83 lines
2.3 KiB
Diff
83 lines
2.3 KiB
Diff
From 8c79246dbc5b8945c22b313ad51be698f2b61316 Mon Sep 17 00:00:00 2001
|
|
From: Eric Garver <eric@garver.life>
|
|
Date: Wed, 9 Aug 2023 14:39:08 -0400
|
|
Subject: [PATCH 16/17] v1.2.0: test(CleanUpOnExit): verify restart does not
|
|
duplicate rules
|
|
|
|
Coverage: rhbz2222044
|
|
(cherry picked from commit c66e752a00c05a5afa58904850d244f50528059e)
|
|
---
|
|
src/tests/regression/regression.at | 1 +
|
|
src/tests/regression/rhbz2222044.at | 50 +++++++++++++++++++++++++++++
|
|
2 files changed, 51 insertions(+)
|
|
create mode 100644 src/tests/regression/rhbz2222044.at
|
|
|
|
diff --git a/src/tests/regression/regression.at b/src/tests/regression/regression.at
|
|
index 889c66dd175d..bc9aeb1a8624 100644
|
|
--- a/src/tests/regression/regression.at
|
|
+++ b/src/tests/regression/regression.at
|
|
@@ -52,3 +52,4 @@ m4_include([regression/rhbz2181406.at])
|
|
m4_include([regression/ipset_scale.at])
|
|
m4_include([regression/gh881.at])
|
|
m4_include([regression/gh1011.at])
|
|
+m4_include([regression/rhbz2222044.at])
|
|
diff --git a/src/tests/regression/rhbz2222044.at b/src/tests/regression/rhbz2222044.at
|
|
new file mode 100644
|
|
index 000000000000..9f3b1615b2f9
|
|
--- /dev/null
|
|
+++ b/src/tests/regression/rhbz2222044.at
|
|
@@ -0,0 +1,50 @@
|
|
+FWD_START_TEST([duplicate rules after restart])
|
|
+AT_KEYWORDS(rhbz2222044)
|
|
+AT_SKIP_IF([! NS_CMD([command -v wc >/dev/null 2>&1])])
|
|
+
|
|
+dnl rules have not changed so rule count should not change
|
|
+m4_define([check_rule_count], [
|
|
+m4_if(nftables, FIREWALL_BACKEND, [
|
|
+NS_CHECK([nft list table inet firewalld | wc -l], 0, [dnl
|
|
+237
|
|
+])
|
|
+NS_CHECK([nft list table ip firewalld | wc -l], 0, [dnl
|
|
+105
|
|
+])
|
|
+NS_CHECK([nft list table ip6 firewalld | wc -l], 0, [dnl
|
|
+105
|
|
+])
|
|
+], [ dnl iptables
|
|
+NS_CHECK([iptables-save | wc -l], 0, [dnl
|
|
+256
|
|
+])
|
|
+])])
|
|
+
|
|
+dnl --------------------------
|
|
+dnl --------------------------
|
|
+
|
|
+AT_CHECK([sed -i 's/^CleanupOnExit.*/CleanupOnExit=yes/' ./firewalld.conf])
|
|
+FWD_RELOAD()
|
|
+
|
|
+check_rule_count()
|
|
+FWD_RESTART()
|
|
+check_rule_count()
|
|
+
|
|
+check_rule_count()
|
|
+FWD_RELOAD()
|
|
+check_rule_count()
|
|
+
|
|
+dnl Now do it again, but with CleanupOnExit=no
|
|
+AT_CHECK([sed -i 's/^CleanupOnExit.*/CleanupOnExit=no/' ./firewalld.conf])
|
|
+FWD_RELOAD()
|
|
+
|
|
+check_rule_count()
|
|
+FWD_RESTART()
|
|
+check_rule_count()
|
|
+
|
|
+check_rule_count()
|
|
+FWD_RELOAD()
|
|
+check_rule_count()
|
|
+
|
|
+m4_undefine([check_rule_count])
|
|
+FWD_END_TEST()
|
|
--
|
|
2.39.3
|
|
|