Repository: cloudstack Updated Branches: refs/heads/master ecf100e4e -> e8486dfca
18 Test cases in the test_egress_fw_rules.py script fails if the guest network is any network other than 10.1.1.0/24 network. The script assumes the guest network to be 10.1.1.0/24 network. Added code to the test suite so that the test cases will work for isolated guest network with any network cidr. Signed-off-by: Nitin Mehta <nitin.me...@citrix.com> Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e8486dfc Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e8486dfc Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e8486dfc Branch: refs/heads/master Commit: e8486dfcaa6b42b549f631e5e00f85cfc71c3969 Parents: ecf100e Author: Chandan Purushothama <chandan.purushoth...@citrix.com> Authored: Tue Jul 29 10:49:12 2014 -0700 Committer: Nitin Mehta <nitin.me...@citrix.com> Committed: Tue Jul 29 10:50:32 2014 -0700 ---------------------------------------------------------------------- .../component/test_egress_fw_rules.py | 40 ++++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e8486dfc/test/integration/component/test_egress_fw_rules.py ---------------------------------------------------------------------- diff --git a/test/integration/component/test_egress_fw_rules.py b/test/integration/component/test_egress_fw_rules.py old mode 100644 new mode 100755 index 4b4b6ee..e6960b2 --- a/test/integration/component/test_egress_fw_rules.py +++ b/test/integration/component/test_egress_fw_rules.py @@ -430,7 +430,7 @@ class TestEgressFWRules(cloudstackTestCase): # 4. ping public network. # 5. public network should not be reachable from the VM. self.create_vm() - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) self.exec_script_on_user_vm('ping -c 1 www.google.com', "| grep -oP \'\d+(?=% packet loss)\'", "['100']", @@ -447,7 +447,7 @@ class TestEgressFWRules(cloudstackTestCase): # 5. ping public network. # 6. public network should be reachable from the VM. self.create_vm(egress_policy=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) self.exec_script_on_user_vm('ping -c 1 www.google.com', "| grep -oP \'\d+(?=% packet loss)\'", "['0']", @@ -467,7 +467,7 @@ class TestEgressFWRules(cloudstackTestCase): "| grep -oP \'\d+(?=% packet loss)\'", "['0']", negative_test=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) #Egress rule is set for ICMP other traffic is allowed self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1', "| grep -oP 'failed:'", @@ -488,7 +488,7 @@ class TestEgressFWRules(cloudstackTestCase): "| grep -oP \'\d+(?=% packet loss)\'", "['100']", negative_test=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) #Egress rule is set for ICMP other traffic is not allowed self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1', "| grep -oP 'failed:'", @@ -504,7 +504,7 @@ class TestEgressFWRules(cloudstackTestCase): # 2. create egress rule with specific CIDR + port range. # 3. check the table Firewall_Rules, Firewall and Traffic_type should be "Egress". self.create_vm() - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) qresultset = self.dbclient.execute("select purpose, traffic_type from firewall_rules where uuid='%s';" % self.egressruleid) self.assertEqual(isinstance(qresultset, list), True, @@ -541,7 +541,7 @@ class TestEgressFWRules(cloudstackTestCase): # 2. create egress rule with specific CIDR + port range. # 3. check the table Firewall_Rules, Firewall and Traffic_type should be "Egress". self.create_vm(egress_policy=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) qresultset = self.dbclient.execute("select purpose, traffic_type from firewall_rules where uuid='%s';" % self.egressruleid) self.assertEqual(isinstance(qresultset, list), True, @@ -583,7 +583,7 @@ class TestEgressFWRules(cloudstackTestCase): # -A FW_EGRESS_RULES -d 10.147.28.0/24 -p tcp -m tcp --dport 22 -j ACCEPT # -A FW_EGRESS_RULES -j DROP self.create_vm() - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) #TODO: Query VR for expected route rules. @@ -602,7 +602,7 @@ class TestEgressFWRules(cloudstackTestCase): # -A FW_EGRESS_RULES -d 10.147.28.0/24 -p tcp -m tcp --dport 22 -j ACCEPT # -A FW_EGRESS_RULES -j DROP self.create_vm(egress_policy=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) #TODO: Query VR for expected route rules. @@ -648,7 +648,7 @@ class TestEgressFWRules(cloudstackTestCase): # 3. login to VM. # 4. access to public network should not be successfull. self.create_vm() - self.createEgressRule(protocol='tcp', start_port=80) + self.createEgressRule(protocol='tcp', start_port=80, cidr=TestEgressFWRules.zone.guestcidraddress) self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1', "| grep -oP 'failed:'", "['failed:']", @@ -664,7 +664,7 @@ class TestEgressFWRules(cloudstackTestCase): # 3. login to VM. # 4. access to public network for tcp port 80 is blocked. self.create_vm() - self.createEgressRule(protocol='tcp', start_port=80) + self.createEgressRule(protocol='tcp', start_port=80, cidr=TestEgressFWRules.zone.guestcidraddress) self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1', "| grep -oP 'failed:'", "['failed:']", @@ -680,7 +680,7 @@ class TestEgressFWRules(cloudstackTestCase): # 2. create egress rule with specific CIDR + port range. # 3. Egress should not impact pf rule. self.create_vm(pfrule=True) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) @unittest.skip("Skip") @attr(tags=["advanced", "NotRun"]) @@ -692,7 +692,7 @@ class TestEgressFWRules(cloudstackTestCase): # 2. create egress rule with specific CIDR + port range. # 3. Egress should not impact pf rule. self.create_vm(pfrule=True, egress_policy=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) @attr(tags=["advanced", "provisioning"]) @@ -708,7 +708,7 @@ class TestEgressFWRules(cloudstackTestCase): # 4. delete egress rule. # 5. connection to public network should be reachable. self.create_vm() - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) self.exec_script_on_user_vm('ping -c 1 www.google.com', "| grep -oP \'\d+(?=% packet loss)\'", "['100']", @@ -732,7 +732,7 @@ class TestEgressFWRules(cloudstackTestCase): # 4. delete egress rule. # 5. connection to public network should not be reachable. self.create_vm(egress_policy=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) self.exec_script_on_user_vm('ping -c 1 www.google.com', "| grep -oP \'\d+(?=% packet loss)\'", "['0']", @@ -753,7 +753,7 @@ class TestEgressFWRules(cloudstackTestCase): # 2. create egress rule invalid cidr invalid port range. # 3. egress rule creation should fail. self.create_vm() - self.assertRaises(Exception, self.createEgressRule, '10.2.2.0/24') + self.assertRaises(Exception, self.createEgressRule, cidr='10.2.2.0/24') @attr(tags=["advanced", "selfservice"]) def test_10_1_egress_fr10(self): @@ -764,7 +764,7 @@ class TestEgressFWRules(cloudstackTestCase): # 2. create egress rule invalid cidr invalid port range. # 3. egress rule creation should fail. self.create_vm(egress_policy=False) - self.assertRaises(Exception, self.createEgressRule, '10.2.2.0/24') + self.assertRaises(Exception, self.createEgressRule, cidr='10.2.2.0/24') @attr(tags=["advanced", "selfservice"]) @@ -797,7 +797,7 @@ class TestEgressFWRules(cloudstackTestCase): # 3. reboot router. # 4. access to public network should not be successfull. self.create_vm() - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) self.reboot_Router() self.exec_script_on_user_vm('ping -c 1 www.google.com', "| grep -oP \'\d+(?=% packet loss)\'", @@ -814,7 +814,7 @@ class TestEgressFWRules(cloudstackTestCase): # 3. reboot router. # 4. access to public network should be successfull. self.create_vm(egress_policy=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) self.reboot_Router() self.exec_script_on_user_vm('ping -c 1 www.google.com', "| grep -oP \'\d+(?=% packet loss)\'", @@ -832,7 +832,7 @@ class TestEgressFWRules(cloudstackTestCase): # 3. All should work fine. #TODO: setup network with RR self.create_vm(RR=True) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) vm_network_id = self.virtual_machine.nic[0].networkid self.debug("Listing routers for network: %s" % vm_network_id) routers = Router.list(self.apiclient, @@ -887,7 +887,7 @@ class TestEgressFWRules(cloudstackTestCase): # 3. All should work fine. #TODO: setup network with RR self.create_vm(RR=True, egress_policy=False) - self.createEgressRule() + self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress) vm_network_id = self.virtual_machine.nic[0].networkid self.debug("Listing routers for network: %s" % vm_network_id) routers = Router.list(self.apiclient,
