testing: Run 'conntrack -F' before all test scenarios

This prevents failures due to remaining conntrack entries.
2013-07-02 14:01:38 +02:00 · 2013-07-02 14:01:38 +02:00 · 7a61bf9032
parent f678bce84c
commit 7a61bf9032
28 changed files with 14 additions and 41 deletions
--- a/testing/do-tests
+++ b/testing/do-tests
@ -373,6 +373,15 @@ do
 	    done
 	fi

+	##########################################################################
+	# flush conntrack table on all hosts
+	#
+
+	for host in $STRONGSWANHOSTS
+	do
+		ssh $SSHCONF root@`eval echo \\\$ipv4_$host` 'conntrack -F' >/dev/null 2>&1
+	done
+

 	##########################################################################
 	# execute pre-test commands
--- a/testing/tests/ha/both-active/posttest.dat
+++ b/testing/tests/ha/both-active/posttest.dat
@ -13,5 +13,3 @@ alice::ip addr del 10.1.0.5/16 dev eth0
 alice::ifdown eth1
 venus::ip route del default via 10.1.0.5 dev eth0
 venus::ip route add default via 10.1.0.1 dev eth0
-moon::conntrack -F
-alice::conntrack -F 
--- a/testing/tests/ikev1/double-nat-net/posttest.dat
+++ b/testing/tests/ikev1/double-nat-net/posttest.dat
@ -4,6 +4,4 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
 sun::ip route del 10.1.0.0/16 via PH_IP_BOB
--- a/testing/tests/ikev1/double-nat/posttest.dat
+++ b/testing/tests/ikev1/double-nat/posttest.dat
@ -4,5 +4,3 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
--- a/testing/tests/ikev1/nat-rw/posttest.dat
+++ b/testing/tests/ikev1/nat-rw/posttest.dat
@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F
--- a/testing/tests/ikev1/nat-virtual-ip/posttest.dat
+++ b/testing/tests/ikev1/nat-virtual-ip/posttest.dat
@ -2,5 +2,4 @@ moon::ipsec stop
 sun::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::rm /etc/nat_updown
--- a/testing/tests/ikev1/nat-virtual-ip/pretest.dat
+++ b/testing/tests/ikev1/nat-virtual-ip/pretest.dat
@ -1,8 +1,7 @@
 moon::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::ipsec start
 sun::ipsec start
-moon::sleep 1 
+moon::sleep 1
 moon::ipsec up net-net
 moon::sleep 1
--- a/testing/tests/ikev2/compress-nat/posttest.dat
+++ b/testing/tests/ikev2/compress-nat/posttest.dat
@ -5,6 +5,4 @@ alice::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
-sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
-sun::conntrack -F
+sun::iptables-restore < /etc/iptables.flush
--- a/testing/tests/ikev2/double-nat-net/posttest.dat
+++ b/testing/tests/ikev2/double-nat-net/posttest.dat
@ -4,6 +4,4 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
 sun::ip route del 10.1.0.0/16 via PH_IP_BOB
--- a/testing/tests/ikev2/double-nat/posttest.dat
+++ b/testing/tests/ikev2/double-nat/posttest.dat
@ -4,5 +4,3 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
--- a/testing/tests/ikev2/ip-two-pools-db/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-db/posttest.dat
@ -10,7 +10,6 @@ carol::iptables-restore < /etc/iptables.flush
 dave::iptables-restore < /etc/iptables.flush
 moon::ip route del 10.3.0.0/16 via PH_IP_MOON
 moon::ip route del 10.4.0.0/16 via PH_IP_MOON1
-moon::conntrack -F
 moon::ipsec pool --del extpool 2> /dev/null
 moon::ipsec pool --del intpool 2> /dev/null
 moon::ipsec pool --delattr dns --server PH_IP_VENUS --pool intpool --identity venus.strongswan.org 2> /dev/null
--- a/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat
@ -4,6 +4,5 @@ moon::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 alice::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::ipsec pool --del intpool 2> /dev/null
 moon::rm /etc/ipsec.d/ipsec.*
