From patchwork Tue Jul 19 19:54:08 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Joe Stringer <joe@ovn.org>
X-Patchwork-Id: 650424
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (archives.nicira.com [96.126.127.54])
	by ozlabs.org (Postfix) with ESMTP id 3rv9kR3gYwz9sR8
	for <incoming@patchwork.ozlabs.org>;
	Wed, 20 Jul 2016 05:55:11 +1000 (AEST)
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id 4790A10B64;
	Tue, 19 Jul 2016 12:55:03 -0700 (PDT)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v3.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id 99B4C10B42
	for <dev@openvswitch.org>; Tue, 19 Jul 2016 12:55:00 -0700 (PDT)
Received: from bar6.cudamail.com (localhost [127.0.0.1])
	by mx3v3.cudamail.com (Postfix) with ESMTPS id 31B41162834
	for <dev@openvswitch.org>; Tue, 19 Jul 2016 13:55:00 -0600 (MDT)
X-ASG-Debug-ID: 1468958099-0b323715282b320001-byXFYA
Received: from mx1-pf2.cudamail.com ([192.168.24.2]) by bar6.cudamail.com
	with
	ESMTP id axfGm2ZG3zon8PHv (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Tue, 19 Jul 2016 13:54:59 -0600 (MDT)
X-Barracuda-Envelope-From: joe@ovn.org
X-Barracuda-RBL-Trusted-Forwarder: 192.168.24.2
Received: from unknown (HELO relay3-d.mail.gandi.net) (217.70.183.195)
	by mx1-pf2.cudamail.com with ESMTPS (DHE-RSA-AES256-SHA encrypted);
	19 Jul 2016 19:54:59 -0000
Received-SPF: pass (mx1-pf2.cudamail.com: SPF record at ovn.org designates
	217.70.183.195 as permitted sender)
X-Barracuda-Apparent-Source-IP: 217.70.183.195
X-Barracuda-RBL-IP: 217.70.183.195
Received: from mfilter42-d.gandi.net (mfilter42-d.gandi.net [217.70.178.172])
	by relay3-d.mail.gandi.net (Postfix) with ESMTP id 4AB39A80CB
	for <dev@openvswitch.org>; Tue, 19 Jul 2016 21:54:58 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mfilter42-d.gandi.net
Received: from relay3-d.mail.gandi.net ([IPv6:::ffff:217.70.183.195])
	by mfilter42-d.gandi.net (mfilter42-d.gandi.net [::ffff:10.0.15.180])
	(amavisd-new, port 10024)
	with ESMTP id 9lc5oeUBaJdc for <dev@openvswitch.org>;
	Tue, 19 Jul 2016 21:54:56 +0200 (CEST)
X-Originating-IP: 208.91.1.34
Received: from archer.eng.vmware.com (unknown [208.91.1.34])
	(Authenticated sender: joe@ovn.org)
	by relay3-d.mail.gandi.net (Postfix) with ESMTPSA id 2FC40A80C2
	for <dev@openvswitch.org>; Tue, 19 Jul 2016 21:54:55 +0200 (CEST)
X-CudaMail-Envelope-Sender: joe@ovn.org
From: Joe Stringer <joe@ovn.org>
To: dev@openvswitch.org
X-CudaMail-Whitelist-To: dev@openvswitch.org
X-CudaMail-MID: CM-E2-718064465
X-CudaMail-DTE: 071916
X-CudaMail-Originating-IP: 217.70.183.195
Date: Tue, 19 Jul 2016 12:54:08 -0700
X-ASG-Orig-Subj: [##CM-E2-718064465##][PATCH 3/3] system-traffic: Fix up FTP
	tests.
Message-Id: <20160719195408.1611-3-joe@ovn.org>
X-Mailer: git-send-email 2.9.0
In-Reply-To: <20160719195408.1611-1-joe@ovn.org>
References: <20160719195408.1611-1-joe@ovn.org>
X-Barracuda-Connect: UNKNOWN[192.168.24.2]
X-Barracuda-Start-Time: 1468958099
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-ASG-Whitelist: Header =?UTF-8?B?eFwtY3VkYW1haWxcLXdoaXRlbGlzdFwtdG8=?=
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
Subject: [ovs-dev] [PATCH 3/3] system-traffic: Fix up FTP tests.
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

Prior to commit b87a5aacefe2 ("datapath: Fix cached ct with helper."),
we were relying on automatic helpers to ensure that FTP connections were
tracked correctly, regardless of the flows that existed in the datapath.
Now, we can drop the automatic helpers in the root namespace and still
have related connections work correctly. Also, the ALG should only be
specified when committing the connection. Update the rules.

