index e4ffe8eef..867016dba 100644 --- a/testing/tests/ha/both-active/posttest.dat +++ b/testing/tests/ha/both-active/posttest.dat @@ -13,5 +13,3 @@ alice::ip addr del 10.1.0.5/16 dev eth0 alice::ifdown eth1 venus::ip route del default via 10.1.0.5 dev eth0 venus::ip route add default via 10.1.0.1 dev eth0 -moon::conntrack -F -alice::conntrack -F diff --git a/testing/tests/ikev1/double-nat-net/posttest.dat b/testing/tests/ikev1/double-nat-net/posttest.dat index 63d4f98e7..ec663e70d 100644 --- a/testing/tests/ikev1/double-nat-net/posttest.dat +++ b/testing/tests/ikev1/double-nat-net/posttest.dat @@ -4,6 +4,4 @@ alice::iptables-restore < /etc/iptables.flush bob::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F sun::iptables -t nat -F -moon::conntrack -F -sun::conntrack -F sun::ip route del 10.1.0.0/16 via PH_IP_BOB diff --git a/testing/tests/ikev1/double-nat/posttest.dat b/testing/tests/ikev1/double-nat/posttest.dat index aa806bfc9..f434b336c 100644 --- a/testing/tests/ikev1/double-nat/posttest.dat +++ b/testing/tests/ikev1/double-nat/posttest.dat @@ -4,5 +4,3 @@ alice::iptables-restore < /etc/iptables.flush bob::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F sun::iptables -t nat -F -moon::conntrack -F -sun::conntrack -F diff --git a/testing/tests/ikev1/nat-rw/posttest.dat b/testing/tests/ikev1/nat-rw/posttest.dat index 4643a3a7b..bc7d23771 100644 --- a/testing/tests/ikev1/nat-rw/posttest.dat +++ b/testing/tests/ikev1/nat-rw/posttest.dat @@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush venus::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F -moon::conntrack -F diff --git a/testing/tests/ikev1/nat-virtual-ip/posttest.dat b/testing/tests/ikev1/nat-virtual-ip/posttest.dat index 11bd19da7..b9fbde7cb 100644 --- a/testing/tests/ikev1/nat-virtual-ip/posttest.dat +++ b/testing/tests/ikev1/nat-virtual-ip/posttest.dat @@ -2,5 +2,4 @@ moon::ipsec stop sun::ipsec stop moon::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush -moon::conntrack -F moon::rm /etc/nat_updown diff --git a/testing/tests/ikev1/nat-virtual-ip/pretest.dat b/testing/tests/ikev1/nat-virtual-ip/pretest.dat index eb0c28c7f..8945d87b9 100644 --- a/testing/tests/ikev1/nat-virtual-ip/pretest.dat +++ b/testing/tests/ikev1/nat-virtual-ip/pretest.dat @@ -1,8 +1,7 @@ moon::iptables-restore < /etc/iptables.rules sun::iptables-restore < /etc/iptables.rules -moon::conntrack -F moon::ipsec start sun::ipsec start -moon::sleep 1 +moon::sleep 1 moon::ipsec up net-net moon::sleep 1 diff --git a/testing/tests/ikev2/compress-nat/posttest.dat b/testing/tests/ikev2/compress-nat/posttest.dat index b8432a8f2..ddab5f9f9 100644 --- a/testing/tests/ikev2/compress-nat/posttest.dat +++ b/testing/tests/ikev2/compress-nat/posttest.dat @@ -5,6 +5,4 @@ alice::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush bob::iptables-restore < /etc/iptables.flush moon::iptables-restore < /etc/iptables.flush -sun::iptables-restore < /etc/iptables.flush -moon::conntrack -F -sun::conntrack -F
\ No newline at end of file +sun::iptables-restore < /etc/iptables.flush
\ No newline at end of file diff --git a/testing/tests/ikev2/double-nat-net/posttest.dat b/testing/tests/ikev2/double-nat-net/posttest.dat index 63d4f98e7..ec663e70d 100644 --- a/testing/tests/ikev2/double-nat-net/posttest.dat +++ b/testing/tests/ikev2/double-nat-net/posttest.dat @@ -4,6 +4,4 @@ alice::iptables-restore < /etc/iptables.flush bob::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F sun::iptables -t nat -F -moon::conntrack -F -sun::conntrack -F sun::ip route del 10.1.0.0/16 via PH_IP_BOB diff --git a/testing/tests/ikev2/double-nat/posttest.dat b/testing/tests/ikev2/double-nat/posttest.dat index aa806bfc9..f434b336c 100644 --- a/testing/tests/ikev2/double-nat/posttest.dat +++ b/testing/tests/ikev2/double-nat/posttest.dat @@ -4,5 +4,3 @@ alice::iptables-restore < /etc/iptables.flush bob::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F sun::iptables -t nat -F -moon::conntrack -F -sun::conntrack -F diff --git a/testing/tests/ikev2/ip-two-pools-db/posttest.dat