From nobody Mon Feb  9 13:13:37 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1541078034820286.8445425990901;
 Thu, 1 Nov 2018 06:13:54 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
 [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 3F0AF81F0B;
	Thu,  1 Nov 2018 13:13:52 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 97098600CC;
	Thu,  1 Nov 2018 13:13:51 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id DB70618005B4;
	Thu,  1 Nov 2018 13:13:50 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
	[10.5.11.16])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id wA1Cr3GS002121 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 1 Nov 2018 08:53:03 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id BF46D5F701; Thu,  1 Nov 2018 12:53:03 +0000 (UTC)
Received: from localhost.localdomain.com (ovpn-112-39.ams2.redhat.com
	[10.36.112.39])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 434F65C88F;
	Thu,  1 Nov 2018 12:52:58 +0000 (UTC)
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Date: Thu,  1 Nov 2018 12:52:37 +0000
Message-Id: <20181101125237.20723-8-berrange@redhat.com>
In-Reply-To: <20181101125237.20723-1-berrange@redhat.com>
References: <20181101125237.20723-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-loop: libvir-list@redhat.com
Cc: Laine Stump <laine@laine.org>
Subject: [libvirt] [PATCH 7/7] tests: fix dry run handling in network
	firewall test
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]);
 Thu, 01 Nov 2018 13:13:53 +0000 (UTC)

The networkxml2firewalltest sets virCommand to dry run mode but doesn't
provide a callback to fill in stdout/stderr. As a result when the
firewall code queries rules it gets a NULL output and so never triggers
the callback to process output.

We only need to return an empty string to make the firewall code work
and thus trigger adding of the libvirt private chains to the builtin
chains.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 .../nat-default-linux.args                    | 48 +++++++++++++++++++
 .../nat-ipv6-linux.args                       | 48 +++++++++++++++++++
 .../nat-many-ips-linux.args                   | 48 +++++++++++++++++++
 .../nat-no-dhcp-linux.args                    | 48 +++++++++++++++++++
 .../nat-tftp-linux.args                       | 48 +++++++++++++++++++
 .../route-default-linux.args                  | 48 +++++++++++++++++++
 tests/networkxml2firewalltest.c               | 16 ++++++-
 7 files changed, 303 insertions(+), 1 deletion(-)

