You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ni...@apache.org on 2014/07/29 19:50:50 UTC
git commit: updated refs/heads/master to e8486df
Repository: cloudstack
Updated Branches:
refs/heads/master ecf100e4e -> e8486dfca
18 Test cases in the test_egress_fw_rules.py script fails if the guest network is any network other than 10.1.1.0/24 network. The script assumes the guest network to be 10.1.1.0/24 network. Added code to the test suite so that the test cases will work for isolated guest network with any network cidr.
Signed-off-by: Nitin Mehta <ni...@citrix.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e8486dfc
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e8486dfc
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e8486dfc
Branch: refs/heads/master
Commit: e8486dfcaa6b42b549f631e5e00f85cfc71c3969
Parents: ecf100e
Author: Chandan Purushothama <Ch...@citrix.com>
Authored: Tue Jul 29 10:49:12 2014 -0700
Committer: Nitin Mehta <ni...@citrix.com>
Committed: Tue Jul 29 10:50:32 2014 -0700
----------------------------------------------------------------------
.../component/test_egress_fw_rules.py | 40 ++++++++++----------
1 file changed, 20 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e8486dfc/test/integration/component/test_egress_fw_rules.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_egress_fw_rules.py b/test/integration/component/test_egress_fw_rules.py
old mode 100644
new mode 100755
index 4b4b6ee..e6960b2
--- a/test/integration/component/test_egress_fw_rules.py
+++ b/test/integration/component/test_egress_fw_rules.py
@@ -430,7 +430,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 4. ping public network.
# 5. public network should not be reachable from the VM.
self.create_vm()
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
self.exec_script_on_user_vm('ping -c 1 www.google.com',
"| grep -oP \'\d+(?=% packet loss)\'",
"['100']",
@@ -447,7 +447,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 5. ping public network.
# 6. public network should be reachable from the VM.
self.create_vm(egress_policy=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
self.exec_script_on_user_vm('ping -c 1 www.google.com',
"| grep -oP \'\d+(?=% packet loss)\'",
"['0']",
@@ -467,7 +467,7 @@ class TestEgressFWRules(cloudstackTestCase):
"| grep -oP \'\d+(?=% packet loss)\'",
"['0']",
negative_test=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
#Egress rule is set for ICMP other traffic is allowed
self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1',
"| grep -oP 'failed:'",
@@ -488,7 +488,7 @@ class TestEgressFWRules(cloudstackTestCase):
"| grep -oP \'\d+(?=% packet loss)\'",
"['100']",
negative_test=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
#Egress rule is set for ICMP other traffic is not allowed
self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1',
"| grep -oP 'failed:'",
@@ -504,7 +504,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 2. create egress rule with specific CIDR + port range.
# 3. check the table Firewall_Rules, Firewall and Traffic_type should be "Egress".
self.create_vm()
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
qresultset = self.dbclient.execute("select purpose, traffic_type from firewall_rules where uuid='%s';" % self.egressruleid)
self.assertEqual(isinstance(qresultset, list),
True,
@@ -541,7 +541,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 2. create egress rule with specific CIDR + port range.
# 3. check the table Firewall_Rules, Firewall and Traffic_type should be "Egress".
self.create_vm(egress_policy=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
qresultset = self.dbclient.execute("select purpose, traffic_type from firewall_rules where uuid='%s';" % self.egressruleid)
self.assertEqual(isinstance(qresultset, list),
True,
@@ -583,7 +583,7 @@ class TestEgressFWRules(cloudstackTestCase):
# -A FW_EGRESS_RULES -d 10.147.28.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
# -A FW_EGRESS_RULES -j DROP
self.create_vm()
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
#TODO: Query VR for expected route rules.
@@ -602,7 +602,7 @@ class TestEgressFWRules(cloudstackTestCase):
# -A FW_EGRESS_RULES -d 10.147.28.0/24 -p tcp -m tcp --dport 22 -j ACCEPT
# -A FW_EGRESS_RULES -j DROP
self.create_vm(egress_policy=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
#TODO: Query VR for expected route rules.
@@ -648,7 +648,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 3. login to VM.
# 4. access to public network should not be successfull.
self.create_vm()
- self.createEgressRule(protocol='tcp', start_port=80)
+ self.createEgressRule(protocol='tcp', start_port=80, cidr=TestEgressFWRules.zone.guestcidraddress)
self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1',
"| grep -oP 'failed:'",
"['failed:']",
@@ -664,7 +664,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 3. login to VM.
# 4. access to public network for tcp port 80 is blocked.
self.create_vm()
- self.createEgressRule(protocol='tcp', start_port=80)
+ self.createEgressRule(protocol='tcp', start_port=80, cidr=TestEgressFWRules.zone.guestcidraddress)
self.exec_script_on_user_vm(' wget -t1 http://apache.claz.org/favicon.ico 2>&1',
"| grep -oP 'failed:'",
"['failed:']",
@@ -680,7 +680,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 2. create egress rule with specific CIDR + port range.
# 3. Egress should not impact pf rule.
self.create_vm(pfrule=True)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
@unittest.skip("Skip")
@attr(tags=["advanced", "NotRun"])
@@ -692,7 +692,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 2. create egress rule with specific CIDR + port range.
# 3. Egress should not impact pf rule.
self.create_vm(pfrule=True, egress_policy=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
@attr(tags=["advanced", "provisioning"])
@@ -708,7 +708,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 4. delete egress rule.
# 5. connection to public network should be reachable.
self.create_vm()
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
self.exec_script_on_user_vm('ping -c 1 www.google.com',
"| grep -oP \'\d+(?=% packet loss)\'",
"['100']",
@@ -732,7 +732,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 4. delete egress rule.
# 5. connection to public network should not be reachable.
self.create_vm(egress_policy=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
self.exec_script_on_user_vm('ping -c 1 www.google.com',
"| grep -oP \'\d+(?=% packet loss)\'",
"['0']",
@@ -753,7 +753,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 2. create egress rule invalid cidr invalid port range.
# 3. egress rule creation should fail.
self.create_vm()
- self.assertRaises(Exception, self.createEgressRule, '10.2.2.0/24')
+ self.assertRaises(Exception, self.createEgressRule, cidr='10.2.2.0/24')
@attr(tags=["advanced", "selfservice"])
def test_10_1_egress_fr10(self):
@@ -764,7 +764,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 2. create egress rule invalid cidr invalid port range.
# 3. egress rule creation should fail.
self.create_vm(egress_policy=False)
- self.assertRaises(Exception, self.createEgressRule, '10.2.2.0/24')
+ self.assertRaises(Exception, self.createEgressRule, cidr='10.2.2.0/24')
@attr(tags=["advanced", "selfservice"])
@@ -797,7 +797,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 3. reboot router.
# 4. access to public network should not be successfull.
self.create_vm()
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
self.reboot_Router()
self.exec_script_on_user_vm('ping -c 1 www.google.com',
"| grep -oP \'\d+(?=% packet loss)\'",
@@ -814,7 +814,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 3. reboot router.
# 4. access to public network should be successfull.
self.create_vm(egress_policy=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
self.reboot_Router()
self.exec_script_on_user_vm('ping -c 1 www.google.com',
"| grep -oP \'\d+(?=% packet loss)\'",
@@ -832,7 +832,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 3. All should work fine.
#TODO: setup network with RR
self.create_vm(RR=True)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
vm_network_id = self.virtual_machine.nic[0].networkid
self.debug("Listing routers for network: %s" % vm_network_id)
routers = Router.list(self.apiclient,
@@ -887,7 +887,7 @@ class TestEgressFWRules(cloudstackTestCase):
# 3. All should work fine.
#TODO: setup network with RR
self.create_vm(RR=True, egress_policy=False)
- self.createEgressRule()
+ self.createEgressRule(cidr=TestEgressFWRules.zone.guestcidraddress)
vm_network_id = self.virtual_machine.nic[0].networkid
self.debug("Listing routers for network: %s" % vm_network_id)
routers = Router.list(self.apiclient,