def test_delete_raw_rule(self):
"""Test deleting an iptable rule."""
iptables.delete_raw_rule('nat', 'OUTPUT', '-j FOO')
treadmill.subproc.check_call.assert_called_with(
['iptables', '-t', 'nat', '-D', 'OUTPUT', '-j', 'FOO']
)
def test_delete_raw_rule(self):
"""Test deleting an iptable rule."""
iptables.delete_raw_rule('nat', 'OUTPUT', '-j FOO')
treadmill.subproc.check_call.assert_called_with(
['iptables', '-t', 'nat', '-D', 'OUTPUT', '-j', 'FOO'])
treadmill.subproc.check_call.reset_mock()
treadmill.subproc.check_call.side_effect = (
treadmill.subproc.CalledProcessError(1, '1.4.7 style'))
# Should not raise
iptables.delete_raw_rule('nat', 'OUTPUT', '-j FOO')
treadmill.subproc.check_call.reset_mock()
# Should not raise
treadmill.subproc.check_call.side_effect = (
treadmill.subproc.CalledProcessError(2, '1.4.21 style'))
iptables.delete_raw_rule('nat', 'OUTPUT', '-j FOO')
treadmill.subproc.check_call.reset_mock()
treadmill.subproc.check_call.side_effect = (
treadmill.subproc.CalledProcessError(42, 'other error'))
self.assertRaises(treadmill.subproc.CalledProcessError,
iptables.delete_raw_rule, 'nat', 'OUTPUT', '-j FOO')
def wg_firewall_client_fini(devname):
"""Client firewall cleanup after disconnect.
"""
iptables.delete_raw_rule('filter', 'INPUT',
('-i {devname}'
' -j WG_INGRESS').format(devname=devname))