tests: With iptables-nft, TRACE works differently

This is 'meta nftrace' internally, therefore have to use 'xtables-monitor --trace' command to fetch the traces (which also look a bit differently). Related: RHEL-14147
2023-10-27 20:04:07 +00:00 · 2023-10-27 20:04:07 +00:00 · 26c9e1e407
commit 26c9e1e407
parent d977b706cf
1 changed files with 26 additions and 9 deletions
--- a/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh
+++ b/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh
@ -99,16 +99,33 @@ rlJournalStart
        else
            rlLogInfo "new kernel detected: skipping loading modules and associated checks"
        fi
-        ipv4_ping; ipv6_ping
-        rlRun "get_messages > messages.current"
+        if rlIsRHEL '>7' || rlIsFedora '>31' || rlIsCentOS '>7'; then
+            # assume iptables-nft
+            xtables-monitor --trace >messages.current &
+            monitor_pid=$!

-        rlRun "diff messages.log-orig messages.current > diff.2" 0,1
-        rlAssertGrep "TRACE" diff.2
-        rlAssertGrep "TRACE.*PROTO=ICMP " diff.2
-        rlAssertGrep "TRACE.*PROTO=ICMPv6 " diff.2
-        echo --debug_START--
-        cat diff.2
-        echo --debug_END--
+            ipv4_ping
+            ipv6_ping
+
+            kill $monitor_pid
+
+            rlAssertGrep "TRACE: 2 .* -4 " messages.current
+            rlAssertGrep "TRACE: 10 .* -6 " messages.current
+            echo --debug_START--
+            cat messages.current
+            echo --debug_END--
+        else
+            ipv4_ping; ipv6_ping
+            rlRun "get_messages > messages.current"
+
+            rlRun "diff messages.log-orig messages.current > diff.2" 0,1
+            rlAssertGrep "TRACE" diff.2
+            rlAssertGrep "TRACE.*PROTO=ICMP " diff.2
+            rlAssertGrep "TRACE.*PROTO=ICMPv6 " diff.2
+            echo --debug_START--
+            cat diff.2
+            echo --debug_END--
+        fi
    rlPhaseEnd

    rlPhaseStartCleanup