def test_restart_netfilter_persistent(self, mock_isfile): mock_isfile.return_value = True mgr = iptables.IPTablesManager() mgr.restart() assert self.execute.call_args_list == [ mock.call(['service', 'netfilter-persistent', 'restart'], 'sudo astara-rootwrap /etc/rootwrap.conf') ]
def test_mixed_floating_ip_versions(self): # Neutron has a bug whereby you can create a floating ip that has # mixed IP versions between the fixed and floating address. If # people create these accidentally, just ignore them (because # iptables will barf if it encounters them) mgr = iptables.IPTablesManager() config = deepcopy(CONFIG) config.floating_ips[0].fixed_ip = netaddr.IPAddress( 'fdca:3ba5:a17a:acda:f816:3eff:fe66:33b6') assert map(str, mgr._build_floating_ips(CONFIG)) == [ '-A PREROUTING -i eth1 -d 172.16.77.50 -j DNAT --to-destination 192.168.0.2', # noqa '-A PREROUTING -i eth2 -d 172.16.77.50 -j DNAT --to-destination 192.168.0.2', # noqa '-A POSTROUTING -s 192.168.0.0/24 -j PUBLIC_SNAT' ] assert mgr._build_floating_ips(config) == []
def test_complete(self): mgr = iptables.IPTablesManager() mgr.save_config(CONFIG, {'ge0': 'eth0', 'ge1': 'eth1', 'ge2': 'eth2'}) assert self.replace.call_count == 2 assert mock.call('/tmp/ip4tables.rules', '\n'.join(V4_OUTPUT) + '\n') in self.replace.call_args_list assert mock.call('/tmp/ip6tables.rules', '\n'.join(V6_OUTPUT) + '\n') in self.replace.call_args_list assert self.execute.call_args_list == [ mock.call(['mv', '/tmp/ip4tables.rules', '/etc/iptables/rules.v4'], 'sudo astara-rootwrap /etc/rootwrap.conf'), mock.call(['mv', '/tmp/ip6tables.rules', '/etc/iptables/rules.v6'], 'sudo astara-rootwrap /etc/rootwrap.conf') ]
def get_manager(): request.iptables_mgr = iptables.IPTablesManager()
def test_no_ext_port(self, fake_get_ext_net): fake_get_ext_net.return_value = None mgr = iptables.IPTablesManager() mgr.save_config(CONFIG, {'ge0': 'eth0', 'ge1': 'eth1', 'ge2': 'eth2'})
def update_firewall(self): mgr = iptables.IPTablesManager() mgr.save_config(self._config, self.ip_mgr.generic_mapping) mgr.restart()