def run(test, params, env):
"""
Test command: virsh nwfilter-undefine.
1) Prepare parameters.
2) Run nwfilter-undefine command.
3) Check result.
4) Clean env
"""
# Prepare parameters
filter_ref = params.get("undefine_filter_ref", "")
options_ref = params.get("undefine_options_ref", "")
status_error = params.get("status_error", "no")
# libvirt acl polkit related params
uri = params.get("virsh_uri")
unprivileged_user = params.get('unprivileged_user')
try:
if unprivileged_user:
if unprivileged_user.count('EXAMPLE'):
unprivileged_user = '******'
if not libvirt_version.version_compare(1, 1, 1):
if params.get('setup_libvirt_polkit') == 'yes':
test.cancel("API acl test not supported in current"
" libvirt version.")
# Backup filter xml
if filter_ref:
new_filter = libvirt_xml.NwfilterXML()
filterxml = new_filter.new_from_filter_dumpxml(filter_ref)
logging.debug("the filter xml is: %s" % filterxml.xmltreefile)
filter_xml = filterxml.xmltreefile.name
# Run command
cmd_result = virsh.nwfilter_undefine(
filter_ref,
options=options_ref,
unprivileged_user=unprivileged_user,
uri=uri,
ignore_status=True,
debug=True)
status = cmd_result.exit_status
# Check result
if status_error == "yes":
if status == 0:
test.fail("Run successfully with wrong command.")
elif status_error == "no":
if status:
test.fail("Run failed with right command.")
chk_result = check_list(filter_ref)
if chk_result:
test.fail("filter %s show up in filter list." % filter_ref)
finally:
# Clean env
if status == 0:
virsh.nwfilter_define(filter_xml,
options="",
ignore_status=True,
debug=True)
def run(test, params, env):
"""
Test virsh nwfilter-edit with uuid.
1) Prepare parameters.
2) Run nwfilter-edit command.
3) Check result.
4) Clean env
"""
# Prepare parameters
filter_name = params.get("edit_filter_name", "")
status_error = params.get("status_error", "no")
new_uuid = "11111111-1111-1111-1111-111111111111"
edit_cmd = ":2s/<uuid>.*$/<uuid>%s<\/uuid>/" % new_uuid
# Since commit 46a811d, the logic changed for not allow update filter
# uuid, so decide status_error with libvirt version.
if libvirt_version.version_compare(1, 2, 7):
status_error = True
else:
status_error = False
# Backup filter xml
new_filter = libvirt_xml.NwfilterXML()
filterxml = new_filter.new_from_filter_dumpxml(filter_name)
logging.debug("the filter xml is: %s" % filterxml.xmltreefile)
try:
# Run command
session = aexpect.ShellSession("sudo -s")
try:
session.sendline("virsh nwfilter-edit %s" % filter_name)
session.sendline(edit_cmd)
# Press ESC
session.send('\x1b')
# Save and quit
session.send('ZZ')
remote.handle_prompts(session, None, None, r"[\#\$]\s*$")
session.close()
if not status_error:
logging.info("Succeed to do nwfilter edit")
else:
test.fail("edit uuid should fail but got succeed.")
except (aexpect.ShellError, aexpect.ExpectError,
remote.LoginTimeoutError) as details:
log = session.get_output()
session.close()
if "Try again? [y,n,f,?]:" in log and status_error:
logging.debug("edit uuid failed as expected.")
else:
test.fail("Failed to do nwfilter-edit: %s\n%s" %
(details, log))
finally:
# Clean env
virsh.nwfilter_undefine(filter_name, debug=True)
virsh.nwfilter_define(filterxml.xml, debug=True)
def run(test, params, env):
"""
Test command: virsh nwfilter-dumpxml.
1) Prepare parameters.
2) Run dumpxml command.
3) Check result.
"""
# Prepare parameters
filter_name = params.get("dumpxml_filter_name", "")
options_ref = params.get("dumpxml_options_ref", "")
status_error = params.get("status_error", "no")
# Run command
cmd_result = virsh.nwfilter_dumpxml(filter_name, options=options_ref,
ignore_status=True, debug=True)
output = cmd_result.stdout.strip()
status = cmd_result.exit_status
# Check result
if status_error == "yes":
if status == 0:
raise error.TestFail("Run successfully with wrong command.")
elif status_error == "no":
if status:
raise error.TestFail("Run failed with right command.")
