Prevent generating outbound traffic on a non-loopback interface during tests.
- Fix all tests, including ones that generate DNS traffic
- Change CI to catch new regressions, including DNS traffic. DNS traffic is detected because some VMs have configured a non-loopback DNS server,
[1111:1111::1]:53
:previous releases, depends DEBUG
TSan, depends, gui
multiprocess, i686, DEBUG
no wallet, libbitcoinkernel
- Required capabilities within the VM are explicit in
02_run_container.sh
:--cap-add NET_RAW
- False positives either from non-test generated outbound traffic or responses to outside-originated traffic will fail the CI. I think there is a good chance that this does not happen. If it happens then this can be revisited then and can be easily worked around by removing the
exit 1
line added to03_test_script.sh
in this PR.
Summary of each VM wrt the new check:
0ASan + LSan + UBSan + integer, no depends, USDT (GitHub)
132-bit CentOS, dash, gui (Cirrus CI)
2TSan, depends, gui (Cirrus CI)
3fuzzer,address,undefined,integer, no depends (Cirrus CI)
4multiprocess, i686, DEBUG (Cirrus CI)
:heavy_check_mark:
0ARM, unit tests, no functional tests (Cirrus CI)
1MSan, depends (Cirrus CI)
2Win64, unit tests, no gui tests, no functional tests (Cirrus CI)
3no wallet, libbitcoinkernel (Cirrus CI)
4previous releases, depends DEBUG (Cirrus CI)
:warning: can’t stop tcpdump
, traffic data is not flushed to the file
0+ kill -SIGTERM 6594 7342
1/ci_container_base/ci/test/03_test_script.sh: line 168: kill: (6594) - Permission denied
2/ci_container_base/ci/test/03_test_script.sh: line 168: kill: (7342) - Permission denied
3...
4++ tcpdump -n -r /tmp/tcpdump_eth0 --direction=out tcp or udp
5tcpdump: truncated dump file; tried to read 4 file header bytes, only got 0
0macOS 14 native, arm64, no depends, sqlite only, gui (GitHub)
1macOS 14 native, arm64, fuzz (GitHub)
:no_entry:
0Running on host system without docker wrapper
1...
2+ tcpdump -n -i utun3 -w /tmp/tcpdump_utun3
3tcpdump: utun3: You don't have permission to capture on that device
4((cannot open BPF device) /dev/bpf0: Permission denied)
0Win64 native, VS 2022 (GitHub)
1Win64 native fuzz, VS 2022 (GitHub)
:no_entry:
0test each commit (GitHub)
1lint (Cirrus CI)
2macOS-cross, gui, no tests (Cirrus CI)
3tidy (Cirrus CI)
Resolves #31339