From 1f2658e0eff022a745580e132909e4a656dd53a3 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Wed, 25 Sep 2024 14:47:46 +1000 Subject: [PATCH] test/system: For pasta port forwarding tests don't bind socat server The various pasta port forwarding tests run a socat server inside a container, then connect to it from a socat client on the host. Currently we have the server bind to the same specific address within the container as we connect to on the host. That's not quite what we want. For "tap" tests where the traffic goes over pasta's L2 link to the container it's fine, though unnecessary. For "loopback" tests where traffic is forwarded by pasta at the L4 socket level, however, it's not quite right. In this case the address used is either 127.0.0.1 or ::. That's correct and as needed for the host side address we're connecting to. However on the container side, this only works because of an odd and arguably undesirable behaviour of pasta: we use the fact that we have an L4 socket within the container to make such "spliced" L4 connections appear as if they come from loopback within the container. A container will generally expect it's loopback address to be only accessible from within the container, and this odd behaviour may be changed in pasta in future. In any case, the binding of the container side server is unnecessary, so simply remove it. Link: https://github.com/containers/podman/issues/24045 Signed-off-by: David Gibson --- test/system/505-networking-pasta.bats | 4 ---- 1 file changed, 4 deletions(-) diff --git a/test/system/505-networking-pasta.bats b/test/system/505-networking-pasta.bats index aa1691a4e7..9a00533788 100644 --- a/test/system/505-networking-pasta.bats +++ b/test/system/505-networking-pasta.bats @@ -169,10 +169,6 @@ function pasta_test_do() { # socat options for first
in server ("LISTEN" address types), local bind="${proto_upper}${ip_ver}-LISTEN:\${port}" - # For IPv6 via tap, we can pick either link-local or global unicast - if [ ${ip_ver} -eq 4 ] || [ ${iftype} = "loopback" ]; then - bind="${bind},bind=[${addr}]" - fi if [ "${proto}" = "udp" ]; then bind="${bind},null-eof" fi