# Get uuid and name from output xml and compare with nwfilter-list
# output
new_filter = libvirt_xml.NwfilterXML()
new_filter['xml'] = output
uuid = new_filter.uuid
name = new_filter.filter_name
if check_list(uuid, name):
logging.debug("The filter with uuid %s and name %s" % (uuid, name)
+ " from nwfilter-dumpxml was found in" +
" nwfilter-list output")
else:
raise error.TestFail("The uuid %s with name %s from" % (uuid, name)
+ " nwfilter-dumpxml did not match with" +
" nwfilter-list output")
# Run command second time with uuid
cmd_result = virsh.nwfilter_dumpxml(uuid, options=options_ref,
ignore_status=True, debug=True)
output1 = cmd_result.stdout.strip()
status1 = cmd_result.exit_status
if status_error == "yes":
if status1 == 0:
raise error.TestFail("Run successfully with wrong command.")
elif status_error == "no":
if status1:
raise error.TestFail("Run failed with right command.")
if output1 != output:
raise error.TestFail("nwfilter dumpxml output was different" +
" between using filter uuid and name")
def run(test, params, env):
"""
Test update filter rules when domain is running.
1) Prepare parameters.
2) Add filter to domain interface.
3) Start domain.
4) Update filter rule and check
5) Cleanup
"""
# Prepare parameters
filter_name = params.get("filter_name", "testcase")
check_cmd = params.get("check_cmd")
expect_match = params.get("expect_match")
check_vm_cmd = params.get("check_vm_cmd")
vm_expect_match = params.get("vm_expect_match")
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
filterref_dict = {}
filterref_dict['name'] = filter_name
# backup vm xml
vmxml_backup = libvirt_xml.VMXML.new_from_inactive_dumpxml(vm_name)
new_filter = libvirt_xml.NwfilterXML()
filter_backup = new_filter.new_from_filter_dumpxml(filter_name)
try:
# Update first vm interface with filter
vmxml = libvirt_xml.VMXML.new_from_inactive_dumpxml(vm_name)
iface_xml = vmxml.get_devices('interface')[0]
vmxml.del_device(iface_xml)
new_iface = interface.Interface('network')
new_iface.xml = iface_xml.xml
new_filterref = new_iface.new_filterref(**filterref_dict)
new_iface.filterref = new_filterref
logging.debug("new interface xml is: %s" % new_iface)
vmxml.add_device(new_iface)
vmxml.sync()
# Start vm
vm.start()
session = vm.wait_for_login()
vmxml = libvirt_xml.VMXML.new_from_dumpxml(vm_name)
iface_xml = vmxml.get_devices('interface')[0]
iface_target = iface_xml.target['dev']
logging.debug("iface target dev name is %s", iface_target)
# Update filter rule by nwfilter-define
filterxml = utlv.create_nwfilter_xml(params)
# Define filter xml
virsh.nwfilter_define(filterxml.xml, debug=True)
# Check ebtables on host after filter update
if "DEVNAME" in check_cmd:
check_cmd = check_cmd.replace("DEVNAME", iface_target)
ret = utils_misc.wait_for(
lambda: not utils.system(check_cmd, ignore_status=True),
timeout=30)
if not ret:
raise error.TestFail("Rum command '%s' failed" % check_cmd)
out = utils.system_output(check_cmd, ignore_status=False)
if expect_match and not re.search(expect_match, out):
raise error.TestFail("'%s' not found in output: %s" %
(expect_match, out))
# Check in vm
if check_vm_cmd:
output = session.cmd_output(check_vm_cmd)
logging.debug("cmd output: %s", output)
if vm_expect_match and not re.search(vm_expect_match, output):
raise error.TestFail("'%s' not found in output: %s" %
(vm_expect_match, output))
finally:
# Clean env
if vm.is_alive():
vm.destroy(gracefully=False)
# Recover xml of vm.
vmxml_backup.sync()
# Restore created filter
virsh.nwfilter_undefine(filter_name, debug=True)
virsh.nwfilter_define(filter_backup.xml, debug=True)
def run(test, params, env):
"""
Test start domain with nwfilter rules.
