tests: With iptables-nft, TRACE works differently

This is 'meta nftrace' internally, therefore have to use 'xtables-monitor --trace' command to fetch the traces (which also look a bit differently). Related: RHEL-14147
2023-10-27 20:04:07 +00:00 · 2023-10-27 20:04:07 +00:00 · 26c9e1e407
parent d977b706cf
commit 26c9e1e407
1 changed files with 26 additions and 9 deletions
--- a/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh
+++ b/tests/TRACE-target-of-iptables-can-t-work-in/runtest.sh
@ -99,6 +99,22 @@ rlJournalStart
        else
            rlLogInfo "new kernel detected: skipping loading modules and associated checks"
        fi
+        if rlIsRHEL '>7' || rlIsFedora '>31' || rlIsCentOS '>7'; then
+            # assume iptables-nft
+            xtables-monitor --trace >messages.current &
+            monitor_pid=$!
+
+            ipv4_ping
+            ipv6_ping
+
+            kill $monitor_pid
+
+            rlAssertGrep "TRACE: 2 .* -4 " messages.current
+            rlAssertGrep "TRACE: 10 .* -6 " messages.current
+            echo --debug_START--
+            cat messages.current
+            echo --debug_END--
+        else
            ipv4_ping; ipv6_ping
            rlRun "get_messages > messages.current"

@ -109,6 +125,7 @@ rlJournalStart
            echo --debug_START--
            cat diff.2
            echo --debug_END--
+        fi
    rlPhaseEnd

    rlPhaseStartCleanup