[ovs-git] [openvswitch/ovs] cdc9a8: ovn.at: Add stateful test for ACL on port groups.
GitHub
noreply at github.com
Thu Jul 5 19:21:02 UTC 2018
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: cdc9a84ad2e3475ce30e81018cbb91680279983c
https://github.com/openvswitch/ovs/commit/cdc9a84ad2e3475ce30e81018cbb91680279983c
Author: Han Zhou <zhouhan at gmail.com>
Date: 2018-07-05 (Thu, 05 Jul 2018)
Changed paths:
M tests/ovn.at
Log Message:
-----------
ovn.at: Add stateful test for ACL on port groups.
A bug was reported on the feature of applying ACLs on port groups [1].
This bug was not detected by the original test case, because it didn't
test the return traffic and so didn't ensure the stateful feature is
working. The fix [2] causes the original test case fail, because
once the conntrack is enabled, the test packets are dropped because
the checksum in those packets are invalid and so marked with "invalid"
state by conntrack. To avoid the test case failure, the fix [2] changed
it to test stateless acl only, which leaves the scenario untested,
although it is fixed. This patch adds back the stateful ACL in the
test, and replaced the dummy/receive with inject-pkt to send the test
packets, so that checksums can be properly filled in, and it also
adds tests for the return traffic, which ensures the stateful is
working.
[1] https://mail.openvswitch.org/pipermail/ovs-discuss/2018-June/046927.html
[2] https://patchwork.ozlabs.org/patch/931913/
Signed-off-by: Han Zhou <hzhou8 at ebay.com>
Acked-by: Jakub Sitnicki <jkbs at redhat.com>
Acked-by: Daniel Alvarez <dalvarez at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
**NOTE:** This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the git
mailing list