def testStrForinet(self):
"""Test for Term._str_."""
self.naming.GetNetAddr('NTP_SERVERS').AndReturn(
[nacaddr.IP('10.0.0.1'),
nacaddr.IP('10.0.0.2')])
self.naming.GetNetAddr('INTERNAL').AndReturn([
nacaddr.IP('10.0.0.0/8'),
nacaddr.IP('172.16.0.0/12'),
nacaddr.IP('192.168.0.0/16')
])
self.naming.GetServiceByProto.return_value = ['123']
pol = policy.ParsePolicy(INET_FILTER, self.naming, False)
af = 4
for _, terms in pol.filters:
nsxv_term = nsxv.Term(terms[0], af)
rule_str = nsxv.Term.__str__(nsxv_term)
# parse xml rule and check if the values are correct
root = ET.fromstring(rule_str)
# check name and action
self.assertEqual(root.find('name').text, 'allow-ntp-request')
self.assertEqual(root.find('action').text, 'allow')
# check source address
exp_sourceaddr = ['10.0.0.1', '10.0.0.2']
for destination in root.findall('./sources/source'):
self.assertEqual((destination.find('type').text), 'Ipv4Address')
value = (destination.find('value').text)
if value not in exp_sourceaddr:
self.fail(
'IPv4Address source address not found in test_str_forinet()'
)
# check destination address
exp_destaddr = ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']
for destination in root.findall('./destinations/destination'):
self.assertEqual((destination.find('type').text), 'Ipv4Address')
value = (destination.find('value').text)
if value not in exp_destaddr:
self.fail(
'IPv4Address destination not found in test_str_forinet()')
# check protocol
protocol = int(root.find('./services/service/protocol').text)
self.assertEqual(protocol, 17)
# check source port
source_port = root.find('./services/service/sourcePort').text
self.assertEqual(source_port, '123')
# check destination port
destination_port = root.find('./services/service/destinationPort').text
self.assertEqual(destination_port, '123')
# check notes
notes = root.find('notes').text
self.assertEqual(notes, 'Allow ntp request')
self.naming.GetServiceByProto.assert_has_calls(
[mock.call('NTP', 'udp')] * 2)
def testStrForinet6(self):
"""Test for Term._str_."""
self.mox.ReplayAll()
pol = policy.ParsePolicy(INET6_FILTER, self.naming, False)
af = 6
filter_type = 'inet6'
for _, terms in pol.filters:
nsxv_term = nsxv.Term(terms[0], filter_type, af)
rule_str = nsxv.Term.__str__(nsxv_term)
# parse xml rule and check if the values are correct
root = ET.fromstring(rule_str)
# check name and action
self.assertEqual(root.find('name').text, 'test-icmpv6')
self.assertEqual(root.find('action').text, 'allow')
# check protocol and sub protocol
exp_subprotocol = [128, 129]
for service in root.findall('./services/service'):
protocol = int(service.find('protocol').text)
self.assertEqual(protocol, 58)
sub_protocol = int(service.find('subProtocol').text)
if sub_protocol not in exp_subprotocol:
self.fail('subProtocol not matched in test_str_forinet6()')
def test_ServiceToStr(self):
""" Test for Term._ServiceToStr """
proto = 6
icmp_types = []
dports = [(1024, 65535)]
spots = [(123, 123)]
nsxv_term = nsxv.Term(nsxv_mocktest.INET_TERM, 'inet')
service = nsxv_term._ServiceToString(proto, spots, dports, icmp_types)
self.assertEquals(service, '<service><protocol>6</protocol><sourcePort>123</sourcePort><destinationPort>1024-65535</destinationPort></service>')
def test_str_forinet(self):
""" Test for Term._str_ """
pol = policy.ParsePolicy(nsxv_mocktest.INET_FILTER, self.defs, False)
af = 4
for header, terms in pol.filters:
nsxv_term = nsxv.Term(terms[0], af)
rule_str = nsxv.Term.__str__(nsxv_term)
# parse xml rule and check if the values are correct
root = ET.fromstring(rule_str)
# check name and action
self.assertEqual(root.find('name').text, 'allow-ntp-request')
self.assertEqual(root.find('action').text, 'allow')
#check source address
exp_sourceaddr = ['10.0.0.1', '10.0.0.2']
for destination in root.findall('./sources/source'):
self.assertEqual((destination.find('type').text), 'Ipv4Address')
value = (destination.find('value').text)
if value not in exp_sourceaddr:
self.fail(
'IPv4Address source address not found in test_str_forinet()'
)
#check destination address
exp_destaddr = ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']
for destination in root.findall('./destinations/destination'):
self.assertEqual((destination.find('type').text), 'Ipv4Address')
value = (destination.find('value').text)
if value not in exp_destaddr:
self.fail(
'IPv4Address destination not found in test_str_forinet()')
#check protocol
protocol = int(root.find('./services/service/protocol').text)
self.assertEqual(protocol, 17)
#check source port
source_port = root.find('./services/service/sourcePort').text
self.assertEqual(source_port, '123')
# check destination port
destination_port = root.find('./services/service/destinationPort').text
self.assertEqual(destination_port, '123')
# check notes
notes = root.find('notes').text
self.assertEqual(notes, 'Allow ntp request')
def testInitForinet6(self): """Test for Term._init_.""" inet6_term = nsxv.Term(INET6_TERM, 'inet6', 6) self.assertEqual(inet6_term.af, 6) self.assertEqual(inet6_term.filter_type, 'inet6')
def testInitForinet(self): """Test for Term._init_.""" inet_term = nsxv.Term(INET_TERM, 'inet') self.assertEqual(inet_term.af, 4) self.assertEqual(inet_term.filter_type, 'inet')
def test_init_forinet6(self):
""" Test for Term._init_ """
inet6_term = nsxv.Term(nsxv_mocktest.INET6_TERM, 'inet6', 6)
self.assertEqual(inet6_term.af, 6)
self.assertEqual(inet6_term.filter_type, 'inet6')
def test_init_forinet(self):
""" Test for Term._init_ """
inet_term = nsxv.Term(nsxv_mocktest.INET_TERM, 'inet')
self.assertEqual(inet_term.af, 4)
self.assertEqual(inet_term.filter_type, 'inet')