test_suite: flush iptables in test prepare phase

2014-01-21 11:18:36 +01:00 · 2014-01-21 11:18:36 +01:00 · 81e4c0d918
parent f6d504a2a2
commit 81e4c0d918
4 changed files with 28 additions and 0 deletions
--- a/test_suite/README
+++ b/test_suite/README
@ -27,6 +27,7 @@ Contents
 8. Resources
 9. Starting the whole test suite via cronjob
 10. Concurrent test runs
+11. Firewalls

 1. Running a test
 -----------------
@ -274,6 +275,14 @@ To avoid concurrent run of tests on the same host each run creates temporary
 files (/tmp/test-suite_on.<host>, see main_lock_file_list) and deletes them
 afterwards.

+11. Firewalls
+-------------
+Certain tests cut temporarily network connections by defining firewall rules.
+Normally even in case of failure these connections are restored. To be sure
+that no firewall rules prevent tests from running the flag
+net_clear_iptables_in_prepare_phase is set to 1 in default-net.conf.
+This flag leads to deletion of *all* iptable chains on the test hosts.
+If you do not want this behaviour set net_clear_iptables_in_prepare_phase=0.



--- a/test_suite/default-net.conf
+++ b/test_suite/default-net.conf
@ -21,6 +21,11 @@

 ## defaults for module net

+## flag whether all iptable chains should be deleted in the functions
+## which are called to prepare a replication (e.g. resource_prepare)
+net_clear_iptables_in_prepare_phase=1
+
+
 ## array containing the shell commands manipulating the network connection
 ## The string remote_host must be replaced by the actual host name at runtime
 declare -g -A net_impact_cmd
--- a/test_suite/scripts/modules/38_resource.sh
+++ b/test_suite/scripts/modules/38_resource.sh
@ -20,6 +20,9 @@
 function resource_prepare
 {
    resource_check_variables
+    if [ $net_clear_iptables_in_prepare_phase -eq 1 ]; then
+        net_clear_iptables_all
+    fi
    resource_kill_all_scripts
    cluster_rmmod_mars_all
    cluster_clear_and_umount_mars_dir_all
@ -40,6 +43,9 @@ function resource_quick_prepare_first_resource
    local dev="$(lv_config_get_lv_device $res)"
    local data_dev=$(resource_get_data_device $res)
    local waited
+    if [ $net_clear_iptables_in_prepare_phase -eq 1 ]; then
+        net_clear_iptables_all
+    fi
    cluster_rmmod_mars_all
    cluster_clear_and_mount_mars_dir_all
    cluster_insert_mars_module_all
--- a/test_suite/scripts/modules/47_net.sh
+++ b/test_suite/scripts/modules/47_net.sh
@ -116,3 +116,11 @@ function net_check_variables
    done
 }

+function net_clear_iptables_all
+{
+    local host
+    for host in "${main_host_list[@]}"; do
+        lib_vmsg "  flushing iptables on $host"
+        lib_remote_idfile $host "iptables -F" || lib_exit 1
+    done
+}