1) Prepare parameters.
2) Prepare nwfilter rule and update domain interface to apply.
3) Start domain and check rule.
4) Clean env
"""
# Prepare parameters
filter_name = params.get("filter_name", "testcase")
bug_url = params.get("bug_url", "")
vm_name = params.get("main_vm")
if not libvirt_version.version_compare(1, 2, 6):
raise error.TestNAError("Bug %s not fixed on current build" % bug_url)
vm = env.get_vm(vm_name)
# Prepare vm filterref parameters dict list
filterref_dict = {}
filterref_dict['name'] = filter_name
# backup vm and filter xml
vmxml_backup = libvirt_xml.VMXML.new_from_inactive_dumpxml(vm_name)
backup_filter = libvirt_xml.NwfilterXML()
filterxml = backup_filter.new_from_filter_dumpxml(filter_name)
libvirtd = utils_libvirtd.LibvirtdSession()
def nwfilter_sync_loop(filter_name, filerxml):
"""
Undefine filter and redefine filter from xml in loop
"""
for i in range(2400):
virsh.nwfilter_undefine(filter_name, ignore_status=True)
time.sleep(0.1)
virsh.nwfilter_define(filterxml.xml, ignore_status=True)
def vm_start_destory_loop(vm):
"""
Start and destroy vm in loop
"""
for i in range(2400):
vm.start()
time.sleep(0.1)
vm.destroy(gracefully=False)
try:
libvirtd.start()
# Update first vm interface with filter
vmxml = libvirt_xml.VMXML.new_from_inactive_dumpxml(vm_name)
iface_xml = vmxml.get_devices('interface')[0]
vmxml.del_device(iface_xml)
new_iface = interface.Interface('network')
new_iface.xml = iface_xml.xml
new_filterref = new_iface.new_filterref(**filterref_dict)
new_iface.filterref = new_filterref
logging.debug("new interface xml is: %s" % new_iface)
vmxml.add_device(new_iface)
vmxml.sync()
filter_thread = threading.Thread(target=nwfilter_sync_loop,
args=(filter_name, filterxml))
vm_thread = threading.Thread(target=vm_start_destory_loop,
args=(vm,))
filter_thread.start()
time.sleep(0.3)
vm_thread.start()
ret = utils_misc.wait_for(lambda: not libvirtd.is_working(),
timeout=240,
step=1)
filter_thread.join()
vm_thread.join()
if ret:
raise error.TestFail("Libvirtd hang, %s" % bug_url)
finally:
libvirtd.exit()
# Clean env
if vm.is_alive():
vm.destroy(gracefully=False)
# Recover xml of vm and filter.
vmxml_backup.sync()
virsh.nwfilter_undefine(filter_name, ignore_status=True)
virsh.nwfilter_define(filterxml.xml, ignore_status=True)
def run(test, params, env):
"""
Test command: virsh nwfilter-define.
1) Prepare parameters.
2) Set options of virsh define.
3) Run define command.
4) Check result.
5) Clean env
"""
# Prepare parameters
filter_name = params.get("filter_name", "testcase")
filter_uuid = params.get("filter_uuid",
"11111111-b071-6127-b4ec-111111111111")
exist_filter = params.get("exist_filter", "no-mac-spoofing")
filter_xml = params.get("filter_create_xml_file")
options_ref = params.get("options_ref", "")
status_error = params.get("status_error", "no")
boundary_test_skip = "yes" == params.get("boundary_test_skip")
new_uuid = "yes" == params.get("new_uuid", 'no')
bug_url = params.get("bug_url")
# libvirt acl polkit related params
uri = params.get("virsh_uri")
unprivileged_user = params.get('unprivileged_user')
if unprivileged_user:
if unprivileged_user.count('EXAMPLE'):
unprivileged_user = '******'
if not libvirt_version.version_compare(1, 1, 1):
if params.get('setup_libvirt_polkit') == 'yes':
test.cancel("API acl test not supported in current"
" libvirt version.")
