summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-01-22 05:07:15 -0500
committerGitHub <noreply@github.com>2021-01-22 05:07:15 -0500
commitf02aba659447ea9198851231d7f11a8bfdfe69ba (patch)
tree0d22b1af8408cba9499da16e565cb7e48a845330 /test
parent6fd83de31dab0c60932972c6b26f68fa0bd1871f (diff)
parentef654941d1b7d3bd8f5af51418aa54e0d6f2d48c (diff)
downloadpodman-f02aba659447ea9198851231d7f11a8bfdfe69ba.tar.gz
podman-f02aba659447ea9198851231d7f11a8bfdfe69ba.tar.bz2
podman-f02aba659447ea9198851231d7f11a8bfdfe69ba.zip
Merge pull request #9052 from giuseppe/set-source-to-slirp4netns-ip
rootlessport: set source IP to slirp4netns device
Diffstat (limited to 'test')
-rw-r--r--test/system/500-networking.bats19
1 files changed, 17 insertions, 2 deletions
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index a824ebcd7..bcc6737b7 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -65,8 +65,13 @@ load helpers
myport=54321
# Container will exit as soon as 'nc' receives input
+ # We use '-n -v' to give us log messages showing an incoming connection
+ # and its IP address; the purpose of that is guaranteeing that the
+ # remote IP is not 127.0.0.1 (podman PR #9052).
+ # We could get more parseable output by using $NCAT_REMOTE_ADDR,
+ # but busybox nc doesn't support that.
run_podman run -d --userns=keep-id -p 127.0.0.1:$myport:$myport \
- $IMAGE nc -l -p $myport
+ $IMAGE nc -l -n -v -p $myport
cid="$output"
# emit random string, and check it
@@ -74,7 +79,17 @@ load helpers
echo "$teststring" | nc 127.0.0.1 $myport
run_podman logs $cid
- is "$output" "$teststring" "test string received on container"
+ # Sigh. We can't check line-by-line, because 'nc' output order is
+ # unreliable. We usually get the 'connect to' line before the random
+ # string, but sometimes we get it after. So, just do substring checks.
+ is "$output" ".*listening on \[::\]:$myport .*" "nc -v shows right port"
+
+ # This is the truly important check: make sure the remote IP is
+ # in the 10.X range, not 127.X.
+ is "$output" \
+ ".*connect to \[::ffff:10\..*\]:$myport from \[::ffff:10\..*\]:.*" \
+ "nc -v shows remote IP address in 10.X space (not 127.0.0.1)"
+ is "$output" ".*${teststring}.*" "test string received on container"
# Clean up
run_podman rm $cid