From 26c9e1e407051606ce680ae4cfd410f6b2943a9e Mon Sep 17 00:00:00 2001
From: Phil Sutter <psutter@redhat.com>
Date: Fri, 27 Oct 2023 20:04:07 +0000
Subject: [PATCH] tests: With iptables-nft, TRACE works differently

This is 'meta nftrace' internally, therefore have to use
'xtables-monitor --trace' command to fetch the traces (which also look a
bit differently).

Related: RHEL-14147
---
 .../runtest.sh                                | 35 ++++++++++++++-----
 1 file changed, 26 insertions(+), 9 deletions(-)

diff --git a/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh b/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh
index 930baba..e228d78 100755
--- a/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh
+++ b/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh
@@ -99,16 +99,33 @@ rlJournalStart
         else
             rlLogInfo "new kernel detected: skipping loading modules and associated checks"
         fi
-        ipv4_ping; ipv6_ping
-        rlRun "get_messages > messages.current"
+        if rlIsRHEL '>7' || rlIsFedora '>31' || rlIsCentOS '>7'; then
+            # assume iptables-nft
+            xtables-monitor --trace >messages.current &
+            monitor_pid=$!
 
-        rlRun "diff messages.log-orig messages.current > diff.2" 0,1
-        rlAssertGrep "TRACE" diff.2
-        rlAssertGrep "TRACE.*PROTO=ICMP " diff.2
-        rlAssertGrep "TRACE.*PROTO=ICMPv6 " diff.2
-        echo --debug_START--
-        cat diff.2
-        echo --debug_END--
+            ipv4_ping
+            ipv6_ping
+
+            kill $monitor_pid
+
+            rlAssertGrep "TRACE: 2 .* -4 " messages.current
+            rlAssertGrep "TRACE: 10 .* -6 " messages.current
+            echo --debug_START--
+            cat messages.current
+            echo --debug_END--
+        else
+            ipv4_ping; ipv6_ping
+            rlRun "get_messages > messages.current"
+
+            rlRun "diff messages.log-orig messages.current > diff.2" 0,1
+            rlAssertGrep "TRACE" diff.2
+            rlAssertGrep "TRACE.*PROTO=ICMP " diff.2
+            rlAssertGrep "TRACE.*PROTO=ICMPv6 " diff.2
+            echo --debug_START--
+            cat diff.2
+            echo --debug_END--
+        fi
     rlPhaseEnd
 
     rlPhaseStartCleanup