def test_add_rule_priority_table_iif(self):
table = 213
priority = 12346
iif = 'iif_device_2'
priv_ip_lib.create_interface(iif, self.namespace, 'dummy')
priv_ip_lib.add_ip_rule(self.namespace,
priority=priority,
iifname=iif,
table=table)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(
rules, ['priority', 'iif', 'table'],
[str(priority), iif, str(table)],
'priority %s, table %s and iif name %s' % (priority, table, iif))
priv_ip_lib.delete_ip_rule(self.namespace,
priority=priority,
iifname=iif,
table=table)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self.assertFalse(
self._check_rules(
rules, ['priority', 'iif', 'table'],
[str(priority), iif, str(table)],
raise_exception=False))
def test_add_rule_table(self):
table = 212
ip_addresses = ['192.168.200.251', '2001::251']
for ip_address in ip_addresses:
ip_version = common_utils.get_ip_version(ip_address)
ip_lenght = common_utils.get_network_length(ip_version)
ip_family = common_utils.get_socket_address_family(ip_version)
priv_ip_lib.add_ip_rule(self.namespace,
table=table,
src=ip_address,
src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self._check_rules(
rules, ['table', 'from'], [str(table), ip_address],
'table %s and "from" IP address %s' % (table, ip_address))
priv_ip_lib.delete_ip_rule(self.namespace,
table=table,
src=ip_address,
src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self.assertFalse(
self._check_rules(rules, ['table', 'from'],
[str(table), ip_address],
raise_exception=False))
def test_add_rule_priority(self):
priority = 12345
ip_addresses = ['192.168.200.252', '2001::252']
for ip_address in ip_addresses:
ip_version = common_utils.get_ip_version(ip_address)
ip_lenght = common_utils.get_network_length(ip_version)
ip_family = common_utils.get_socket_address_family(ip_version)
priv_ip_lib.add_ip_rule(self.namespace,
priority=priority,
src=ip_address,
src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self._check_rules(
rules, ['priority', 'from'], [str(priority), ip_address],
'priority %s and "from" IP address %s' %
(priority, ip_address))
priv_ip_lib.delete_ip_rule(self.namespace,
priority=priority,
src=ip_address,
src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self.assertFalse(
self._check_rules(rules, ['priority', 'from'],
[str(priority), ip_address],
raise_exception=False))
def test_add_rule_iif(self):
iif = 'iif_device_1'
priv_ip_lib.create_interface(iif, self.namespace, 'dummy')
priv_ip_lib.add_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(rules, ['iif'], [iif], 'iif name %s' % iif)
priv_ip_lib.delete_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self.assertFalse(
self._check_rules(rules, ['iif'], [iif], raise_exception=False))
def test_add_rule_iif(self):
iif = 'iif_device_1'
priv_ip_lib.create_interface(iif, self.namespace, 'dummy')
priv_ip_lib.add_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(rules, ['iif'], [iif], 'iif name %s' % iif)
priv_ip_lib.delete_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self.assertFalse(
self._check_rules(rules, ['iif'], [iif], raise_exception=False))
def test_add_rule_exists(self):
iif = 'iif_device_1'
priv_ip_lib.create_interface(iif, self.namespace, 'dummy')
priv_ip_lib.add_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(rules, ['iif'], [iif], 'iif name %s' % iif)
self.assertEqual(4, len(rules))
# pyroute2.netlink.exceptions.NetlinkError(17, 'File exists')
# exception is catch.
priv_ip_lib.add_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(rules, ['iif'], [iif], 'iif name %s' % iif)
self.assertEqual(4, len(rules))
def test_add_rule_exists(self):
iif = 'iif_device_1'
priv_ip_lib.create_interface(iif, self.namespace, 'dummy')
priv_ip_lib.add_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(rules, ['iif'], [iif], 'iif name %s' % iif)
self.assertEqual(4, len(rules))