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
---
 tests/system-kmod-macros.at | 1 +
 tests/system-traffic.at     | 8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at
index cee0510bda96..2134db72808c 100644
--- a/tests/system-kmod-macros.at
+++ b/tests/system-kmod-macros.at
@@ -63,6 +63,7 @@ m4_define([CHECK_CONNTRACK],
                 [modprobe mod || echo "Module mod not loaded."
                  on_exit 'modprobe -r mod'
                 ])
+     sysctl -w net.netfilter.nf_conntrack_helper=0
      on_exit 'ovstest test-netlink-conntrack flush'
     ]
 )
diff --git a/tests/system-traffic.at b/tests/system-traffic.at
index 14a75b68fe7e..a337950741bd 100644
--- a/tests/system-traffic.at
+++ b/tests/system-traffic.at
@@ -1458,7 +1458,6 @@ AT_CHECK([ovs-appctl dpctl/flush-conntrack])
 dnl Passive FTP requests from p0->p1 should work fine.
 NS_CHECK_EXEC([at_ns0], [wget ftp://10.1.1.2 -t 3 -T 1 --retry-connrefused -v -o wget0-2.log])
 AT_CHECK([ovs-appctl dpctl/dump-conntrack | FORMAT_CT(10.1.1.2)], [0], [dnl
-tcp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=<cleared>,dport=<cleared>),reply=(src=10.1.1.2,dst=10.1.1.1,sport=<cleared>,dport=<cleared>),protoinfo=(state=<cleared>)
 tcp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=<cleared>,dport=<cleared>),reply=(src=10.1.1.2,dst=10.1.1.1,sport=<cleared>,dport=<cleared>),protoinfo=(state=<cleared>),helper=ftp
 ])
 
@@ -1539,13 +1538,14 @@ table=0,priority=10,arp,action=normal
 table=0,priority=10,icmp,action=normal
 
 dnl Traffic from ns1
-table=0,priority=100,in_port=1,tcp,action=ct(table=1,zone=1,alg=ftp)
-table=1,in_port=1,tcp,ct_zone=1,ct_state=+trk+new,action=ct(commit,alg=ftp,zone=1),ct(commit,alg=ftp,zone=2),2
+table=0,priority=100,in_port=1,tcp,action=ct(table=1,zone=1)
+table=1,in_port=1,tcp,ct_zone=1,ct_state=+trk+new-rel,action=ct(commit,alg=ftp,zone=1),ct(commit,alg=ftp,zone=2),2
+table=1,in_port=1,tcp,ct_zone=1,ct_state=+trk+new+rel,action=ct(commit,zone=1),ct(commit,zone=2),2
 table=1,in_port=1,tcp,ct_zone=1,ct_state=+trk+est,action=ct(table=2,zone=2)
 table=2,in_port=1,tcp,ct_zone=2,ct_state=+trk+est,action=2
 
 dnl Traffic from ns2
-table=0,priority=100,in_port=2,tcp,action=ct(table=1,alg=ftp,zone=2)
+table=0,priority=100,in_port=2,tcp,action=ct(table=1,zone=2)
 table=1,in_port=2,tcp,ct_zone=2,ct_state=+trk+rel,action=ct(commit,zone=2),ct(commit,zone=1),1
 table=1,in_port=2,tcp,ct_zone=2,ct_state=+trk+est,action=ct(table=2,zone=1)
 table=2,in_port=2,tcp,ct_zone=1,ct_state=+trk+rel,action=ct(commit,zone=2),ct(commit,zone=1),1