if exist_filter == filter_name and new_uuid:
# Since commit 46a811d, update filter with new uuid will fail.
if libvirt_version.version_compare(1, 2, 7):
status_error = 'yes'
else:
status_error = 'no'
try:
if filter_xml == "invalid-filter-xml":
tmp_xml = xml_utils.TempXMLFile()
tmp_xml.write('"<filter><<<BAD>>><\'XML</name\>'
'!@#$%^&*)>(}>}{CORRUPTE|>!</filter>')
tmp_xml.flush()
filter_xml = tmp_xml.name
logging.info("Test invalid xml is: %s" % filter_xml)
elif filter_xml:
# Create filter xml
new_filter = libvirt_xml.NwfilterXML()
filterxml_backup = new_filter.new_from_filter_dumpxml(exist_filter)
# Backup xml if only update exist filter
if exist_filter == filter_name and not new_uuid:
filter_uuid = filterxml_backup.uuid
params['filter_uuid'] = filter_uuid
filterxml = utlv.create_nwfilter_xml(params)
filterxml.xmltreefile.write(filter_xml)
# Run command
cmd_result = virsh.nwfilter_define(filter_xml,
options=options_ref,
unprivileged_user=unprivileged_user,
uri=uri,
ignore_status=True,
debug=True)
status = cmd_result.exit_status
# Check result
chk_result = check_list(filter_uuid, filter_name)
xml_path = "%s/%s.xml" % (NWFILTER_ETC_DIR, filter_name)
if status_error == "yes":
if status == 0:
if boundary_test_skip:
test.cancel("Boundary check commit 4f20943 not"
" in this libvirt build yet.")
else:
err_msg = "Run successfully with wrong command."
if bug_url:
err_msg += " Check more info in %s" % bug_url
test.fail(err_msg)
elif status_error == "no":
if status:
err_msg = "Run failed with right command."
if bug_url:
err_msg += " Check more info in %s" % bug_url
test.fail(err_msg)
if not chk_result:
test.fail("Can't find filter in nwfilter-list" + " output")
if not os.path.exists(xml_path):
test.fail("Can't find filter xml under %s" % NWFILTER_ETC_DIR)
logging.info("Dump the xml after define:")
virsh.nwfilter_dumpxml(filter_name, ignore_status=True, debug=True)
finally:
# Clean env
if exist_filter == filter_name:
logging.info("Restore exist filter: %s" % exist_filter)
virsh.nwfilter_undefine(filter_name, ignore_status=True)
virsh.nwfilter_define(filterxml_backup.xml, ignore_status=True)
else:
if chk_result:
virsh.nwfilter_undefine(filter_name, ignore_status=True)
if os.path.exists(filter_xml):
os.remove(filter_xml)
def run(test, params, env):
"""
Test command: virsh nwfilter-edit.
1) Prepare parameters.
2) Run nwfilter-edit command.
3) Check result.
4) Clean env
"""
# Prepare parameters
filter_name = params.get("edit_filter_name", "")
filter_ref = params.get("edit_filter_ref", "")
edit_priority = params.get("edit_priority", "")
extra_option = params.get("edit_extra_option", "")
status_error = params.get("status_error", "no")
status = True
edit_cmd = []
edit_cmd.append(":1s/priority=.*$/priority='" + edit_priority + "'>")
# Backup filter xml
if filter_name and filter_ref.find("invalid") == -1:
new_filter = libvirt_xml.NwfilterXML()
filterxml = new_filter.new_from_filter_dumpxml(filter_name)
logging.debug("the filter xml is: %s" % filterxml.xmltreefile)
filter_xml = filterxml.xmltreefile.name
uuid = filterxml.uuid
pre_priority = filterxml.filter_priority
# Run command
if status_error == "no":
if filter_ref == "name":
edit_filter_xml(filter_name, edit_cmd)
elif filter_ref == "uuid":
edit_filter_xml(uuid, edit_cmd)
else:
raise error.TestNAError("For positive test, edit_filter_ref cloud"
" be either 'name' or 'uuid'.")
else:
if filter_ref.find("invalid") == 0:
if extra_option == "":
filter_name = filter_ref
edit_result = virsh.nwfilter_edit(filter_name,
extra_option,
ignore_status=True,
debug=True)
if edit_result.exit_status == 0:
raise error.TestFail("nwfilter-edit should fail but succeed")
else:
logging.info("Run command failed as expected")
status = False
else:
raise error.TestNAError("For negative test, string 'invalid' is"
" required in edit_filter_ref.")