diff --git a/tests/networkxml2firewalldata/nat-default-linux.args b/tests/n=
etworkxml2firewalldata/nat-default-linux.args
index 69995181ad..e7d71817c7 100644
--- a/tests/networkxml2firewalldata/nat-default-linux.args
+++ b/tests/networkxml2firewalldata/nat-default-linux.args
@@ -72,6 +72,54 @@ ip6tables \
 --list POSTROUTING
 iptables \
 --table filter \
+--insert INPUT \
+--jump INP_libvirt
+iptables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+iptables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+ip6tables \
+--table filter \
+--insert INPUT \
+--jump INP_libvirt
+ip6tables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+ip6tables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+iptables \
+--table filter \
 --insert INP_libvirt \
 --in-interface virbr0 \
 --protocol tcp \
diff --git a/tests/networkxml2firewalldata/nat-ipv6-linux.args b/tests/netw=
orkxml2firewalldata/nat-ipv6-linux.args
index f93d8face2..620ebb8d14 100644
--- a/tests/networkxml2firewalldata/nat-ipv6-linux.args
+++ b/tests/networkxml2firewalldata/nat-ipv6-linux.args
@@ -72,6 +72,54 @@ ip6tables \
 --list POSTROUTING
 iptables \
 --table filter \
+--insert INPUT \
+--jump INP_libvirt
+iptables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+iptables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+ip6tables \
+--table filter \
+--insert INPUT \
+--jump INP_libvirt
+ip6tables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+ip6tables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+iptables \
+--table filter \
 --insert INP_libvirt \
 --in-interface virbr0 \
 --protocol tcp \
diff --git a/tests/networkxml2firewalldata/nat-many-ips-linux.args b/tests/=
networkxml2firewalldata/nat-many-ips-linux.args
index faae4b881c..7c378b8c7e 100644
--- a/tests/networkxml2firewalldata/nat-many-ips-linux.args
+++ b/tests/networkxml2firewalldata/nat-many-ips-linux.args
@@ -72,6 +72,54 @@ ip6tables \
 --list POSTROUTING
 iptables \
 --table filter \
+--insert INPUT \
+--jump INP_libvirt
+iptables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+iptables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+ip6tables \
+--table filter \
+--insert INPUT \
+--jump INP_libvirt
+ip6tables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+ip6tables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+iptables \
+--table filter \
 --insert INP_libvirt \
 --in-interface virbr0 \
 --protocol tcp \
diff --git a/tests/networkxml2firewalldata/nat-no-dhcp-linux.args b/tests/n=
etworkxml2firewalldata/nat-no-dhcp-linux.args
index cb0d908506..afa8c3a0ca 100644
--- a/tests/networkxml2firewalldata/nat-no-dhcp-linux.args
+++ b/tests/networkxml2firewalldata/nat-no-dhcp-linux.args
@@ -72,6 +72,54 @@ ip6tables \
 --list POSTROUTING
 iptables \
 --table filter \
+--insert INPUT \
+--jump INP_libvirt
+iptables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+iptables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+ip6tables \
+--table filter \
+--insert INPUT \
+--jump INP_libvirt
+ip6tables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+ip6tables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+iptables \
+--table filter \
 --insert INP_libvirt \
 --in-interface virbr0 \
 --protocol tcp \
diff --git a/tests/networkxml2firewalldata/nat-tftp-linux.args b/tests/netw=
orkxml2firewalldata/nat-tftp-linux.args
index 1243bd1c2d..a45ba545c2 100644
--- a/tests/networkxml2firewalldata/nat-tftp-linux.args
+++ b/tests/networkxml2firewalldata/nat-tftp-linux.args
@@ -72,6 +72,54 @@ ip6tables \
 --list POSTROUTING
 iptables \
 --table filter \
+--insert INPUT \
+--jump INP_libvirt
+iptables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+iptables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+ip6tables \
+--table filter \
+--insert INPUT \
+--jump INP_libvirt
+ip6tables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+ip6tables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+iptables \
+--table filter \
 --insert INP_libvirt \
 --in-interface virbr0 \
 --protocol tcp \
diff --git a/tests/networkxml2firewalldata/route-default-linux.args b/tests=
/networkxml2firewalldata/route-default-linux.args
index 624e589aae..859a342e7d 100644
--- a/tests/networkxml2firewalldata/route-default-linux.args
+++ b/tests/networkxml2firewalldata/route-default-linux.args
@@ -72,6 +72,54 @@ ip6tables \
 --list POSTROUTING
 iptables \
 --table filter \
+--insert INPUT \
+--jump INP_libvirt
+iptables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+iptables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+iptables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+ip6tables \
+--table filter \
+--insert INPUT \
+--jump INP_libvirt
+ip6tables \
+--table filter \
+--insert OUTPUT \
+--jump OUT_libvirt
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_out
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_in
+ip6tables \
+--table filter \
+--insert FORWARD \
+--jump FWD_libvirt_cross
+ip6tables \
+--table nat \
+--insert POSTROUTING \
+--jump PRT_libvirt
+iptables \
+--table filter \
 --insert INP_libvirt \
 --in-interface virbr0 \
 --protocol tcp \
diff --git a/tests/networkxml2firewalltest.c b/tests/networkxml2firewalltes=
t.c
index 505ff0c740..5e3d8906c5 100644
--- a/tests/networkxml2firewalltest.c
+++ b/tests/networkxml2firewalltest.c
@@ -44,6 +44,20 @@ static const char *abs_top_srcdir;
 #  error "test case not ported to this platform"
 # endif
=20
+static void
+testCommandDryRun(const char *const*args ATTRIBUTE_UNUSED,
+                  const char *const*env ATTRIBUTE_UNUSED,
+                  const char *input ATTRIBUTE_UNUSED,
+                  char **output,
+                  char **error,
+                  int *status,
+                  void *opaque ATTRIBUTE_UNUSED)
+{
+    *status =3D 0;
+    ignore_value(VIR_STRDUP_QUIET(*output, ""));
+    ignore_value(VIR_STRDUP_QUIET(*error, ""));
+}
+
 static int testCompareXMLToArgvFiles(const char *xml,
                                      const char *cmdline)
 {
@@ -53,7 +67,7 @@ static int testCompareXMLToArgvFiles(const char *xml,
     virNetworkDefPtr def =3D NULL;
     int ret =3D -1;
=20
-    virCommandSetDryRun(&buf, NULL, NULL);
+    virCommandSetDryRun(&buf, testCommandDryRun, NULL);
=20
     if (!(def =3D virNetworkDefParseFile(xml)))
         goto cleanup;
--=20
2.19.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list