testing: Run 'conntrack -F' before all test scenarios

This prevents failures due to remaining conntrack entries.

diff --git a/testing/do-tests b/testing/do-tests
index 979cb487fc4271c7825bfee40ef541dead375076..becb7f181d113bb6b6473789075a08dabbe7ae03 100755 (executable)
--- a/testing/do-tests
+++ b/testing/do-tests
@@ -373,6 +373,15 @@ do
            done
        fi
 
+       ##########################################################################
+       # flush conntrack table on all hosts
+       #
+
+       for host in $STRONGSWANHOSTS
+       do
+               ssh $SSHCONF root@`eval echo \\\$ipv4_$host` 'conntrack -F' >/dev/null 2>&1
+       done
+
 
        ##########################################################################
        # execute pre-test commands

diff --git a/testing/tests/ha/both-active/posttest.dat b/testing/tests/ha/both-active/posttest.dat
index e4ffe8eef9f36cbb360ecefb78abb0a7d2574e80..867016dba6d444d169acb6c329927fd25bc9adde 100644 (file)
--- a/testing/tests/ha/both-active/posttest.dat
+++ b/testing/tests/ha/both-active/posttest.dat
@@ -13,5 +13,3 @@ alice::ip addr del 10.1.0.5/16 dev eth0
 alice::ifdown eth1
 venus::ip route del default via 10.1.0.5 dev eth0
 venus::ip route add default via 10.1.0.1 dev eth0
-moon::conntrack -F
-alice::conntrack -F 

diff --git a/testing/tests/ikev1/double-nat-net/posttest.dat b/testing/tests/ikev1/double-nat-net/posttest.dat
index 63d4f98e7878d7cf77686455e1242c204aff1cd8..ec663e70d9f58d60268d7428407cc897b8bfe752 100644 (file)
--- a/testing/tests/ikev1/double-nat-net/posttest.dat
+++ b/testing/tests/ikev1/double-nat-net/posttest.dat
@@ -4,6 +4,4 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
 sun::ip route del 10.1.0.0/16 via PH_IP_BOB

diff --git a/testing/tests/ikev1/double-nat/posttest.dat b/testing/tests/ikev1/double-nat/posttest.dat
index aa806bfc93c69a4198aa132184e5b0e1da70b8d5..f434b336c25aa80721dd3347c67d7faef1d1e6bc 100644 (file)
--- a/testing/tests/ikev1/double-nat/posttest.dat
+++ b/testing/tests/ikev1/double-nat/posttest.dat
@@ -4,5 +4,3 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F

diff --git a/testing/tests/ikev1/nat-rw/posttest.dat b/testing/tests/ikev1/nat-rw/posttest.dat
index 4643a3a7bc06d6503b8bce5f1d684f81cf7a5702..bc7d2377107607c7beee6e0dc4d2d21556278cec 100644 (file)
--- a/testing/tests/ikev1/nat-rw/posttest.dat
+++ b/testing/tests/ikev1/nat-rw/posttest.dat
@@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F

diff --git a/testing/tests/ikev1/nat-virtual-ip/posttest.dat b/testing/tests/ikev1/nat-virtual-ip/posttest.dat
index 11bd19da752188b2abcf45860fd0ad4730db0fa1..b9fbde7cb746c75be5d654bc5cb62414c355ce66 100644 (file)
--- a/testing/tests/ikev1/nat-virtual-ip/posttest.dat
+++ b/testing/tests/ikev1/nat-virtual-ip/posttest.dat
@@ -2,5 +2,4 @@ moon::ipsec stop
 sun::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::rm /etc/nat_updown

diff --git a/testing/tests/ikev1/nat-virtual-ip/pretest.dat b/testing/tests/ikev1/nat-virtual-ip/pretest.dat
index eb0c28c7f88c4edc0d8ccfd3e64eed766a140975..8945d87b9bf3213ce63a5b45fb803ef584ea9760 100644 (file)
--- a/testing/tests/ikev1/nat-virtual-ip/pretest.dat
+++ b/testing/tests/ikev1/nat-virtual-ip/pretest.dat
@@ -1,8 +1,7 @@
 moon::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::ipsec start
 sun::ipsec start
-moon::sleep 1 
+moon::sleep 1
 moon::ipsec up net-net
 moon::sleep 1

