selftests: netfilter: conntrack_tcp_unreplied.sh: wait for initial connection attempt

Netdev CI reports occasional failures with this test
("ERROR: ns2-dX6bUE did not pick up tcp connection from peer").

Add explicit busywait call until the initial connection attempt shows
up in conntrack rather than a one-shot 'must exist' check.
Signed-off-by: Florian Westphal <fw@strlen.de>
Link: https://lore.kernel.org/r/20240506114320.12178-1-fw@strlen.deSigned-off-by: Jakub Kicinski <kuba@kernel.org>

tools/testing/selftests/net/netfilter/conntrack_tcp_unreplied.sh

@@ -106,6 +106,23 @@ ip netns exec "$ns1" bash -c 'for i in $(seq 1 $BUSYWAIT_TIMEOUT) ; do
 	sleep 0.1
 	done' &
 
+wait_for_attempt()
+{
+	count=$(ip netns exec "$ns2" conntrack -L -p tcp --dport 80 2>/dev/null | wc -l)
+	if [ "$count" -gt 0 ]; then
+		return 0
+	fi
+
+	return 1
+}
+
+# wait for conntrack to pick the new connection request up before loading
+# the nat redirect rule.
+if ! busywait "$BUSYWAIT_TIMEOUT" wait_for_attempt; then
+	echo "ERROR: $ns2 did not pick up tcp connection from peer"
+	exit 1
+fi
+
 ip netns exec "$ns2" nft -f - <<EOF
 table inet nat {
 	chain prerouting {
@@ -119,12 +136,6 @@ if [ $? -ne 0 ]; then
 	exit 1
 fi
 
-count=$(ip netns exec "$ns2" conntrack -L -p tcp --dport 80 2>/dev/null | wc -l)
-if [ "$count" -eq 0 ]; then
-	echo "ERROR: $ns2 did not pick up tcp connection from peer"
-	exit 1
-fi
-
 wait_for_redirect()
 {
 	count=$(ip netns exec "$ns2" conntrack -L -p tcp --reply-port-src 8080 2>/dev/null | wc -l)
@@ -136,7 +147,7 @@ wait_for_redirect()
 }
 echo "INFO: NAT redirect added in ns $ns2, waiting for $BUSYWAIT_TIMEOUT ms for nat to take effect"
 
-busywait $BUSYWAIT_TIMEOUT wait_for_redirect
+busywait "$BUSYWAIT_TIMEOUT" wait_for_redirect
 ret=$?
 
 expect="packets 1 bytes 60"