diff options
| author | Zeling Feng <zeling@google.com> | 2021-03-11 22:35:26 -0800 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-03-11 22:37:10 -0800 |
| commit | ab488702a68b139ee3fffb04931cfd749571ff9a (patch) | |
| tree | 33154a9b86e942532bb5808bbb990868d5b486cf /test | |
| parent | 002df130655ff5e10196d0a057659a4d7c4f6364 (diff) | |
Support ICMP echo sockets on Linux DUT
By default net.ipv4.ping_group_range is set to "1 0" and no one (even the root)
can create an ICMP socket. Setting it to "0 0" allows root, which we are inside
the container, to create ICMP sockets for packetimpact tests.
PiperOrigin-RevId: 362454201
Diffstat (limited to 'test')
| -rw-r--r-- | test/packetimpact/runner/dut.go | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/test/packetimpact/runner/dut.go b/test/packetimpact/runner/dut.go index 2e8ffe883..1064ca976 100644 --- a/test/packetimpact/runner/dut.go +++ b/test/packetimpact/runner/dut.go @@ -249,6 +249,7 @@ func TestWithDUT(ctx context.Context, t *testing.T, mkDevice func(*dockerutil.Co testbenchContainer, testbenchAddr, dockerNetworks, + nil, /* sysctls */ "tail", "-f", "/dev/null", ); err != nil { t.Fatalf("cannot start testbench container: %s", err) @@ -428,6 +429,10 @@ func (dut *DockerDUT) Prepare(ctx context.Context, _ *testing.T, runOpts dockeru dut.c, DUTAddr, []*dockerutil.Network{ctrlNet, testNet}, + map[string]string{ + // This enables creating ICMP sockets on Linux. + "net.ipv4.ping_group_range": "0 0", + }, containerPosixServerBinary, "--ip=0.0.0.0", fmt.Sprintf("--port=%d", CtrlPort), @@ -590,11 +595,14 @@ func createDockerNetwork(ctx context.Context, n *dockerutil.Network) error { // StartContainer will create a container instance from runOpts, connect it // with the specified docker networks and start executing the specified cmd. -func StartContainer(ctx context.Context, runOpts dockerutil.RunOpts, c *dockerutil.Container, containerAddr net.IP, ns []*dockerutil.Network, cmd ...string) error { +func StartContainer(ctx context.Context, runOpts dockerutil.RunOpts, c *dockerutil.Container, containerAddr net.IP, ns []*dockerutil.Network, sysctls map[string]string, cmd ...string) error { conf, hostconf, netconf := c.ConfigsFrom(runOpts, cmd...) _ = netconf hostconf.AutoRemove = true hostconf.Sysctls = map[string]string{"net.ipv6.conf.all.disable_ipv6": "0"} + for k, v := range sysctls { + hostconf.Sysctls[k] = v + } if err := c.CreateFrom(ctx, runOpts.Image, conf, hostconf, nil); err != nil { return fmt.Errorf("unable to create container %s: %w", c.Name, err) |