def testNameTerms(self):
"""Test automatic naming of terms."""
a = acl.ACL()
a.terms.append(acl.Term())
a.terms.append(acl.Term())
a.terms.append(acl.Term(name='foo'))
a.name_terms()
self.assertNotEqual(a.terms[0].name, None)
self.assertNotEqual(a.terms[0].name, a.terms[1].name)
self.assertEqual(a.terms[2].name, 'foo')
def testBadActions(self):
"""Test invalid filter actions"""
t = acl.Term()
for action in ('blah', '', ('reject', 'because-I-said-so'),
('routing-instance', 'x' * 300), 'sample'):
try:
t = acl.Term(action=action)
except exceptions.ActionError:
pass
else:
self.fail('expected ActionError on "%s"' % str(action))
def setUp(self):
super(CheckOutput, self).setUp()
self.a = acl.ACL()
self.t1 = acl.Term(name='p99')
self.t1.match['protocol'] = [99]
self.t1.action = 'accept'
self.a.terms.append(self.t1)
self.t2 = acl.Term(name='windows')
self.t2.match['protocol'] = ['tcp']
self.t2.match['source-address'] = ['192.0.2.0/24']
self.t2.match['destination-port'] = range(135, 139) + [445]
self.t2.action = 'reject'
self.t2.modifiers['syslog'] = True
self.a.terms.append(self.t2)
def testEmptyAnonymousTerms(self):
"""Test inserting multiple anonymous empty terms"""
a = acl.ACL()
for i in range(5):
a.terms.append(acl.Term())
self.assertEqual(a.terms[i].name, None)
self.assertEqual(len(a.terms), 5)
def testBadMatches(self):
"""Test invalid match conditions"""
t = acl.Term()
# Valid match type with invalid arg.
try:
t.match['fragment-offset'] = [65536]
except exceptions.BadMatchArgRange:
pass
else:
self.fail('expected MatchError')
# Valid match type with non-list argument.
try:
t.match['fragment-offset'] = 0
except TypeError:
pass
else:
self.fail('expected MatchError')
# Valid match type with null arg.
try:
t.match['protocol'] = None
except exceptions.MatchError:
pass
else:
self.fail('expected MatchError')
# Invalid match type.
try:
t.match['boogaloo'] = 1337
except exceptions.MatchError:
pass
else:
self.fail('expected MatchError')
def testICMPRanges(self):
"""Test ICMP range conversions into IOS format."""
types = [1, 111, 112, 113]
t = acl.Term()
t.match['protocol'] = ['icmp']
t.match['icmp-type'] = types
self.assertEqual(t.output_ios(),
map(lambda x: 'permit icmp any any %d' % x, types))
def testOkActions(self):
"""Test valid filter actions"""
for action in (('next', 'term'), ('routing-instance', 'blah'),
('reject', 'tcp-reset'), 'accept', 'discard'):
t = acl.Term(action=action)
if isinstance(action, tuple):
self.assertEqual(t.action, action)
else:
self.assertEqual(t.action, (action, ))
t = acl.Term(action=(action, ))
self.assertEqual(t.action, (action, ))
for action in ('deny', 'reject', ('reject',
'administratively-prohibited')):
t = acl.Term(action=action)
self.assertEqual(t.action, ('reject', ))
t = acl.Term(action='permit')
self.assertEqual(t.action, ('accept', ))
def testEmptyNamedTerms(self):
"""Test inserting multiple anonymous named terms"""
a = acl.ACL()
for i in range(5):
name = 'term' + str(i)
a.terms.append(acl.Term(name))
self.assertEqual(a.terms[i].name, name)
self.assertEqual(len(a.terms), 5)
def testBadNames(self):
"""Test invalid JunOS term names"""
for name in ('', 'x' * 300):
try:
t = acl.Term(name=name)
except exceptions.BadTermName:
pass
else:
self.fail('expected BadTermNameon "' + name + '"')
def testBadModifiers(self):
"""Test invalid filter action modifiers"""
for action in (('count', ''), ('count', ), 'count', ('count', 'a-b-c'),
('loss-priority', '17'), ('sample', 'abc')):
try:
t = acl.Term(action=action)
except exceptions.ActionError:
pass
else:
self.fail('expected ActionError on "%s"' % str(action))
def testOkModifiers(self):
"""Test valid filter action modifiers"""
t = acl.Term(action='discard')
for action in (('count', 'abc'), ('forwarding-class', 'abc'),
('ipsec-sa', 'abc'), 'log', ('loss-priority', 'low'),
('policer', 'abc'), 'sample', 'syslog'):
t.set_action_or_modifier(action)
if isinstance(action, tuple):
self.assertEqual(t.modifiers[action[0]], action[1])
else:
self.assertEqual(t.modifiers[action], None)
t.set_action_or_modifier((action, ))
self.assertEqual(t.modifiers[action], None)
# Make sure none of these modified the primary action.
self.assertEqual(t.action, ('discard', ))
def testOkMatches(self):
"""Test valid match conditions"""
t = acl.Term()
t.match['destination-port'] = [25]
self.assertEqual(t.match['destination-port'], [25])
t.match['destination-port'] = range(100, 200)
self.assertEqual(t.match['destination-port'], [(100, 199)])
t.match['source-port'] = ['tftp']
self.assertEqual(t.match['source-port'], [69])
t.match['protocol'] = ['ospf', 6, 17]
self.assertEqual(t.match['protocol'], [6, 17, 89])
t.match['fragment-offset'] = [1337]
self.assertEqual(t.match['fragment-offset'], [1337])
t.match['icmp-type'] = ['unreachable']
self.assertEqual(t.match['icmp-type'], [3])
t.match['destination-address'] = ['192.0.2.0/24']
self.assertEqual(str(t.match['destination-address'][0]),
'192.0.2.0/24')
t.match['source-prefix-list'] = ['blah']
self.assertEqual(t.match['source-prefix-list'], ['blah'])
def testCounterSuppression(self):
"""Test suppression of counters in IOS (since they are implicit)."""
t = acl.Term()
t.modifiers['count'] = 'xyz'
t.output_ios() # should not raise VendorSupportLacking
def testPacketLengthString(self):
"""Test packet-length as a string."""
# Previous bug failed to parse this into an integer.
t = acl.Term()
t.match['packet-length'] = ['40']
self.assertEqual(t.match['packet-length'], [40])
def testMissingTermName(self):
"""Test conversion of anonymous terms to JunOS format"""
self.assertRaises(exceptions.MissingTermName, acl.Term().output_junos)
def testOkNames(self):
"""Test valid JunOS term names"""
for name in ('101', 'T1337', 'sr12345', '3.1415926'):
t = acl.Term(name=name)
