The check_tor_leaks hook is fragile

https://jenkins.tails.boum.org/job/test_Tails_ISO_feature-5650-rngd/8/ failed (pcap attached) with:

calling as root: systemctl is-system-running
call returned: [0, "running\n", ""]
    And Tor is ready                                                                           # features/step_definitions/common_steps.rb:373
calling as root: date --rfc-2822
call returned: [0, "Fri, 10 Jun 2016 18:18:47 +0000\n", ""]
    Then Tails clock is less than 5 minutes incorrect                                          # features/step_definitions/time_syncing.rb:40
      Time was 0.436531902 seconds off
      Unexpected connections were made:
        #<OpenStruct mac_saddr="50:54:00:f3:87:dc", mac_daddr="52:54:00:53:3c:df", protocol="tcp", saddr="10.2.1.92", daddr="10.2.1.1", sport=55150, dport=5024>.
      <false> is not true. (Test::Unit::AssertionFailedError)
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:55:in `block in assert_block'
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:1588:in `call'
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:1588:in `_wrap_assertion'
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:53:in `assert_block'
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:163:in `block in assert'
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:1593:in `call'
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:1593:in `_wrap_assertion'
      /usr/lib/ruby/vendor_ruby/test/unit/assertions.rb:130:in `assert'
      /var/lib/jenkins/workspace/test_Tails_ISO_feature-5650-rngd/features/support/helpers/firewall_helper.rb:68:in `assert_all_connections'
      /var/lib/jenkins/workspace/test_Tails_ISO_feature-5650-rngd/features/support/hooks.rb:274:in `After'

The pcap shows one initial packet (at time = 0) that’s precisely the one that violates the assertion, and then a DCHP transaction 53s later, and then what looks like a Tor bootstrap with chutney 30s later. So, my theory is that the initial packet, that triggers the failure, is a leftover of the previous scenario, or something, and has nothing to do with the current scenario.

Feature Branch: test/11521-always-power-off-vm

Attachments

• 00_40_52_Clock_with_host_s_time_in_bridge_mode.pcap
• 00_41_12_Clock_with_host_s_time_in_bridge_mode.pcap
• 00_39_01_Clock_with_host_s_time_in_bridge_mode.pcap

Parent Task: #10288

Related issues

• Related to #16148 (closed)
• Blocks #16209

Original created by @intrigeri on 11521 (Redmine)