Browse code
TestConntrackFlowsLeak: use busybox "nc"
The appropriate/nc image was last built over 6 years ago, and uses the
deprecated v2 schema 1 format.
https://github.com/appropriate/docker-nc/tree/master/latest
The image is just a plain "apk install" of netbsd-netcat, but was added
in 1c4286bcffcdc6668f84570a2754c78cccbbf7e1, because at the time the
busybox nc had some bugs.
These appear to be resolved, so we can use the busybox nc, from the
frozen images.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn authored on 2021/11/19 01:39:58Showing 1 changed files
| ... | ... |
@@ -1747,12 +1747,12 @@ func (s *DockerNetworkSuite) TestConntrackFlowsLeak(c *testing.T) {
|
| 1747 | 1747 |
assertNwIsAvailable(c, "testbind") |
| 1748 | 1748 |
|
| 1749 | 1749 |
// Launch the server, this will remain listening on an exposed port and reply to any request in a ping/pong fashion |
| 1750 |
- cmd := "while true; do echo hello | nc -w 1 -lu 8080; done" |
|
| 1751 |
- cli.DockerCmd(c, "run", "-d", "--name", "server", "--net", "testbind", "-p", "8080:8080/udp", "appropriate/nc", "sh", "-c", cmd) |
|
| 1750 |
+ cmd := "while true; do echo hello | nc -w 1 -l -u -p 8080; done" |
|
| 1751 |
+ cli.DockerCmd(c, "run", "-d", "--name", "server", "--net", "testbind", "-p", "8080:8080/udp", "busybox", "sh", "-c", cmd) |
|
| 1752 | 1752 |
|
| 1753 | 1753 |
// Launch a container client, here the objective is to create a flow that is natted in order to expose the bug |
| 1754 |
- cmd = "echo world | nc -q 1 -u 192.168.10.1 8080" |
|
| 1755 |
- cli.DockerCmd(c, "run", "-d", "--name", "client", "--net=host", "appropriate/nc", "sh", "-c", cmd) |
|
| 1754 |
+ cmd = "echo world | nc -w 1 -u 192.168.10.1 8080" |
|
| 1755 |
+ cli.DockerCmd(c, "run", "-d", "--name", "client", "--net=host", "busybox", "sh", "-c", cmd) |
|
| 1756 | 1756 |
|
| 1757 | 1757 |
// Get all the flows using netlink |
| 1758 | 1758 |
flows, err := netlink.ConntrackTableList(netlink.ConntrackTable, unix.AF_INET) |