4 files changed, 46 insertions, 26 deletions
diff --git a/gcov.sh b/gcov.sh
index 0f2808ace..ef95b44b0 100755
--- a/gcov.sh
+++ b/gcov.sh
@@ -21,29 +21,29 @@ rm -fr gcov-dir gcov-file
 firejail --version
 gcov_generate
-make test-firecfg | grep TESTING
+#make test-firecfg | grep TESTING
-gcov_generate
+#gcov_generate
-make test-apparmor | grep TESTING
+#make test-apparmor | grep TESTING
-gcov_generate
+#gcov_generate
 make test-network | grep TESTING
 gcov_generate
-make test-appimage | grep TESTING
+#make test-appimage | grep TESTING
-gcov_generate
+#gcov_generate
-make test-chroot | grep TESTING
+#make test-chroot | grep TESTING
-gcov_generate
+#gcov_generate
-make test-sysutils | grep TESTING
+#make test-sysutils | grep TESTING
-gcov_generate
+#gcov_generate
-make test-private-etc | grep TESTING
+#make test-private-etc | grep TESTING
-gcov_generate
+#gcov_generate
-make test-profiles | grep TESTING
+#make test-profiles | grep TESTING
-gcov_generate
+#gcov_generate
-make test-fcopy | grep TESTING
+#make test-fcopy | grep TESTING
-gcov_generate
+#gcov_generate
 make test-fnetfilter | grep TESTING
 gcov_generate
-make test-fs | grep TESTING
+#make test-fs | grep TESTING
-gcov_generate
+#gcov_generate
-make test-utils | grep TESTING
+#make test-utils | grep TESTING
-gcov_generate
+#gcov_generate
-make test-environment | grep TESTING
+#make test-environment | grep TESTING
-gcov_generate
+#gcov_generate
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c
index b4deda562..32fdd6218 100644
--- a/src/firejail/netfilter.c
+++ b/src/firejail/netfilter.c
@@ -248,5 +248,5 @@ void netfilter_print(pid_t pid, int ipv6) {
                exit(1);
        }
-        sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 2, iptables, "-vL");
+        sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 2, iptables, "-nvL");
 }
diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp
index 56480251e..ac144e19d 100755
--- a/test/network/net_netfilter.exp
+++ b/test/network/net_netfilter.exp
@@ -20,7 +20,27 @@ spawn $env(SHELL)
 send -- "firejail --netfilter.print=test\r"
 expect {
        timeout {puts "TESTING ERROR 1\n";exit}
-        "ACCEPT     all  --  any    any     anywhere             anywhere             state RELATED,ESTABLISHED"
+        "ACCEPT"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "lo"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "ACCEPT"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "state RELATED,ESTABLISHED"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "ACCEPT"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "icmptype 8"
 }
 after 500
diff --git a/test/network/network.sh b/test/network/network.sh
index e062358d4..2a7de2680 100755
--- a/test/network/network.sh
+++ b/test/network/network.sh
@@ -39,8 +39,8 @@ echo "TESTING: bandwidth (net_bandwidth.exp)"
 echo "TESTING: ipv6 (ip6.exp)"
 ./ip6.exp
-#echo "TESTING: ipv6 netfilter(ip6_netfilter.exp)"
+echo "TESTING: ipv6 netfilter(ip6_netfilter.exp)"
-#./ip6_netfilter.exp
+./ip6_netfilter.exp
 sudo ip link set br0 down
 sudo brctl delbr br0

