def testStrForinet(self): """Test for Term._str_.""" self.naming.GetNetAddr.side_effect = [ [nacaddr.IP('10.0.0.1'), nacaddr.IP('10.0.0.2')], [nacaddr.IP('10.0.0.0/8'), nacaddr.IP('172.16.0.0/12'), nacaddr.IP('192.168.0.0/16')]] self.naming.GetServiceByProto.return_value = ['123'] pol = policy.ParsePolicy(INET_FILTER, self.naming, False) af = 4 for _, terms in pol.filters: nsxv_term = nsxv.Term(terms[0], af) rule_str = nsxv.Term.__str__(nsxv_term) # parse xml rule and check if the values are correct root = ET.fromstring(rule_str) # check name and action self.assertEqual(root.find('name').text, 'allow-ntp-request') self.assertEqual(root.find('action').text, 'allow') # check source address exp_sourceaddr = ['10.0.0.1', '10.0.0.2'] source_address = root.findall('./sources/source') self.assertNotEqual(len(source_address), 0) for source in source_address: self.assertEqual((source.find('type').text), 'Ipv4Address') value = (source.find('value').text) if value not in exp_sourceaddr: self.fail('IPv4Address source address not found in test_str_forinet()') # check destination address exp_destaddr = ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16'] destination_address = root.findall('./destinations/destination') self.assertNotEqual(len(destination_address), 0) for destination in destination_address: self.assertEqual((destination.find('type').text), 'Ipv4Address') value = (destination.find('value').text) if value not in exp_destaddr: self.fail('IPv4Address destination not found in test_str_forinet()') # check protocol protocol = int(root.find('./services/service/protocol').text) self.assertEqual(protocol, 17) # check source port source_port = root.find('./services/service/sourcePort').text self.assertEqual(source_port, '123') # check destination port destination_port = root.find('./services/service/destinationPort').text self.assertEqual(destination_port, '123') # check notes notes = root.find('notes').text self.assertEqual(notes, 'Allow ntp request') self.naming.GetNetAddr.assert_has_calls( [mock.call('NTP_SERVERS'), mock.call('INTERNAL')]) self.naming.GetServiceByProto.assert_has_calls( [mock.call('NTP', 'udp')] * 2)
def testServiceToStr(self): """Test for Term._ServiceToStr.""" proto = 6 icmp_types = [] dports = [(1024, 65535)] spots = [(123, 123)] nsxv_term = nsxv.Term(INET_TERM, 'inet') service = nsxv_term._ServiceToString(proto, spots, dports, icmp_types) self.assertEqual(service, '<service><protocol>6</protocol><sourcePort>' '123</sourcePort><destinationPort>1024-65535' '</destinationPort></service>')
def test_str_forinet(self): """Test for Term._str_.""" pol = policy.ParsePolicy(nsxv_mocktest.INET_FILTER, self.defs, False) af = 4 for _, terms in pol.filters: nsxv_term = nsxv.Term(terms[0], af) rule_str = nsxv.Term.__str__(nsxv_term) # parse xml rule and check if the values are correct root = ET.fromstring(rule_str) # check name and action self.assertEqual(root.find('name').text, 'allow-ntp-request') self.assertEqual(root.find('action').text, 'allow') # check source address exp_sourceaddr = ['10.0.0.1', '10.0.0.2'] for destination in root.findall('./sources/source'): self.assertEqual((destination.find('type').text), 'Ipv4Address') value = (destination.find('value').text) if value not in exp_sourceaddr: self.fail( 'IPv4Address source address not found in test_str_forinet()' ) # check destination address exp_destaddr = ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16'] for destination in root.findall('./destinations/destination'): self.assertEqual((destination.find('type').text), 'Ipv4Address') value = (destination.find('value').text) if value not in exp_destaddr: self.fail( 'IPv4Address destination not found in test_str_forinet()') # check protocol protocol = int(root.find('./services/service/protocol').text) self.assertEqual(protocol, 17) # check source port source_port = root.find('./services/service/sourcePort').text self.assertEqual(source_port, '123') # check destination port destination_port = root.find('./services/service/destinationPort').text self.assertEqual(destination_port, '123') # check notes notes = root.find('notes').text self.assertEqual(notes, 'Allow ntp request')
def testStrForinet6(self): """Test for Term._str_.""" pol = policy.ParsePolicy(INET6_FILTER, self.naming, False) af = 6 filter_type = 'inet6' for _, terms in pol.filters: nsxv_term = nsxv.Term(terms[0], filter_type, None, af) rule_str = nsxv.Term.__str__(nsxv_term) # parse xml rule and check if the values are correct root = ET.fromstring(rule_str) # check name and action self.assertEqual(root.find('name').text, 'test-icmpv6') self.assertEqual(root.find('action').text, 'allow') # check protocol and sub protocol exp_subprotocol = [128, 129] for service in root.findall('./services/service'): protocol = int(service.find('protocol').text) self.assertEqual(protocol, 58) sub_protocol = int(service.find('subProtocol').text) if sub_protocol not in exp_subprotocol: self.fail('subProtocol not matched in test_str_forinet6()')
def testInitForinet6(self): """Test for Term._init_.""" inet6_term = nsxv.Term(INET6_TERM, 'inet6', None, 6) self.assertEqual(inet6_term.af, 6) self.assertEqual(inet6_term.filter_type, 'inet6')
def testInitForinet(self): """Test for Term._init_.""" inet_term = nsxv.Term(INET_TERM, 'inet') self.assertEqual(inet_term.af, 4) self.assertEqual(inet_term.filter_type, 'inet')
def test_init_forinet6(self): """Test for Term._init_.""" inet6_term = nsxv.Term(nsxv_mocktest.INET6_TERM, 'inet6', 6) self.assertEqual(inet6_term.af, 6) self.assertEqual(inet6_term.filter_type, 'inet6')