def test_acl_remote_group_id(self):
sg_rule = fakes.FakeSecurityGroupRule.create_one_security_group_rule({
'direction': 'ingress',
'remote_group_id': None
}).info()
ip_version = 'ip4'
sg_id = sg_rule['security_group_id']
addrset_name = ovn_utils.ovn_addrset_name(sg_id, ip_version)
match = ovn_acl.acl_remote_group_id(sg_rule, ip_version)
self.assertEqual('', match)
sg_rule['remote_group_id'] = sg_id
match = ovn_acl.acl_remote_group_id(sg_rule, ip_version)
self.assertEqual(' && ip4.src == $' + addrset_name, match)
sg_rule['direction'] = 'egress'
match = ovn_acl.acl_remote_group_id(sg_rule, ip_version)
self.assertEqual(' && ip4.dst == $' + addrset_name, match)
def test_acl_remote_group_id(self):
sg_rule = fakes.FakeSecurityGroupRule.create_one_security_group_rule({
'direction': 'ingress',
'remote_group_id': None
}).info()
ip_version = 'ip4'
sg_id = sg_rule['security_group_id']
addrset_name = ovn_utils.ovn_addrset_name(sg_id, ip_version)
match = ovn_acl.acl_remote_group_id(sg_rule, ip_version)
self.assertEqual('', match)
sg_rule['remote_group_id'] = sg_id
match = ovn_acl.acl_remote_group_id(sg_rule, ip_version)
self.assertEqual(' && ip4.src == $' + addrset_name, match)
sg_rule['direction'] = 'egress'
match = ovn_acl.acl_remote_group_id(sg_rule, ip_version)
self.assertEqual(' && ip4.dst == $' + addrset_name, match)