Date: Tue, 18 Jan 2022 10:39:14 +0100 From: Kristof Provost <kp@FreeBSD.org> To: Gleb Smirnoff <glebius@freebsd.org> Cc: dev-commits-src-main@freebsd.org, current@freebsd.org, bz@freebsd.org, zec@freebsd.org Subject: Re: netinet & netpfil tests failing Message-ID: <C7250F06-4DA1-4647-9EAF-936168B55BF5@FreeBSD.org> In-Reply-To: <YeYg71ZNBTpjpVcL@FreeBSD.org> References: <YeYg71ZNBTpjpVcL@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18 Jan 2022, at 3:07, Gleb Smirnoff wrote: > * Another factor - scapy. The python scapy library would emit warning = to stderr > if it sees interface without any IP address. This happens right at '= import scapy'. > The test suite considers a test failed if it has something on stderr,= even if > it returned success. > > So, result is that some test (absolutely unrelated to pcbs) leaves a ja= il with > interfaces, then jail is released, interfaced pop up at vnet0, and then= some > other test (absolutely unrelated to pcbs) using scapy writes a warning = to stderr > and triggers failure. > Several of the pf scapy scripts deal with that issue by setting the scapy= log level: https://cgit.freebsd.org/src/tree/tests/sys/netpfil/pf/CVE-2019-5597.py#n= 30 So that part at least we could probably mitigate easily. (I=E2=80=99m not overly fond of that decision in scapy, but didn=E2=80=99= t want to resort to patching scapy to cope with our fairly specific requi= rements.) Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C7250F06-4DA1-4647-9EAF-936168B55BF5>