diff --git a/testing/tests/ikev2/compress-nat/posttest.dat b/testing/tests/ikev2/compress-nat/posttest.dat
index b8432a8f252da0d8c76254cd5565708e509f7a34..ddab5f9f9081bb8418ea7cace275c20ca2323ac2 100644 (file)
--- a/testing/tests/ikev2/compress-nat/posttest.dat
+++ b/testing/tests/ikev2/compress-nat/posttest.dat
@@ -5,6 +5,4 @@ alice::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
-sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
-sun::conntrack -F
\ No newline at end of file
+sun::iptables-restore < /etc/iptables.flush
\ No newline at end of file

diff --git a/testing/tests/ikev2/double-nat-net/posttest.dat b/testing/tests/ikev2/double-nat-net/posttest.dat
index 63d4f98e7878d7cf77686455e1242c204aff1cd8..ec663e70d9f58d60268d7428407cc897b8bfe752 100644 (file)
--- a/testing/tests/ikev2/double-nat-net/posttest.dat
+++ b/testing/tests/ikev2/double-nat-net/posttest.dat
@@ -4,6 +4,4 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
 sun::ip route del 10.1.0.0/16 via PH_IP_BOB

diff --git a/testing/tests/ikev2/double-nat/posttest.dat b/testing/tests/ikev2/double-nat/posttest.dat
index aa806bfc93c69a4198aa132184e5b0e1da70b8d5..f434b336c25aa80721dd3347c67d7faef1d1e6bc 100644 (file)
--- a/testing/tests/ikev2/double-nat/posttest.dat
+++ b/testing/tests/ikev2/double-nat/posttest.dat
@@ -4,5 +4,3 @@ alice::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
 sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F

diff --git a/testing/tests/ikev2/ip-two-pools-db/posttest.dat b/testing/tests/ikev2/ip-two-pools-db/posttest.dat
index 9c0bb5caefad97e6113b6530b51ac676b04bf454..150690e3cbaccc742a0ecb642ac5182cba2ccad7 100644 (file)
--- a/testing/tests/ikev2/ip-two-pools-db/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-db/posttest.dat
@@ -10,7 +10,6 @@ carol::iptables-restore < /etc/iptables.flush
 dave::iptables-restore < /etc/iptables.flush
 moon::ip route del 10.3.0.0/16 via PH_IP_MOON
 moon::ip route del 10.4.0.0/16 via PH_IP_MOON1
-moon::conntrack -F
 moon::ipsec pool --del extpool 2> /dev/null
 moon::ipsec pool --del intpool 2> /dev/null
 moon::ipsec pool --delattr dns --server PH_IP_VENUS --pool intpool --identity venus.strongswan.org 2> /dev/null

diff --git a/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat b/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat
index a3924b2f617160e133415d3deaa956a6e65b3592..57449be256fc06893cf0a1668c649728ceba74b1 100644 (file)
--- a/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-mixed/posttest.dat
@@ -4,6 +4,5 @@ moon::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 alice::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::ipsec pool --del intpool 2> /dev/null
 moon::rm /etc/ipsec.d/ipsec.*

diff --git a/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat b/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat
index 311e9f21dbf96f280ba197c5e5ec047439819d44..2e78893e3102fb94499329e08e004d541baad858 100644 (file)
--- a/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat
@@ -1,5 +1,4 @@
 alice::ip -6 route del default via fec1:\:1
 carol::ipsec stop
 moon::ipsec stop
-moon::conntrack -F
 moon::rm /etc/ipsec.d/ipsec.*

diff --git a/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat b/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat
index bb20cae0587ae34cd851644eaff9799d656152fc..e46195cd36f15977aef1b9b321b3ac1f2e7b31e4 100644 (file)
--- a/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat
@@ -1,4 +1,3 @@
 alice::ip -6 route del default via fec1:\:1
 carol::ipsec stop
 moon::ipsec stop
-moon::conntrack -F