# no check and clean env if command fail
if status:
# Check result
if filter_name and filter_ref.find("invalid") == -1:
post_filter = libvirt_xml.NwfilterXML()
postxml = post_filter.new_from_filter_dumpxml(filter_name)
logging.debug("the filter xml after edit is: %s" %
postxml.xmltreefile)
post_priority = postxml.filter_priority
if pre_priority == edit_priority:
if post_priority != pre_priority:
raise error.TestFail("nwfilter-edit fail to update filter"
" priority")
else:
if post_priority == pre_priority:
raise error.TestFail("nwfilter-edit fail to update filter"
" priority")
# Clean env
if post_priority != pre_priority:
virsh.nwfilter_define(filter_xml,
options="",
ignore_status=True,
debug=True)
def run(test, params, env):
"""
Test command: virsh nwfilter-define.
1) Prepare parameters.
2) Set options of virsh define.
3) Run define command.
4) Check result.
5) Clean env
"""
# Prepare parameters
filter_name = params.get("filter_name", "testcase")
filter_chain = params.get("filter_chain", "root")
filter_priority = params.get("filter_priority", "")
filter_uuid = params.get("filter_uuid",
"5c6d49af-b071-6127-b4ec-6f8ed4b55335")
filterref = params.get("filterref")
filterref_name = params.get("filterref_name")
exist_filter = params.get("exist_filter", "no-mac-spoofing")
filter_xml = params.get("filter_create_xml_file")
options_ref = params.get("options_ref", "")
status_error = params.get("status_error", "no")
# prepare rule and protocol attributes
protocol = {}
rule_dict = {}
rule_dict_tmp = {}
# rule string should end with EOL as separator, multiple rules is supported
rule = params.get(
"rule", "rule_action=accept rule_direction=out protocol=mac EOL")
rule_list = rule.split('EOL')
for i in range(len(rule_list)):
if rule_list[i]:
attr = rule_list[i].split()
for j in range(len(attr)):
attr_list = attr[j].split('=')
rule_dict_tmp[attr_list[0]] = attr_list[1]
rule_dict[i] = rule_dict_tmp
rule_dict_tmp = {}
# process protocol parameter
for i in rule_dict.keys():
if 'protocol' not in rule_dict[i]:
# Set protocol as string 'None' as parse from cfg is
# string 'None'
protocol[i] = 'None'
else:
protocol[i] = rule_dict[i]['protocol']
rule_dict[i].pop('protocol')
if protocol[i] in PROTOCOL_TYPES:
# replace '-' with '_' in ipv6 types as '-' is not
# supposed to be in class name
if '-' in protocol[i]:
protocol[i] = protocol[i].replace('-', '_')
else:
raise error.TestFail("Given protocol type %s" % protocol[i] +
" is not in supported list %s" %
PROTOCOL_TYPES)
if filter_xml == "invalid-filter-xml":
tmp_xml = xml_utils.TempXMLFile()
tmp_xml.write('"<filter><<<BAD>>><\'XML</name\>'
'!@#$%^&*)>(}>}{CORRUPTE|>!</filter>')
tmp_xml.flush()
filter_xml = tmp_xml.name
logging.info("Test invalid xml is: %s" % filter_xml)
elif filter_xml != " ":
# Use exist xml as template with new attributes
new_filter = libvirt_xml.NwfilterXML()
filterxml = new_filter.new_from_filter_dumpxml(exist_filter)
logging.debug("the exist xml is:\n%s" % filterxml.xmltreefile)
# Backup xml if only update exist filter
if exist_filter == filter_name:
backup_xml = filterxml.xmltreefile.backup_copy()
# Set filter attribute
filterxml.filter_name = filter_name
filterxml.filter_chain = filter_chain
filterxml.filter_priority = filter_priority
filterxml.uuid = filter_uuid
if filterref:
filterxml.filterref = filterref
filterxml.filterref_name = filterref_name
# Set rule attribute
index_total = filterxml.get_rule_index()
rule = filterxml.get_rule(0)
rulexml = rule.backup_rule()
for i in range(len(rule_dict.keys())):
rulexml.rule_action = rule_dict[i].get('rule_action')
rulexml.rule_direction = rule_dict[i].get('rule_direction')
rulexml.rule_priority = rule_dict[i].get('rule_priority')
rulexml.rule_statematch = rule_dict[i].get('rule_statematch')
for j in RULE_ATTR:
if j in rule_dict[i].keys():
rule_dict[i].pop(j)
