diff options
| author | Kevin Krakauer <krakauer@google.com> | 2020-06-14 22:40:46 -0700 |
|---|---|---|
| committer | Kevin Krakauer <krakauer@google.com> | 2020-07-28 10:51:14 -0700 |
| commit | d9c9420335a78b54bc04ec0639d89539b4c3972c (patch) | |
| tree | ab69c3973150a3931f2814349ca3dada75f0eadb /test/iptables/iptables_test.go | |
| parent | a05ea20ef1107cc0a4ace94d6dffd7c7e590b264 (diff) | |
ip6tables testing
We skip gVisor tests for now, as ip6tables aren't yet implemented.
Diffstat (limited to 'test/iptables/iptables_test.go')
| -rw-r--r-- | test/iptables/iptables_test.go | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/test/iptables/iptables_test.go b/test/iptables/iptables_test.go index f303030aa..550b6198a 100644 --- a/test/iptables/iptables_test.go +++ b/test/iptables/iptables_test.go @@ -35,6 +35,18 @@ import ( // Container output is logged to $TEST_UNDECLARED_OUTPUTS_DIR if it exists, or // to stderr. func singleTest(t *testing.T, test TestCase) { + for _, tc := range []bool{false, true} { + subtest := "IPv4" + if tc { + subtest = "IPv6" + } + t.Run(subtest, func(t *testing.T) { + iptablesTest(t, test, tc) + }) + } +} + +func iptablesTest(t *testing.T, test TestCase, ipv6 bool) { if _, ok := Tests[test.Name()]; !ok { t.Fatalf("no test found with name %q. Has it been registered?", test.Name()) } @@ -43,18 +55,27 @@ func singleTest(t *testing.T, test TestCase) { d := dockerutil.MakeContainer(ctx, t) defer d.CleanUp(ctx) + // TODO(gvisor.dev/issue/170): Skipping IPv6 gVisor tests. + if ipv6 && dockerutil.Runtime() != "runc" { + t.Skip("gVisor ip6tables not yet implemented") + } + // Create and start the container. opts := dockerutil.RunOpts{ Image: "iptables", CapAdd: []string{"NET_ADMIN"}, } d.CopyFiles(&opts, "/runner", "test/iptables/runner/runner") - if err := d.Spawn(ctx, opts, "/runner/runner", "-name", test.Name()); err != nil { + args := []string{"/runner/runner", "-name", test.Name()} + if ipv6 { + args = append(args, "-ipv6") + } + if err := d.Spawn(ctx, opts, args...); err != nil { t.Fatalf("docker run failed: %v", err) } // Get the container IP. - ip, err := d.FindIP(ctx) + ip, err := d.FindIP(ctx, ipv6) if err != nil { t.Fatalf("failed to get container IP: %v", err) } @@ -65,7 +86,7 @@ func singleTest(t *testing.T, test TestCase) { } // Run our side of the test. - if err := test.LocalAction(ip); err != nil { + if err := test.LocalAction(ip, ipv6); err != nil { t.Fatalf("LocalAction failed: %v", err) } @@ -86,7 +107,7 @@ func sendIP(ip net.IP) error { // The container may not be listening when we first connect, so retry // upon error. cb := func() error { - c, err := net.DialTCP("tcp4", nil, &contAddr) + c, err := net.DialTCP("tcp", nil, &contAddr) conn = c return err } |