selftests: netfilter: conntrack_tcp_unreplied.sh: wait for initial connection attempt

Netdev CI reports occasional failures with this test
("ERROR: ns2-dX6bUE did not pick up tcp connection from peer").

Add explicit busywait call until the initial connection attempt shows
up in conntrack rather than a one-shot 'must exist' check.

Signed-off-by: Florian Westphal <fw@strlen.de>
Link: https://lore.kernel.org/r/20240506114320.12178-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
This commit is contained in:
Florian Westphal 2024-05-06 13:43:16 +02:00 committed by Jakub Kicinski
parent 1eb2cded45
commit 76508154d7

View File

@ -106,6 +106,23 @@ ip netns exec "$ns1" bash -c 'for i in $(seq 1 $BUSYWAIT_TIMEOUT) ; do
sleep 0.1
done' &
wait_for_attempt()
{
count=$(ip netns exec "$ns2" conntrack -L -p tcp --dport 80 2>/dev/null | wc -l)
if [ "$count" -gt 0 ]; then
return 0
fi
return 1
}
# wait for conntrack to pick the new connection request up before loading
# the nat redirect rule.
if ! busywait "$BUSYWAIT_TIMEOUT" wait_for_attempt; then
echo "ERROR: $ns2 did not pick up tcp connection from peer"
exit 1
fi
ip netns exec "$ns2" nft -f - <<EOF
table inet nat {
chain prerouting {
@ -119,12 +136,6 @@ if [ $? -ne 0 ]; then
exit 1
fi
count=$(ip netns exec "$ns2" conntrack -L -p tcp --dport 80 2>/dev/null | wc -l)
if [ "$count" -eq 0 ]; then
echo "ERROR: $ns2 did not pick up tcp connection from peer"
exit 1
fi
wait_for_redirect()
{
count=$(ip netns exec "$ns2" conntrack -L -p tcp --reply-port-src 8080 2>/dev/null | wc -l)
@ -136,7 +147,7 @@ wait_for_redirect()
}
echo "INFO: NAT redirect added in ns $ns2, waiting for $BUSYWAIT_TIMEOUT ms for nat to take effect"
busywait $BUSYWAIT_TIMEOUT wait_for_redirect
busywait "$BUSYWAIT_TIMEOUT" wait_for_redirect
ret=$?
expect="packets 1 bytes 60"