b/testing/tests/ikev2/ip-two-pools-db/posttest.dat index 9c0bb5cae..150690e3c 100644 --- a/testing/tests/ikev2/ip-two-pools-db/posttest.dat +++ b/testing/tests/ikev2/ip-two-pools-db/posttest.dat @@ -10,7 +10,6 @@ carol::iptables-restore < /etc/iptables.flush dave::iptables-restore < /etc/iptables.flush moon::ip route del 10.3.0.0/16 via PH_IP_MOON moon::ip route del 10.4.0.0/16 via PH_IP_MOON1 -moon::conntrack -F moon::ipsec pool --del extpool 2> /dev/null moon::ipsec pool --del intpool 2> /dev/null moon::ipsec pool --delattr dns --server PH_IP_VENUS --pool intpool --identity venus.strongswan.org 2> /dev/null diff --git a/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat b/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat index a3924b2f6..57449be25 100644 --- a/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat +++ b/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat @@ -4,6 +4,5 @@ moon::ipsec stop moon::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush alice::iptables-restore < /etc/iptables.flush -moon::conntrack -F moon::ipsec pool --del intpool 2> /dev/null moon::rm /etc/ipsec.d/ipsec.* diff --git a/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat b/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat index 311e9f21d..2e78893e3 100644 --- a/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat +++ b/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat @@ -1,5 +1,4 @@ alice::ip -6 route del default via fec1:\:1 carol::ipsec stop moon::ipsec stop -moon::conntrack -F moon::rm /etc/ipsec.d/ipsec.* diff --git a/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat b/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat index bb20cae05..e46195cd3 100644 --- a/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat +++ b/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat @@ -1,4 +1,3 @@ alice::ip -6 route del default via fec1:\:1 carol::ipsec stop moon::ipsec stop -moon::conntrack -F diff --git a/testing/tests/ikev2/ip-two-pools/posttest.dat b/testing/tests/ikev2/ip-two-pools/posttest.dat index 2fbc2c3a0..7de2bc9be 100644 --- a/testing/tests/ikev2/ip-two-pools/posttest.dat +++ b/testing/tests/ikev2/ip-two-pools/posttest.dat @@ -4,5 +4,4 @@ moon::ipsec stop moon::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush alice::iptables-restore < /etc/iptables.flush -moon::conntrack -F moon::rm /etc/ipsec.d/ipsec.* diff --git a/testing/tests/ikev2/mobike-nat/posttest.dat b/testing/tests/ikev2/mobike-nat/posttest.dat index f4e5316c9..0754edeab 100644 --- a/testing/tests/ikev2/mobike-nat/posttest.dat +++ b/testing/tests/ikev2/mobike-nat/posttest.dat @@ -3,4 +3,3 @@ sun::ipsec stop alice::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F -moon::conntrack -F diff --git a/testing/tests/ikev2/mobike-nat/pretest.dat b/testing/tests/ikev2/mobike-nat/pretest.dat index 86ac6e7e0..fde195daa 100644 --- a/testing/tests/ikev2/mobike-nat/pretest.dat +++ b/testing/tests/ikev2/mobike-nat/pretest.dat @@ -1,7 +1,6 @@ alice::ifup eth1 alice::iptables-restore < /etc/iptables.rules sun::iptables-restore < /etc/iptables.rules -moon::conntrack -F moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100 alice::ipsec start diff --git a/testing/tests/ikev2/nat-rw-mark/posttest.dat b/testing/tests/ikev2/nat-rw-mark/posttest.dat index 72dff4e10..343fcc15b 100644 --- a/testing/tests/ikev2/nat-rw-mark/posttest.dat +++ b/testing/tests/ikev2/nat-rw-mark/posttest.dat @@ -6,7 +6,5 @@ alice::iptables-restore < /etc/iptables.flush venus::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush moon::iptables-restore < /etc/iptables.flush -moon::conntrack -F sun::iptables-restore < /etc/iptables.flush -sun::conntrack -F sun::rm /etc/mark_updown diff --git a/testing/tests/ikev2/nat-rw-psk/posttest.dat b/testing/tests/ikev2/nat-rw-psk/posttest.dat index 4643a3a7b..bc7d23771 100644 --- a/testing/tests/ikev2/nat-rw-psk/posttest.dat +++ b/testing/tests/ikev2/nat-rw-psk/posttest.dat @@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush venus::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F -moon::conntrack -F diff --git a/testing/tests/ikev2/nat-rw/posttest.dat b/testing/tests/ikev2/nat-rw/posttest.dat index 4643a3a7b..bc7d23771 100644 --- a/testing/tests/ikev2/nat-rw/posttest.dat +++ b/testing/tests/ikev2/nat-rw/posttest.dat @@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush venus::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F -moon::conntrack -F diff --git a/testing/tests/ikev2/nat-rw/pretest.dat b/testing/tests/ikev2/nat-rw/pretest.dat index f58e82adc..12676f7ac 100644 --- a/testing/tests/ikev2/nat-rw/pretest.dat +++ b/testing/tests/ikev2/nat-rw/pretest.dat @@ -1,14 +1,13 @@ alice::iptables-restore < /etc/iptables.rules venus::iptables-restore < /etc/iptables.rules sun::iptables-restore < /etc/iptables.rules -moon::conntrack -F moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100 alice::ipsec start venus::ipsec start sun::ipsec start -alice::sleep 2 +alice::sleep 2 alice::ipsec up nat-t -venus::sleep 2 +venus::sleep 2 venus::ipsec up nat-t venus::sleep 2 diff --git a/testing/tests/ikev2/nat-virtual-ip/posttest.dat b/testing/tests/ikev2/nat-virtual-ip/posttest.dat index 11bd19da7..b9fbde7cb 100644 --- a/testing/tests/ikev2/nat-virtual-ip/posttest.dat +++ b/testing/tests/ikev2/nat-virtual-ip/posttest.dat @@ -2,5 +2,4 @@ moon::ipsec stop sun::ipsec stop moon::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush -moon::conntrack -F moon::rm /etc/nat_updown diff --git a/testing/tests/ikev2/nat-virtual-ip/pretest.dat b/testing/tests/ikev2/nat-virtual-ip/pretest.dat index eb0c28c7f..8945d87b9 100644 --- a/testing/tests/ikev2/nat-virtual-ip/pretest.dat +++ b/testing/tests/ikev2/nat-virtual-ip/pretest.dat @@ -1,8 +1,7 @@ moon::iptables-restore < /etc/iptables.rules sun::iptables-restore < /etc/iptables.rules -moon::conntrack -F moon::ipsec start sun::ipsec start -moon::sleep 1 +moon::sleep 1 moon::ipsec up net-net moon::sleep 1 diff --git a/testing/tests/ikev2/net2net-same-nets/posttest.dat b/testing/tests/ikev2/net2net-same-nets/posttest.dat index b0225c37e..5fca9501d 100644 --- a/testing/tests/ikev2/net2net-same-nets/posttest.dat +++ b/testing/tests/ikev2/net2net-same-nets/posttest.dat @@ -4,4 +4,3 @@ moon::ipsec stop sun::ipsec stop moon::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush -sun::conntrack -F diff --git a/testing/tests/ikev2/rw-mark-in-out/posttest.dat b/testing/tests/ikev2/rw-mark-in-out/posttest.dat index 283099acb..407427a0d 100644 --- a/testing/tests/ikev2/rw-mark-in-out/posttest.dat +++ b/testing/tests/ikev2/rw-mark-in-out/posttest.dat @@ -6,7 +6,5 @@ alice::iptables-restore < /etc/iptables.flush venus::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush sun::ip route del 10.1.0.0/16 via PH_IP_MOON -sun::conntrack -F sun::rm /etc/mark_updown moon::iptables -t nat -F -moon::conntrack -F diff --git a/testing/tests/p2pnat/behind-same-nat/posttest.dat b/testing/tests/p2pnat/behind-same-nat/posttest.dat index a1d5b4612..f02095725 100644 --- a/testing/tests/p2pnat/behind-same-nat/posttest.dat +++ b/testing/tests/p2pnat/behind-same-nat/posttest.dat @@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush venus::iptables-restore < /etc/iptables.flush moon::iptables-restore < /etc/iptables.flush -moon::conntrack -F diff --git a/testing/tests/p2pnat/medsrv-psk/posttest.dat b/testing/tests/p2pnat/medsrv-psk/posttest.dat index 4b696b90f..90a729237 100644 --- a/testing/tests/p2pnat/medsrv-psk/posttest.dat +++ b/testing/tests/p2pnat/medsrv-psk/posttest.dat @@ -6,5 +6,3 @@ carol::iptables-restore < /etc/iptables.flush bob::iptables-restore < /etc/iptables.flush moon::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush -moon::conntrack -F -sun::conntrack -F diff --git a/testing/tests/pfkey/nat-rw/posttest.dat b/testing/tests/pfkey/nat-rw/posttest.dat index 4643a3a7b..bc7d23771 100644 --- a/testing/tests/pfkey/nat-rw/posttest.dat +++ b/testing/tests/pfkey/nat-rw/posttest.dat @@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush venus::iptables-restore < /etc/iptables.flush sun::iptables-restore < /etc/iptables.flush moon::iptables -t nat -F -moon::conntrack -F |