New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nixos/upnp tests: NAT-PMP support and improvements #80984
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This certainly looks like an improvement 👍. Only a minor optional suggestion, I'd personally rename server
to internalServer
and client
to externalClient
, just to match their *Address
variables.
589a642
to
f7454fc
Compare
Thanks for reviewing. Having tried the change I found it more busy and difficult for me to follow the testScript and the output of the test log. This is what it looks like: I updated the current branch with more comments to make it more obvious what is internal/inside and external/outside, while keeping the short distinct names as an alternative. Do you have a preference? |
Ah, it already looks good and can follow along just fine with the comments 👍 |
33385f8
to
10eb8ef
Compare
10eb8ef
to
e9599f8
Compare
@yesbox please resolve the merge conflict. |
e9599f8
to
cd26048
Compare
@SuperSandro2000, merge conflict resolved! 👍 |
I marked this as stale due to inactivity. → More info |
I marked this as stale due to inactivity. → More info |
* Verifies the NAT-PMP feature. * Asserts that the server is not reachable before port mapping. * Tests closing ports via uPnP and NAT-PMP. * Cleaning up the test.
I find this test case (both master and this PR) fails since cf9ac2b, with the error message "chain MINIUPNPD not found". Flipping nftablesCompat in pkgs/os-specific/linux/iptables/default.nix back to false resolves the issue. |
Have you tried updating miniupnpd? It looks like miniupnpd has multiple backends in new versions: |
Tried now, like so 35e81d9, but the test fails (and passes if flipping nftablesCompat) in the same manner. |
I doubt it is that simple. At least miniupnpd needs to be compiled with |
FYI, I've opened a PR with an equivalent of the It is not ideal, but making iptables-nft <-> miniupnpd nftables backend compatible looks non-trivial as well. This PR is a great improvement to the tests, so I hope this can be merged after my PR! |
Updates the nixos/upnp test:
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)