def _test_find_last_entry(self, find_str):
filter_list = [
':neutron-filter-top - [0:0]', ':%(bn)s-FORWARD - [0:0]',
':%(bn)s-INPUT - [0:0]', ':%(bn)s-local - [0:0]',
':%(wrap)s - [0:0]', ':%(bn)s-OUTPUT - [0:0]',
'[0:0] -A FORWARD -j neutron-filter-top',
'[0:0] -A OUTPUT -j neutron-filter-top' % IPTABLES_ARG
]
filter_map = iptables_manager.make_filter_map(filter_list)
return self.iptables._find_last_entry(filter_map, find_str)
def test_make_filter_map_cidr_stripping(self):
filter_rules = ('[0:0] -A OUTPUT -j DROP',
'[0:0] -A INPUT -d 192.168.0.2/32 -j DROP',
'[0:0] -A INPUT -d 1234:31::001F/128 -j DROP',
'OUTPUT - [0:0]')
filter_map = iptables_manager.make_filter_map(filter_rules)
# make sure /128 works without CIDR
self.assertEqual(filter_rules[2],
filter_map['-A INPUT -d 1234:31::001F -j DROP'][0])
# make sure /32 works without CIDR
self.assertEqual(filter_rules[1],
filter_map['-A INPUT -d 192.168.0.2 -j DROP'][0])
def test_make_filter_map_cidr_stripping(self):
filter_rules = (
"[0:0] -A OUTPUT -j DROP",
"[0:0] -A INPUT -d 192.168.0.2/32 -j DROP",
"[0:0] -A INPUT -d 1234:31::001F/128 -j DROP",
"OUTPUT - [0:0]",
)
filter_map = iptables_manager.make_filter_map(filter_rules)
# make sure /128 works without CIDR
self.assertEqual(filter_rules[2], filter_map["-A INPUT -d 1234:31::001F -j DROP"][0])
# make sure /32 works without CIDR
self.assertEqual(filter_rules[1], filter_map["-A INPUT -d 192.168.0.2 -j DROP"][0])
def _test_find_last_entry(self, find_str):
filter_list = [':neutron-filter-top - [0:0]',
':%(bn)s-FORWARD - [0:0]',
':%(bn)s-INPUT - [0:0]',
':%(bn)s-local - [0:0]',
':%(wrap)s - [0:0]',
':%(bn)s-OUTPUT - [0:0]',
'[0:0] -A FORWARD -j neutron-filter-top',
'[0:0] -A OUTPUT -j neutron-filter-top'
% IPTABLES_ARG]
filter_map = iptables_manager.make_filter_map(filter_list)
return self.iptables._find_last_entry(filter_map, find_str)
