This bug was fixed in the package iptables - 1.8.4-3ubuntu2.1
---------------
iptables (1.8.4-3ubuntu2.1) focal; urgency=medium
[ Louis Bouchard ]
* d/p/0001-libiptc-Fix-for-segfault-when-renaming-a-chain.patch: apply
upstream fix for segfault when renaming a chain. Includes a test
case (LP: #1992454)
[ Andreas Hasenack ]
* Fix shell tests, and run them as DEP8 (LP: #2019023):
- d/p/0501-fix-firewalld-shell-test.patch: fix the globbing expression
which was used to decide whether to sort the restore output or not
before comparing it to the good case
- d/t/control: run all shell tests as DEP8
-- Andreas Hasenack <[email protected]> Tue, 09 May 2023 15:39:57
-0300
** Changed in: iptables (Ubuntu Focal)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/2019023
Title:
Fix shell test suite
Status in iptables package in Ubuntu:
Fix Released
Status in iptables source package in Focal:
Fix Released
Bug description:
[ Impact ]
The shell test suite (iptables/tests/shell/run-tests.sh) is currently
failing on the firewalld tests in focal only:
W: [FAILED] ././testcases/firewalld-restore/0001-firewalld_0: expected 0 but
got 1
W: [FAILED] ././testcases/firewalld-restore/0002-firewalld-restart_0:
expected 0 but got 1
After some troubleshooting, it turns out this is happening because of
an unsorted order in the output of iptables-save, which was fixed[1]
in later releases of iptables. The code was trying to compensate for
that, but there was a small mistake[2] in a case/esac globbing:
case "$XT_MULTI" in
-*/xtables-nft-multi)
+*xtables-nft-multi)
The upstream fix includes other similar changes in other tests, but in
the case of focal, the above is the minimal fix needed.
Note that this shell test suite is not being run in focal, just in
later ubuntu releases. But since the fix for #1992454 is adding such a
test, I decided to fix the shell test run and add it to the existing
DEP8 tests for focal via this bug, so we have test parity between
focal and later ubuntu releases.
1.
https://git.netfilter.org/iptables/commit/?id=e28cf12cf50b9e2e0114f04331635fc122cb8aef
2.
https://git.netfilter.org/iptables/commit/?id=2b2b7948c1960ba4680677664ff58477be869de6
[ Test Plan ]
Verify that the DEP8 tests now include a run-tests.sh test suite, and that it
passes.
[ Where problems could occur ]
If the fix is incorrect, it would affect only the already-failing firewalld
test. But in addition to fixing that test, we are now also including a full
test run of all shell tests, something which wasn't being done for focal until
now. While these tests are passing now, they could fail in a future iptables
SRU, or turn out to be flaky. They are being run in ubuntu releases after
focal, though, so that is a good sign.
[ Other Info ]
This fix is being included in the same upload as bug #1992454.
[ Original Description ]
The shell test suite (iptables/tests/shell/run-tests.sh) is currently
failing on the firewalld tests:
W: [FAILED] ././testcases/firewalld-restore/0001-firewalld_0: expected 0
but got 1
W: [FAILED] ././testcases/firewalld-restore/0002-firewalld-restart_0:
expected 0 but got 1
After some troubleshooting, it turns out this is happening because of
an unsorted order in the output of iptables-save, which was fixed[1]
in later releases of iptables. The code was trying to compensate for
that, but there was a small mistake[2] in a case/esac globbing:
case "$XT_MULTI" in
-*/xtables-nft-multi)
+*xtables-nft-multi)
1.
https://git.netfilter.org/iptables/commit/?id=e28cf12cf50b9e2e0114f04331635fc122cb8aef
2.
https://git.netfilter.org/iptables/commit/?id=2b2b7948c1960ba4680677664ff58477be869de6
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/2019023/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
