From 5dd9184945cceaa724b28c0c9f5604b80b54b472 Mon Sep 17 00:00:00 2001 From: Quan Tian Date: Mon, 6 Jun 2022 12:56:27 +0800 Subject: [PATCH] Fix SCTP default-deny test The test is about SCTP and the accessed service only forwarded SCTP traffic to the server Pod but the client Pod used TCP protocol, so the test traffic never reached the server Pod and the test NetworkPolicy was never enforced, which lead to test success even if the default-deny policy was implemented wrongly. In some cases it may got failure result if there was an external server having same IP as the cluster IP and listening to TCP 80 port. Signed-off-by: Quan Tian --- test/e2e/network/netpol/network_legacy.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/network/netpol/network_legacy.go b/test/e2e/network/netpol/network_legacy.go index 132899a51b2..7bec312082b 100644 --- a/test/e2e/network/netpol/network_legacy.go +++ b/test/e2e/network/netpol/network_legacy.go @@ -1780,7 +1780,7 @@ var _ = common.SIGDescribe("NetworkPolicy [Feature:SCTPConnectivity][LinuxOnly][ // Create a pod with name 'client-cannot-connect', which will attempt to communicate with the server, // but should not be able to now that isolation is on. - testCannotConnect(f, f.Namespace, "client-cannot-connect", service, 80) + testCannotConnectProtocol(f, f.Namespace, "client-cannot-connect", service, 80, v1.ProtocolSCTP) }) ginkgo.It("should enforce policy based on Ports [Feature:NetworkPolicy]", func() {