diff mbox series

[net-next] selftests: netfilter: nft_zones_many.sh: set ct sysctl after ruleset load

Message ID 20240422102546.2494-1-fw@strlen.de (mailing list archive)
State Accepted
Commit 8e2b318a65c30626d49d3bf1940037afb386e596
Delegated to: Netdev Maintainers
Headers show
Series [net-next] selftests: netfilter: nft_zones_many.sh: set ct sysctl after ruleset load | expand

Checks

Context Check Description
netdev/series_format success Single patches do not need cover letters
netdev/tree_selection success Clearly marked for net-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 8 this patch: 8
netdev/build_tools success Errors and warnings before: 0 this patch: 0
netdev/cc_maintainers warning 4 maintainers not CCed: kadlec@netfilter.org linux-kselftest@vger.kernel.org coreteam@netfilter.org shuah@kernel.org
netdev/build_clang success Errors and warnings before: 8 this patch: 8
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success net selftest script(s) already in Makefile
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 8 this patch: 8
netdev/checkpatch warning WARNING: line length of 82 exceeds 80 columns
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0
netdev/contest success net-next-2024-04-24--15-00 (tests: 995)

Commit Message

Florian Westphal April 22, 2024, 10:25 a.m. UTC 
nf_conntrack_udp_timeout sysctl only exist once conntrack module is loaded,
if this test runs standalone on a modular kernel sysctl setting fails,
this can result in test failure as udp conntrack entries expire too fast.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 tools/testing/selftests/net/netfilter/nft_zones_many.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

patchwork-bot+netdevbpf@kernel.org April 25, 2024, 12:30 a.m. UTC | #1 
Hello:

This patch was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@kernel.org>:

On Mon, 22 Apr 2024 12:25:42 +0200 you wrote:
> nf_conntrack_udp_timeout sysctl only exist once conntrack module is loaded,
> if this test runs standalone on a modular kernel sysctl setting fails,
> this can result in test failure as udp conntrack entries expire too fast.
> 
> Signed-off-by: Florian Westphal <fw@strlen.de>
> ---
>  tools/testing/selftests/net/netfilter/nft_zones_many.sh | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)

Here is the summary with links:
  - [net-next] selftests: netfilter: nft_zones_many.sh: set ct sysctl after ruleset load
    https://git.kernel.org/netdev/net-next/c/8e2b318a65c3

You are awesome, thank you!
diff mbox series

Patch

diff --git a/tools/testing/selftests/net/netfilter/nft_zones_many.sh b/tools/testing/selftests/net/netfilter/nft_zones_many.sh
index db53de348783..4ad75038f6ff 100755
--- a/tools/testing/selftests/net/netfilter/nft_zones_many.sh
+++ b/tools/testing/selftests/net/netfilter/nft_zones_many.sh
@@ -28,7 +28,6 @@  fi
 test_zones() {
 	local max_zones=$1
 
-ip netns exec "$ns1" sysctl -q net.netfilter.nf_conntrack_udp_timeout=3600
 ip netns exec "$ns1" nft -f /dev/stdin<<EOF
 flush ruleset
 table inet raw {
@@ -46,6 +45,9 @@  if [ "$?" -ne 0 ];then
 	echo "SKIP: Cannot add nftables rules"
 	exit $ksft_skip
 fi
+
+	ip netns exec "$ns1" sysctl -q net.netfilter.nf_conntrack_udp_timeout=3600
+
 	(
 		echo "add element inet raw rndzone {"
 	for i in $(seq 1 "$max_zones");do