From: Phil Sutter <phil@nwl.cc>
Date: Tue, 17 Nov 2020 18:00:45 +0000 (+0100)
Subject: iptables-test.py: Try to unshare netns by default
X-Git-Tag: v1.8.7~20
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=21873c24159053ce0a6bbd7e93091ceb0b73f90b;p=thirdparty%2Fiptables.git

iptables-test.py: Try to unshare netns by default

If user did not explicitly requst to "test netnamespace path", try an
import of 'unshare' module and call unshare() to avoid killing the local
host's network by accident.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---

diff --git a/iptables-test.py b/iptables-test.py
index 52897a5d..ca5efb1b 100755
--- a/iptables-test.py
+++ b/iptables-test.py
@@ -366,6 +366,13 @@ def main():
                      if i.endswith('.t')]
         file_list.sort()
 
+    if not args.netns:
+        try:
+            import unshare
+            unshare.unshare(unshare.CLONE_NEWNET)
+        except:
+            print("Cannot run in own namespace, connectivity might break")
+
     for filename in file_list:
         file_tests, file_passed = run_test_file(filename, args.netns)
         if file_tests: