You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by pavanb018 <gi...@git.apache.org> on 2016/04/21 08:45:09 UTC

[GitHub] cloudstack pull request: Marvin test to verify that adding TCP por...

Github user pavanb018 commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/1183#discussion_r60532757
  
    --- Diff: test/integration/component/test_vpn_users.py ---
    @@ -451,3 +453,64 @@ def test_07_add_VPN_user_domain_admin(self):
                 self.fail("Domain admin should be allowed to create VPN user: %s" %
                                                                                 e)
             return
    +
    +    @attr(tags=["advanced", "advancedns"], required_hardware="false")
    +    def test_08_add_TCP_PF_Rule_In_VPN(self):
    +        """
    +        Test to add TCP Port Forwarding rule for specific ports(500,1701 and 4500) in VPN
    +        """
    +        # Steps for verification
    +        # 1. Enable vpn on SourceNAT IP address
    +        # 2. Configure PF with TCP ports 500,1701 and 4500. It should be allowed
    +        # Should not conflict with UPD ports used for VPN
    +
    +        vm_res = VirtualMachine.list(
    +            self.apiclient,
    +            id=self.virtual_machine.id,
    +            listall=True
    +        )
    +        self.assertEqual(
    +            validateList(vm_res)[0],
    +            PASS,
    +            "Failed to list virtual machine"
    +        )
    +        network_id = vm_res[0].nic[0].networkid
    +        src_nat_list = PublicIPAddress.list(
    +            self.apiclient,
    +            account=self.account.name,
    +            domainid=self.account.domainid,
    +            listall=True,
    +            issourcenat=True,
    +            associatednetworkid=network_id
    +        )
    +        self.assertEqual(
    +            validateList(src_nat_list)[0],
    +            PASS,
    +            "Failed to list source nat ip address"
    +        )
    +        ip = src_nat_list[0]
    +        try:
    +            Vpn.create(
    +                self.apiclient,
    +                publicipid=ip.id,
    +                account=self.account.name,
    +                domainid=self.account.domainid,
    +            )
    +        except Exception as e:
    +            self.fail("Failed to enable vpn on SourceNAT IP with error: %s" % e)
    +
    --- End diff --
    
    @sanju1010  Can you please add an assert case to confirm that the VPN is actually created ? That will make sure that the UDP ports are actually used by VPN and then same ports can be used by TCP in PF ?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---