# set protocol attribute
if protocol[i] != 'None':
protocolxml = rulexml.get_protocol(protocol[i])
new_one = protocolxml.new_attr(**rule_dict[i])
protocolxml.attrs = new_one
rulexml.xmltreefile = protocolxml.xmltreefile
else:
rulexml.del_protocol()
if i <= len(index_total) - 1:
filterxml.set_rule(rulexml, i)
else:
filterxml.add_rule(rulexml)
# Reset rulexml
rulexml = rule.backup_rule()
logging.info("The xml for define is:\n%s" % filterxml.xmltreefile)
filterxml.xmltreefile.write(filter_xml)
# Run command
cmd_result = virsh.nwfilter_define(filter_xml,
options=options_ref,
ignore_status=True,
debug=True)
status = cmd_result.exit_status
# Check result
chk_result = check_list(filter_uuid, filter_name)
xml_path = "%s/%s.xml" % (NWFILTER_ETC_DIR, filter_name)
if status_error == "yes":
if status == 0:
raise error.TestFail("Run successfully with wrong command.")
elif status_error == "no":
if status:
raise error.TestFail("Run failed with right command.")
if not chk_result:
raise error.TestFail("Can't find filter in nwfilter-list output")
if not os.path.exists(xml_path):
raise error.TestFail("Can't find filter xml under %s" %
NWFILTER_ETC_DIR)
logging.info("Dump the xml after define:")
virsh.nwfilter_dumpxml(filter_name, ignore_status=True, debug=True)
# Clean env
if exist_filter == filter_name:
logging.info("Restore exist filter: %s" % exist_filter)
backup_xml.write(filter_xml)
virsh.nwfilter_define(filter_xml,
options="",
ignore_status=True,
debug=True)
else:
if chk_result:
virsh.nwfilter_undefine(filter_name,
options="",
ignore_status=True,
debug=True)
if os.path.exists(filter_xml):
os.remove(filter_xml)
def run(test, params, env):
"""
Test command: virsh nwfilter-dumpxml.
1) Prepare parameters.
2) Run dumpxml command.
3) Check result.
"""
# Prepare parameters
filter_name = params.get("dumpxml_filter_name", "")
options_ref = params.get("dumpxml_options_ref", "")
status_error = params.get("status_error", "no")
# acl polkit params
uri = params.get("virsh_uri")
unprivileged_user = params.get('unprivileged_user')
if unprivileged_user:
if unprivileged_user.count('EXAMPLE'):
unprivileged_user = '******'
if not libvirt_version.version_compare(1, 1, 1):
if params.get('setup_libvirt_polkit') == 'yes':
test.cancel("API acl test not supported in current"
" libvirt version.")
virsh_dargs = {'ignore_status': True, 'debug': True}
if params.get('setup_libvirt_polkit') == 'yes':
virsh_dargs['unprivileged_user'] = unprivileged_user
virsh_dargs['uri'] = uri
# Run command
cmd_result = virsh.nwfilter_dumpxml(filter_name,
options=options_ref,
**virsh_dargs)
output = cmd_result.stdout.strip()
status = cmd_result.exit_status
# Check result
if status_error == "yes":
if status == 0:
test.fail("Run successfully with wrong command.")
elif status_error == "no":
if status:
test.fail("Run failed with right command.")
# Get uuid and name from output xml and compare with nwfilter-list
# output
new_filter = libvirt_xml.NwfilterXML()
new_filter['xml'] = output
uuid = new_filter.uuid
name = new_filter.filter_name
if check_list(uuid, name):
logging.debug("The filter with uuid %s and name %s" %
(uuid, name) + " from nwfilter-dumpxml was found in"
" nwfilter-list output")
else:
test.fail("The uuid %s with name %s from" % (uuid, name) +
" nwfilter-dumpxml did not match with"
" nwfilter-list output")
# Run command second time with uuid
cmd_result = virsh.nwfilter_dumpxml(uuid,
options=options_ref,
**virsh_dargs)
output1 = cmd_result.stdout.strip()
status1 = cmd_result.exit_status
if status_error == "yes":
if status1 == 0:
test.fail("Run successfully with wrong command.")
elif status_error == "no":
if status1:
test.fail("Run failed with right command.")
if output1 != output:
test.fail("nwfilter dumpxml output was different" +
" between using filter uuid and name")
def run(test, params, env):
"""
Test update filter rules when domain is running.