diff --git a/testing/tests/ikev2/ip-two-pools/posttest.dat b/testing/tests/ikev2/ip-two-pools/posttest.dat
index 2fbc2c3a0d5b6a2f85c843603fcb50566b755d8c..7de2bc9be1f2b3643f915ea37a9e2b8ef93ca2ae 100644 (file)
--- a/testing/tests/ikev2/ip-two-pools/posttest.dat
+++ b/testing/tests/ikev2/ip-two-pools/posttest.dat
@@ -4,5 +4,4 @@ moon::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 alice::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::rm /etc/ipsec.d/ipsec.*

diff --git a/testing/tests/ikev2/mobike-nat/posttest.dat b/testing/tests/ikev2/mobike-nat/posttest.dat
index f4e5316c9f91dc3000d3b7f5e0e2547e844dd152..0754edeab9df550f9106bfc4ec9f3fcab54c56c8 100644 (file)
--- a/testing/tests/ikev2/mobike-nat/posttest.dat
+++ b/testing/tests/ikev2/mobike-nat/posttest.dat
@@ -3,4 +3,3 @@ sun::ipsec stop
 alice::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F

diff --git a/testing/tests/ikev2/mobike-nat/pretest.dat b/testing/tests/ikev2/mobike-nat/pretest.dat
index 86ac6e7e0a5c67b62db2feb4e969c94d3b2dc517..fde195daaf08c5932f8467cc0e46ac94932650b3 100644 (file)
--- a/testing/tests/ikev2/mobike-nat/pretest.dat
+++ b/testing/tests/ikev2/mobike-nat/pretest.dat
@@ -1,7 +1,6 @@
 alice::ifup eth1
 alice::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
 alice::ipsec start

diff --git a/testing/tests/ikev2/nat-rw-mark/posttest.dat b/testing/tests/ikev2/nat-rw-mark/posttest.dat
index 72dff4e10549b585681f9a00ac9f2f96561e2265..343fcc15b880928421ad7731ff6c1e97287c2dfe 100644 (file)
--- a/testing/tests/ikev2/nat-rw-mark/posttest.dat
+++ b/testing/tests/ikev2/nat-rw-mark/posttest.dat
@@ -6,7 +6,5 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 sun::iptables-restore < /etc/iptables.flush
-sun::conntrack -F
 sun::rm /etc/mark_updown

diff --git a/testing/tests/ikev2/nat-rw-psk/posttest.dat b/testing/tests/ikev2/nat-rw-psk/posttest.dat
index 4643a3a7bc06d6503b8bce5f1d684f81cf7a5702..bc7d2377107607c7beee6e0dc4d2d21556278cec 100644 (file)
--- a/testing/tests/ikev2/nat-rw-psk/posttest.dat
+++ b/testing/tests/ikev2/nat-rw-psk/posttest.dat
@@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F

diff --git a/testing/tests/ikev2/nat-rw/posttest.dat b/testing/tests/ikev2/nat-rw/posttest.dat
index 4643a3a7bc06d6503b8bce5f1d684f81cf7a5702..bc7d2377107607c7beee6e0dc4d2d21556278cec 100644 (file)
--- a/testing/tests/ikev2/nat-rw/posttest.dat
+++ b/testing/tests/ikev2/nat-rw/posttest.dat
@@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F

diff --git a/testing/tests/ikev2/nat-rw/pretest.dat b/testing/tests/ikev2/nat-rw/pretest.dat
index f58e82adc059dc49f3b4b7560f0150e75fe6b503..12676f7ac12282d70b273c69f6df9db29fca58b4 100644 (file)
--- a/testing/tests/ikev2/nat-rw/pretest.dat
+++ b/testing/tests/ikev2/nat-rw/pretest.dat
@@ -1,14 +1,13 @@
 alice::iptables-restore < /etc/iptables.rules
 venus::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
 alice::ipsec start
 venus::ipsec start
 sun::ipsec start
-alice::sleep 2 
+alice::sleep 2
 alice::ipsec up nat-t
-venus::sleep 2 
+venus::sleep 2
 venus::ipsec up nat-t
 venus::sleep 2