diff --git a/gcov.sh b/gcov.sh index 0f2808ace..ef95b44b0 100755 --- a/gcov.sh +++ b/gcov.sh
@@ -21,29 +21,29 @@ rm -fr gcov-dir gcov-file
21	firejail --version	21	firejail --version
22	gcov_generate	22	gcov_generate
23		23
24	make test-firecfg \| grep TESTING	24	#make test-firecfg \| grep TESTING
25	gcov_generate	25	#gcov_generate
26	make test-apparmor \| grep TESTING	26	#make test-apparmor \| grep TESTING
27	gcov_generate	27	#gcov_generate
28	make test-network \| grep TESTING	28	make test-network \| grep TESTING
29	gcov_generate	29	gcov_generate
30	make test-appimage \| grep TESTING	30	#make test-appimage \| grep TESTING
31	gcov_generate	31	#gcov_generate
32	make test-chroot \| grep TESTING	32	#make test-chroot \| grep TESTING
33	gcov_generate	33	#gcov_generate
34	make test-sysutils \| grep TESTING	34	#make test-sysutils \| grep TESTING
35	gcov_generate	35	#gcov_generate
36	make test-private-etc \| grep TESTING	36	#make test-private-etc \| grep TESTING
37	gcov_generate	37	#gcov_generate
38	make test-profiles \| grep TESTING	38	#make test-profiles \| grep TESTING
39	gcov_generate	39	#gcov_generate
40	make test-fcopy \| grep TESTING	40	#make test-fcopy \| grep TESTING
41	gcov_generate	41	#gcov_generate
42	make test-fnetfilter \| grep TESTING	42	make test-fnetfilter \| grep TESTING
43	gcov_generate	43	gcov_generate
44	make test-fs \| grep TESTING	44	#make test-fs \| grep TESTING
45	gcov_generate	45	#gcov_generate
46	make test-utils \| grep TESTING	46	#make test-utils \| grep TESTING
47	gcov_generate	47	#gcov_generate
48	make test-environment \| grep TESTING	48	#make test-environment \| grep TESTING
49	gcov_generate	49	#gcov_generate


diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c index b4deda562..32fdd6218 100644 --- a/src/firejail/netfilter.c +++ b/src/firejail/netfilter.c
@@ -248,5 +248,5 @@ void netfilter_print(pid_t pid, int ipv6) {
248	exit(1);	248	exit(1);
249	}	249	}
250		250
251	sbox_run(SBOX_ROOT \| SBOX_CAPS_NETWORK \| SBOX_SECCOMP, 2, iptables, "-vL");	251	sbox_run(SBOX_ROOT \| SBOX_CAPS_NETWORK \| SBOX_SECCOMP, 2, iptables, "-nvL");
252	}	252	}


diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp index 56480251e..ac144e19d 100755 --- a/test/network/net_netfilter.exp +++ b/test/network/net_netfilter.exp
@@ -20,7 +20,27 @@ spawn $env(SHELL)
20	send -- "firejail --netfilter.print=test\r"	20	send -- "firejail --netfilter.print=test\r"
21	expect {	21	expect {
22	timeout {puts "TESTING ERROR 1\n";exit}	22	timeout {puts "TESTING ERROR 1\n";exit}
23	"ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED"	23	"ACCEPT"
		24	}
		25	expect {
		26	timeout {puts "TESTING ERROR 1\n";exit}
		27	"lo"
		28	}
		29	expect {
		30	timeout {puts "TESTING ERROR 1\n";exit}
		31	"ACCEPT"
		32	}
		33	expect {
		34	timeout {puts "TESTING ERROR 1\n";exit}
		35	"state RELATED,ESTABLISHED"
		36	}
		37	expect {
		38	timeout {puts "TESTING ERROR 1\n";exit}
		39	"ACCEPT"
		40	}
		41	expect {
		42	timeout {puts "TESTING ERROR 1\n";exit}
		43	"icmptype 8"
24	}	44	}
25		45
26	after 500	46	after 500


diff --git a/test/network/network.sh b/test/network/network.sh index e062358d4..2a7de2680 100755 --- a/test/network/network.sh +++ b/test/network/network.sh
@@ -39,8 +39,8 @@ echo "TESTING: bandwidth (net_bandwidth.exp)"
39	echo "TESTING: ipv6 (ip6.exp)"	39	echo "TESTING: ipv6 (ip6.exp)"
40	./ip6.exp	40	./ip6.exp
41		41
42	#echo "TESTING: ipv6 netfilter(ip6_netfilter.exp)"	42	echo "TESTING: ipv6 netfilter(ip6_netfilter.exp)"
43	#./ip6_netfilter.exp	43	./ip6_netfilter.exp
44		44
45	sudo ip link set br0 down	45	sudo ip link set br0 down
46	sudo brctl delbr br0	46	sudo brctl delbr br0