1) Prepare parameters.
2) Add filter to domain interface.
3) Start domain.
4) Update filter rule and check
5) Cleanup
"""
# Prepare parameters
filter_name = params.get("filter_name", "testcase")
check_cmd = params.get("check_cmd")
expect_match = params.get("expect_match")
check_vm_cmd = params.get("check_vm_cmd")
vm_expect_match = params.get("vm_expect_match")
vm_name = params.get("main_vm")
vm = env.get_vm(vm_name)
filterref_dict = {}
filterref_dict['name'] = filter_name
# backup vm xml
vmxml_backup = libvirt_xml.VMXML.new_from_inactive_dumpxml(vm_name)
new_filter = libvirt_xml.NwfilterXML()
filter_backup = new_filter.new_from_filter_dumpxml(filter_name)
def clean_up_dirty_nwfilter_binding():
cmd_result = virsh.nwfilter_binding_list(debug=True)
binding_list = cmd_result.stdout_text.strip().splitlines()
binding_list = binding_list[2:]
result = []
# If binding list is not empty.
if binding_list:
for line in binding_list:
# Split on whitespace, assume 1 column
linesplit = line.split(None, 1)
result.append(linesplit[0])
logging.info("nwfilter binding list is: %s", result)
for binding_uuid in result:
try:
virsh.nwfilter_binding_delete(binding_uuid)
except Exception as e:
logging.error(
"Exception thrown while undefining nwfilter-binding: %s",
str(e))
raise
try:
# Clean up dirty nwfilter binding if there are.
clean_up_dirty_nwfilter_binding()
# Update first vm interface with filter
vmxml = libvirt_xml.VMXML.new_from_inactive_dumpxml(vm_name)
iface_xml = vmxml.get_devices('interface')[0]
vmxml.del_device(iface_xml)
new_iface = interface.Interface('network')
new_iface.xml = iface_xml.xml
new_filterref = new_iface.new_filterref(**filterref_dict)
new_iface.filterref = new_filterref
logging.debug("new interface xml is: %s" % new_iface)
vmxml.add_device(new_iface)
vmxml.sync()
# Start vm
vm.start()
session = vm.wait_for_login()
vmxml = libvirt_xml.VMXML.new_from_dumpxml(vm_name)
iface_xml = vmxml.get_devices('interface')[0]
iface_target = iface_xml.target['dev']
logging.debug("iface target dev name is %s", iface_target)
# Update filter rule by nwfilter-define
filterxml = utlv.create_nwfilter_xml(params)
# Define filter xml
virsh.nwfilter_define(filterxml.xml, debug=True)
# Check ebtables on host after filter update
if "DEVNAME" in check_cmd:
check_cmd = check_cmd.replace("DEVNAME", iface_target)
ret = utils_misc.wait_for(lambda: not process.system(
check_cmd, ignore_status=True, shell=True),
timeout=30)
if not ret:
test.fail("Rum command '%s' failed" % check_cmd)
out = astring.to_text(
process.system_output(check_cmd, ignore_status=False, shell=True))
if expect_match and not re.search(expect_match, out):
test.fail("'%s' not found in output: %s" % (expect_match, out))
# Check in vm
if check_vm_cmd:
output = session.cmd_output(check_vm_cmd)
logging.debug("cmd output: %s", output)
if vm_expect_match and not re.search(vm_expect_match, output):
test.fail("'%s' not found in output: %s" %
(vm_expect_match, output))
finally:
# Clean env
if vm.is_alive():
vm.destroy(gracefully=False)
# Recover xml of vm.
vmxml_backup.sync()
# Restore created filter
virsh.nwfilter_undefine(filter_name, debug=True)
virsh.nwfilter_define(filter_backup.xml, debug=True)
