def test_passthrough_up_to_date(self):
"""Tests PassThrough setup when configuration is up to date."""
treadmill.iptables.get_current_passthrough_rules.return_value = \
self.passthrough_rules
passthroughs = self.passthrough_rules
iptables.configure_passthrough_rules(passthroughs,
iptables.PREROUTING_PASSTHROUGH)
self.assertEquals(0,
treadmill.iptables.add_passthrough_rule.call_count)
self.assertEquals(
0, treadmill.iptables.delete_passthrough_rule.call_count)
def test_passthrough_up_to_date(self):
"""Tests PassThrough setup when configuration is up to date."""
# Disable protected-access: Test access protected members.
# pylint: disable=protected-access
treadmill.iptables._get_current_passthrough_rules.return_value = \
self.passthrough_rules
passthroughs = self.passthrough_rules
iptables.configure_passthrough_rules(passthroughs,
iptables.PREROUTING_PASSTHROUGH)
self.assertEqual(0, treadmill.iptables.add_passthrough_rule.call_count)
self.assertEqual(0,
treadmill.iptables.delete_passthrough_rule.call_count)
def test_passthrough_missing_rule(self):
"""Tests PassThrough setup when new rule needs to be created."""
treadmill.iptables.get_current_passthrough_rules.return_value = \
self.passthrough_rules
missing_rule = firewall.PassThroughRule(src_ip='10.197.19.20',
dst_ip='192.168.2.2'),
passthroughs = self.passthrough_rules | set([
missing_rule,
])
iptables.configure_passthrough_rules(passthroughs,
iptables.PREROUTING_PASSTHROUGH)
treadmill.iptables.add_passthrough_rule.assert_called_with(
missing_rule, chain=iptables.PREROUTING_PASSTHROUGH)
self.assertEquals(
0, treadmill.iptables.delete_passthrough_rule.call_count)
def test_passthrough_extra_rule(self):
"""Tests PassThrough setup when rule needs to be removed."""
treadmill.iptables.get_current_passthrough_rules.return_value = \
self.passthrough_rules
extra_rule = firewall.PassThroughRule(src_ip='10.197.19.19',
dst_ip='192.168.2.2')
passthroughs = self.passthrough_rules - set([
extra_rule,
])
iptables.configure_passthrough_rules(passthroughs,
iptables.PREROUTING_PASSTHROUGH)
self.assertEquals(0,
treadmill.iptables.add_passthrough_rule.call_count)
treadmill.iptables.delete_passthrough_rule.assert_called_with(
extra_rule, chain=iptables.PREROUTING_PASSTHROUGH)