--- a/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat
@ -1,5 +1,4 @@
 alice::ip -6 route del default via fec1:\:1
 carol::ipsec stop
 moon::ipsec stop
-moon::conntrack -F
 moon::rm /etc/ipsec.d/ipsec.*
--- a/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat
@ -1,4 +1,3 @@
 alice::ip -6 route del default via fec1:\:1
 carol::ipsec stop
 moon::ipsec stop
-moon::conntrack -F
--- a/testing/tests/ikev2/ip-two-pools/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools/posttest.dat
@ -4,5 +4,4 @@ moon::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 alice::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::rm /etc/ipsec.d/ipsec.*
--- a/testing/tests/ikev2/mobike-nat/posttest.dat
+++ b/testing/tests/ikev2/mobike-nat/posttest.dat
@ -3,4 +3,3 @@ sun::ipsec stop
 alice::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F
--- a/testing/tests/ikev2/mobike-nat/pretest.dat
+++ b/testing/tests/ikev2/mobike-nat/pretest.dat
@ -1,7 +1,6 @@
 alice::ifup eth1
 alice::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
 alice::ipsec start
--- a/testing/tests/ikev2/nat-rw-mark/posttest.dat
+++ b/testing/tests/ikev2/nat-rw-mark/posttest.dat
@ -6,7 +6,5 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 sun::iptables-restore < /etc/iptables.flush
-sun::conntrack -F
 sun::rm /etc/mark_updown
--- a/testing/tests/ikev2/nat-rw-psk/posttest.dat
+++ b/testing/tests/ikev2/nat-rw-psk/posttest.dat
@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F
--- a/testing/tests/ikev2/nat-rw/posttest.dat
+++ b/testing/tests/ikev2/nat-rw/posttest.dat
@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F
--- a/testing/tests/ikev2/nat-rw/pretest.dat
+++ b/testing/tests/ikev2/nat-rw/pretest.dat
@ -1,14 +1,13 @@
 alice::iptables-restore < /etc/iptables.rules
 venus::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
 alice::ipsec start
 venus::ipsec start
 sun::ipsec start
-alice::sleep 2 
+alice::sleep 2
 alice::ipsec up nat-t
-venus::sleep 2 
+venus::sleep 2
 venus::ipsec up nat-t
 venus::sleep 2
--- a/testing/tests/ikev2/nat-virtual-ip/posttest.dat
+++ b/testing/tests/ikev2/nat-virtual-ip/posttest.dat
@ -2,5 +2,4 @@ moon::ipsec stop
 sun::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::rm /etc/nat_updown
--- a/testing/tests/ikev2/nat-virtual-ip/pretest.dat
+++ b/testing/tests/ikev2/nat-virtual-ip/pretest.dat
@ -1,8 +1,7 @@
 moon::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::ipsec start
 sun::ipsec start
-moon::sleep 1 
+moon::sleep 1
 moon::ipsec up net-net
 moon::sleep 1
--- a/testing/tests/ikev2/net2net-same-nets/posttest.dat
+++ b/testing/tests/ikev2/net2net-same-nets/posttest.dat
@ -4,4 +4,3 @@ moon::ipsec stop
 sun::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-sun::conntrack -F
--- a/testing/tests/ikev2/rw-mark-in-out/posttest.dat
+++ b/testing/tests/ikev2/rw-mark-in-out/posttest.dat
@ -6,7 +6,5 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 sun::ip route del 10.1.0.0/16 via PH_IP_MOON
-sun::conntrack -F
 sun::rm /etc/mark_updown
 moon::iptables -t nat -F
-moon::conntrack -F
--- a/testing/tests/p2pnat/behind-same-nat/posttest.dat
+++ b/testing/tests/p2pnat/behind-same-nat/posttest.dat
@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
--- a/testing/tests/p2pnat/medsrv-psk/posttest.dat
+++ b/testing/tests/p2pnat/medsrv-psk/posttest.dat
@ -6,5 +6,3 @@ carol::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
-sun::conntrack -F
--- a/testing/tests/pfkey/nat-rw/posttest.dat
+++ b/testing/tests/pfkey/nat-rw/posttest.dat
@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F