# pyroute2.netlink.exceptions.NetlinkError(17, 'File exists')
# exception is catch.
priv_ip_lib.add_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(rules, ['iif'], [iif], 'iif name %s' % iif)
self.assertEqual(4, len(rules))
def test_add_rule_ip(self):
ip_addresses = ['192.168.200.250', '2001::250']
for ip_address in ip_addresses:
ip_version = common_utils.get_ip_version(ip_address)
ip_lenght = common_utils.get_network_length(ip_version)
ip_family = common_utils.get_socket_address_family(ip_version)
priv_ip_lib.add_ip_rule(self.namespace, src=ip_address,
src_len=ip_lenght, family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self._check_rules(rules, ['from'], [ip_address],
'"from" IP address %s' % ip_address)
priv_ip_lib.delete_ip_rule(self.namespace, family=ip_family,
src=ip_address, src_len=ip_lenght)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self.assertFalse(
self._check_rules(rules, ['from'], [ip_address],
raise_exception=False))
def get_fip_table_indexes(self, ip_version):
ip_rules_list = ip_lib.list_ip_rules(self.get_name(), ip_version)
tbl_index_list = []
for ip_rule in ip_rules_list:
tbl_index = ip_rule['table']
if tbl_index in ['local', 'default', 'main']:
continue
tbl_index_list.append(tbl_index)
return tbl_index_list
def get_fip_table_indexes(self, ip_version):
ip_rules_list = ip_lib.list_ip_rules(self.get_name(), ip_version)
tbl_index_list = []
for ip_rule in ip_rules_list:
tbl_index = ip_rule['table']
if tbl_index in ['local', 'default', 'main']:
continue
tbl_index_list.append(tbl_index)
return tbl_index_list
def test_add_rule_priority_table_iif(self):
table = 213
priority = 12346
iif = 'iif_device_2'
priv_ip_lib.create_interface(iif, self.namespace, 'dummy')
priv_ip_lib.add_ip_rule(self.namespace, priority=priority, iifname=iif,
table=table)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(
rules, ['priority', 'iif', 'table'],
[str(priority), iif, str(table)],
'priority %s, table %s and iif name %s' % (priority, table, iif))
priv_ip_lib.delete_ip_rule(self.namespace, priority=priority,
iifname=iif, table=table)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self.assertFalse(
self._check_rules(rules, ['priority', 'iif', 'table'],
[str(priority), iif, str(table)],
raise_exception=False))
def test_add_rule_table(self):
table = 212
ip_addresses = ['192.168.200.251', '2001::251']
for ip_address in ip_addresses:
ip_version = common_utils.get_ip_version(ip_address)
ip_lenght = common_utils.get_network_length(ip_version)
ip_family = common_utils.get_socket_address_family(ip_version)
priv_ip_lib.add_ip_rule(self.namespace, table=table,
src=ip_address, src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self._check_rules(
rules, ['table', 'from'], [str(table), ip_address],
'table %s and "from" IP address %s' % (table, ip_address))
priv_ip_lib.delete_ip_rule(self.namespace, table=table,
src=ip_address, src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self.assertFalse(
self._check_rules(rules, ['table', 'from'],
[str(table), ip_address],
raise_exception=False))
def test_add_rule_priority(self):
priority = 12345
ip_addresses = ['192.168.200.252', '2001::252']
for ip_address in ip_addresses:
ip_version = common_utils.get_ip_version(ip_address)
ip_lenght = common_utils.get_network_length(ip_version)
ip_family = common_utils.get_socket_address_family(ip_version)
priv_ip_lib.add_ip_rule(self.namespace, priority=priority,
src=ip_address, src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self._check_rules(
rules, ['priority', 'from'], [str(priority), ip_address],
'priority %s and "from" IP address %s' %
(priority, ip_address))
priv_ip_lib.delete_ip_rule(self.namespace, priority=priority,
src=ip_address, src_len=ip_lenght,
family=ip_family)
rules = ip_lib.list_ip_rules(self.namespace, ip_version)
self.assertFalse(
self._check_rules(rules, ['priority', 'from'],
[str(priority), ip_address],
raise_exception=False))
def _stale_ip_rule_cleanup(self, namespace, ns_ipd, ip_version):
ip_rules_list = ip_lib.list_ip_rules(namespace, ip_version)
snat_table_list = []
for ip_rule in ip_rules_list:
snat_table = ip_rule['table']
priority = ip_rule['priority']
if snat_table in ['local', 'default', 'main']:
continue
if (ip_version == lib_constants.IP_VERSION_4 and
snat_table in range(dvr_fip_ns.FIP_PR_START,
dvr_fip_ns.FIP_PR_END)):
continue
gateway_cidr = ip_rule['from']
ip_lib.delete_ip_rule(namespace, ip=gateway_cidr, table=snat_table,
priority=priority)
snat_table_list.append(snat_table)
for tb in snat_table_list:
ns_ipd.route.flush(ip_version, table=tb)
def _stale_ip_rule_cleanup(self, namespace, ns_ipd, ip_version):
ip_rules_list = ip_lib.list_ip_rules(namespace, ip_version)
snat_table_list = []
for ip_rule in ip_rules_list:
snat_table = ip_rule['table']
priority = ip_rule['priority']
if snat_table in ['local', 'default', 'main']:
continue
if (ip_version == lib_constants.IP_VERSION_4 and
snat_table in range(dvr_fip_ns.FIP_PR_START,
dvr_fip_ns.FIP_PR_END)):
continue
gateway_cidr = ip_rule['from']
ip_lib.delete_ip_rule(namespace, ip=gateway_cidr, table=snat_table,
priority=priority)
snat_table_list.append(snat_table)
for tb in snat_table_list:
ns_ipd.route.flush(ip_version, table=tb)
def _cleanup_unused_fip_ip_rules(self):
if not self.router_namespace.exists():