diff --git a/testing/tests/ikev2/nat-virtual-ip/posttest.dat b/testing/tests/ikev2/nat-virtual-ip/posttest.dat
index 11bd19da752188b2abcf45860fd0ad4730db0fa1..b9fbde7cb746c75be5d654bc5cb62414c355ce66 100644 (file)
--- a/testing/tests/ikev2/nat-virtual-ip/posttest.dat
+++ b/testing/tests/ikev2/nat-virtual-ip/posttest.dat
@@ -2,5 +2,4 @@ moon::ipsec stop
 sun::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
 moon::rm /etc/nat_updown

diff --git a/testing/tests/ikev2/nat-virtual-ip/pretest.dat b/testing/tests/ikev2/nat-virtual-ip/pretest.dat
index eb0c28c7f88c4edc0d8ccfd3e64eed766a140975..8945d87b9bf3213ce63a5b45fb803ef584ea9760 100644 (file)
--- a/testing/tests/ikev2/nat-virtual-ip/pretest.dat
+++ b/testing/tests/ikev2/nat-virtual-ip/pretest.dat
@@ -1,8 +1,7 @@
 moon::iptables-restore < /etc/iptables.rules
 sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
 moon::ipsec start
 sun::ipsec start
-moon::sleep 1 
+moon::sleep 1
 moon::ipsec up net-net
 moon::sleep 1

diff --git a/testing/tests/ikev2/net2net-same-nets/posttest.dat b/testing/tests/ikev2/net2net-same-nets/posttest.dat
index b0225c37e2f5468f8098e7fca7b3d0b398a7fa24..5fca9501da2acaa9647ba6757b5057b92a29fede 100644 (file)
--- a/testing/tests/ikev2/net2net-same-nets/posttest.dat
+++ b/testing/tests/ikev2/net2net-same-nets/posttest.dat
@@ -4,4 +4,3 @@ moon::ipsec stop
 sun::ipsec stop
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-sun::conntrack -F

diff --git a/testing/tests/ikev2/rw-mark-in-out/posttest.dat b/testing/tests/ikev2/rw-mark-in-out/posttest.dat
index 283099acb57e01cf323b213a938a0c9720233bc7..407427a0df00c4c86b7f84d1129c4f56b123b2f1 100644 (file)
--- a/testing/tests/ikev2/rw-mark-in-out/posttest.dat
+++ b/testing/tests/ikev2/rw-mark-in-out/posttest.dat
@@ -6,7 +6,5 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 sun::ip route del 10.1.0.0/16 via PH_IP_MOON
-sun::conntrack -F
 sun::rm /etc/mark_updown
 moon::iptables -t nat -F
-moon::conntrack -F

diff --git a/testing/tests/p2pnat/behind-same-nat/posttest.dat b/testing/tests/p2pnat/behind-same-nat/posttest.dat
index a1d5b46123ebc05d3eb4b3ed564a020c6d29dc48..f020957258e384f637a0d97b73dc2edb7c36f405 100644 (file)
--- a/testing/tests/p2pnat/behind-same-nat/posttest.dat
+++ b/testing/tests/p2pnat/behind-same-nat/posttest.dat
@@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 carol::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
-moon::conntrack -F

diff --git a/testing/tests/p2pnat/medsrv-psk/posttest.dat b/testing/tests/p2pnat/medsrv-psk/posttest.dat
index 4b696b90f9cb690c37bdb54b6086cd3a2b7be07c..90a7292377c39a97e1dbe816d58dfa15f6eea632 100644 (file)
--- a/testing/tests/p2pnat/medsrv-psk/posttest.dat
+++ b/testing/tests/p2pnat/medsrv-psk/posttest.dat
@@ -6,5 +6,3 @@ carol::iptables-restore < /etc/iptables.flush
 bob::iptables-restore < /etc/iptables.flush
 moon::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
-sun::conntrack -F

diff --git a/testing/tests/pfkey/nat-rw/posttest.dat b/testing/tests/pfkey/nat-rw/posttest.dat
index 4643a3a7bc06d6503b8bce5f1d684f81cf7a5702..bc7d2377107607c7beee6e0dc4d2d21556278cec 100644 (file)
--- a/testing/tests/pfkey/nat-rw/posttest.dat
+++ b/testing/tests/pfkey/nat-rw/posttest.dat
@@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
 venus::iptables-restore < /etc/iptables.flush
 sun::iptables-restore < /etc/iptables.flush
 moon::iptables -t nat -F
-moon::conntrack -F