Imported Upstream version 5.3.4

2 files changed, 6 insertions, 3 deletions

diff --git a/testing/tests/ikev2/mobike-nat/hosts/alice/etc/iptables.rules b/testing/tests/ikev2/mobike-nat/hosts/alice/etc/iptables.rules
index 6dd261f20..450e7cef6 100644
--- a/testing/tests/ikev2/mobike-nat/hosts/alice/etc/iptables.rules
+++ b/testing/tests/ikev2/mobike-nat/hosts/alice/etc/iptables.rules
@@ -5,11 +5,15 @@
 -P OUTPUT DROP
 -P FORWARD DROP
 
+# allow traffic on lo as ifup/ifdown call bind's rndc which accesses TCP 953
+-A OUTPUT -o lo -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+
 # allow IPsec tunnel traffic
 -A INPUT  -m policy --dir in  --pol ipsec --proto esp -j ACCEPT
 -A OUTPUT -m policy --dir out --pol ipsec --proto esp -j ACCEPT
 
-# allow ESP 
+# allow ESP
 -A INPUT  -i eth0 -p 50 -j ACCEPT
 -A INPUT  -i eth1 -p 50 -j ACCEPT
 -A OUTPUT -o eth0 -p 50 -j ACCEPT
diff --git a/testing/tests/ikev2/mobike-nat/pretest.dat b/testing/tests/ikev2/mobike-nat/pretest.dat
index fde195daa..68df1b533 100644
--- a/testing/tests/ikev2/mobike-nat/pretest.dat
+++ b/testing/tests/ikev2/mobike-nat/pretest.dat
@@ -5,6 +5,5 @@ moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-
 moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
 alice::ipsec start
 sun::ipsec start
-alice::sleep 2
+alice::expect-connection mobike
 alice::ipsec up mobike
-alice::sleep 1