# It could be a new router, thus the namespace is not created yet.
return
ip_rules = ip_lib.list_ip_rules(self.ns_name,
lib_constants.IP_VERSION_4)
ip_rules = [
ipr for ipr in ip_rules if ipr['table'] == dvr_fip_ns.FIP_RT_TBL
]
for ip_rule in ip_rules:
for fixed_ip, rule_pr in self.floating_ips_dict.values():
if (ip_rule['from'] == fixed_ip
and ip_rule['priority'] == rule_pr):
break
else:
ip_lib.delete_ip_rule(self.ns_name,
ip_rule['from'],
table=dvr_fip_ns.FIP_RT_TBL,
priority=ip_rule['priority'])
def test_rules_lifecycle(self):
PRIORITY = 32768
TABLE = 16
attr = self.generate_device_details()
device = self.manage_device(attr)
test_cases = {
constants.IP_VERSION_4: [{
'ip': '1.1.1.1',
'to': '8.8.8.0/24'
}, {
'ip': '1.1.1.1',
'iif': device.name,
'to': '7.7.7.0/24'
}],
constants.IP_VERSION_6: [{
'ip': 'abcd::1',
'to': '1234::/64'
}, {
'ip': 'abcd::1',
'iif': device.name,
'to': '4567::/64'
}]
}
expected_rules = {
constants.IP_VERSION_4: [{
'from': '1.1.1.1',
'to': '8.8.8.0/24',
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast'
}, {
'from': '0.0.0.0/0',
'to': '7.7.7.0/24',
'iif': device.name,
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast'
}],
constants.IP_VERSION_6: [{
'from': 'abcd::1',
'to': '1234::/64',
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast'
}, {
'from': '::/0',
'to': '4567::/64',
'iif': device.name,
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast',
}]
}
for ip_version, test_case in test_cases.items():
for rule in test_case:
ip_lib.add_ip_rule(namespace=device.namespace,
table=TABLE,
priority=PRIORITY,
**rule)
rules = ip_lib.list_ip_rules(device.namespace, ip_version)
for expected_rule in expected_rules[ip_version]:
self.assertIn(expected_rule, rules)
for rule in test_case:
ip_lib.delete_ip_rule(device.namespace,
table=TABLE,
priority=PRIORITY,
**rule)
rules = priv_ip_lib.list_ip_rules(device.namespace, ip_version)
for expected_rule in expected_rules[ip_version]:
self.assertNotIn(expected_rule, rules)
def test_rules_lifecycle(self):
PRIORITY = 32768
TABLE = 16
attr = self.generate_device_details()
device = self.manage_device(attr)
test_cases = {
constants.IP_VERSION_4: [
{
'ip': '1.1.1.1',
'to': '8.8.8.0/24'
},
{
'ip': '1.1.1.1',
'iif': device.name,
'to': '7.7.7.0/24'
}
],
constants.IP_VERSION_6: [
{
'ip': 'abcd::1',
'to': '1234::/64'
},
{
'ip': 'abcd::1',
'iif': device.name,
'to': '4567::/64'
}
]
}
expected_rules = {
constants.IP_VERSION_4: [
{
'from': '1.1.1.1',
'to': '8.8.8.0/24',
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast'
}, {
'from': '0.0.0.0/0',
'to': '7.7.7.0/24',
'iif': device.name,
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast'
}
],
constants.IP_VERSION_6: [
{
'from': 'abcd::1',
'to': '1234::/64',
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast'
},
{
'from': '::/0',
'to': '4567::/64',
'iif': device.name,
'priority': str(PRIORITY),
'table': str(TABLE),
'type': 'unicast',
}
]
}
for ip_version, test_case in test_cases.items():
for rule in test_case:
ip_lib.add_ip_rule(namespace=device.namespace, table=TABLE,
priority=PRIORITY, **rule)
rules = ip_lib.list_ip_rules(device.namespace, ip_version)
for expected_rule in expected_rules[ip_version]:
self.assertIn(expected_rule, rules)
for rule in test_case:
ip_lib.delete_ip_rule(device.namespace, table=TABLE,
priority=PRIORITY, **rule)
rules = priv_ip_lib.list_ip_rules(device.namespace, ip_version)
for expected_rule in expected_rules[ip_version]:
self.assertNotIn(expected_rule, rules)
def test_add_rule_iif(self):
iif = 'iif_device_1'
priv_ip_lib.create_interface(iif, self.namespace, 'dummy')
priv_ip_lib.add_ip_rule(self.namespace, iifname=iif)
rules = ip_lib.list_ip_rules(self.namespace, 4)
self._check_rules(rules, ['iif'], [iif], 'iif name %s' % iif)
