def test_dnat_extra_rule(self): """Tests DNAT setup when rule needs to be removed.""" # Disable protected-access: Test access protected members. # pylint: disable=protected-access treadmill.iptables._get_current_dnat_rules.return_value = ( self.dnat_rules | set([ firewall.DNATRule('tcp', '172.31.81.67', 5004, '192.168.2.15', 22), ]) ) desired_rules = ( self.dnat_rules ) iptables.configure_dnat_rules( desired_rules, iptables.PREROUTING_DNAT ) self.assertEqual(0, treadmill.iptables.add_dnat_rule.call_count) treadmill.iptables.delete_dnat_rule.assert_called_with( firewall.DNATRule('tcp', '172.31.81.67', 5004, '192.168.2.15', 22), chain=iptables.PREROUTING_DNAT, )
def test_dnat_up_to_date(self): """Tests DNAT setup when configuration is up to date.""" treadmill.iptables.get_current_dnat_rules.return_value = \ self.dnat_rules redirects = self.dnat_rules iptables.configure_dnat_rules(redirects, iptables.PREROUTING_DNAT) self.assertEquals(0, treadmill.iptables.add_dnat_rule.call_count) self.assertEquals(0, treadmill.iptables.delete_dnat_rule.call_count)
def test_dnat_up_to_date(self): """Tests DNAT setup when configuration is up to date. """ # Disable protected-access: Test access protected members. # pylint: disable=protected-access treadmill.iptables._get_current_dnat_rules.return_value = \ self.dnat_rules iptables.configure_dnat_rules(self.dnat_rules, iptables.PREROUTING_DNAT) self.assertEqual(0, treadmill.iptables.add_dnat_rule.call_count) self.assertEqual(0, treadmill.iptables.delete_dnat_rule.call_count)
def test_dnat_missing_rule(self): """Tests DNAT setup when new rule needs to be created.""" treadmill.iptables.get_current_dnat_rules.return_value = \ self.dnat_rules missing_rule = firewall.DNATRule('tcp', '172.31.81.67', 5004, '192.168.2.15', 22) redirects = self.dnat_rules | set([ missing_rule, ]) iptables.configure_dnat_rules(redirects, iptables.PREROUTING_DNAT) treadmill.iptables.add_dnat_rule.assert_called_with( missing_rule, chain=iptables.PREROUTING_DNAT) self.assertEquals(0, treadmill.iptables.delete_dnat_rule.call_count)
def test_dnat_extra_rule(self): """Tests DNAT setup when rule needs to be removed.""" treadmill.iptables.get_current_dnat_rules.return_value = \ self.dnat_rules extra_rule = firewall.DNATRule('tcp', '172.31.81.67', 5003, '192.168.1.13', 22) redirects = self.dnat_rules - set([ extra_rule, ]) iptables.configure_dnat_rules(redirects, iptables.PREROUTING_DNAT) self.assertEquals(0, treadmill.iptables.add_dnat_rule.call_count) treadmill.iptables.delete_dnat_rule.assert_called_with( extra_rule, chain=iptables.PREROUTING_DNAT, )