Signed-off-by: fu.lin fulin10@huawei.com --- test/zdtm/static/socket-tcp-nfconntrack.desc | 2 +- test/zdtm/static/socket-tcp.c | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/test/zdtm/static/socket-tcp-nfconntrack.desc b/test/zdtm/static/socket-tcp-nfconntrack.desc index add2513..05bdb49 100644 --- a/test/zdtm/static/socket-tcp-nfconntrack.desc +++ b/test/zdtm/static/socket-tcp-nfconntrack.desc @@ -1 +1 @@ -{'flavor': 'h', 'opts': '--tcp-established', 'flags': 'suid'} +{'flavor': 'h', 'opts': '--tcp-established', 'flags': 'suid excl'} diff --git a/test/zdtm/static/socket-tcp.c b/test/zdtm/static/socket-tcp.c index 5158fe3..f73b504 100644 --- a/test/zdtm/static/socket-tcp.c +++ b/test/zdtm/static/socket-tcp.c @@ -57,6 +57,13 @@ int write_data(int fd, const unsigned char *buf, int size) return 0; }
+#ifdef ZDTM_CONNTRACK +static void ipt_flush(void) +{ + system("iptables -w --flush"); +} +#endif + int main(int argc, char **argv) { unsigned char buf[BUF_SIZE]; @@ -72,6 +79,12 @@ int main(int argc, char **argv) pr_perror("unshare"); return 1; } + + if (atexit(ipt_flush) != 0) { + pr_perror("atexit"); + return 1; + } + if (system("ip link set up dev lo")) return 1; if (system("iptables -w -A INPUT -i lo -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT"))