def test_update_static_routes(self): cmd_batch_mock = mock.Mock() mock_object(vyatta_client.VRouterRestAPIClient, 'exec_cmd_batch', cmd_batch_mock) RouteRule = vyatta_utils.RouteRule routes_to_add = tuple(( RouteRule(dest_cidr='10.1.0.0/24', next_hop='192.168.1.1'), RouteRule(dest_cidr='10.2.0.0/24', next_hop='192.168.1.1'), )) routes_to_del = tuple((RouteRule(dest_cidr='10.3.0.0/24', next_hop='192.168.1.1'), )) client = self._create_client() client.update_static_routes(routes_to_add, routes_to_del) expected_batch = list() for rule in routes_to_add: cmd = vyatta_client.SetCmd( ('protocols/static/route/{0}/next-hop/{1}').format( urllib.quote_plus(rule.dest_cidr), urllib.quote_plus(rule.next_hop))) expected_batch.append(cmd) for rule in routes_to_del: cmd = vyatta_client.DeleteCmd('protocols/static/route/{0}'.format( urllib.quote_plus(rule.dest_cidr))) expected_batch.append(cmd) cmd_batch_mock.assert_called_once_with(expected_batch)
def _delete_firewall(self, ri, fw): client = self._get_vyatta_client(ri.router) cmd_list = [] # Delete zones cmd_list.append(vyatta_client.DeleteCmd("zone-policy")) # Delete firewall fw_name = vyatta_utils.get_firewall_name(ri, fw) cmd_list.append( vyatta_client.DeleteCmd(FW_NAME.format(parse.quote_plus(fw_name)))) # Delete firewall state policy cmd_list.append(vyatta_client.DeleteCmd("firewall/state-policy")) client.exec_cmd_batch(cmd_list)
def test_delete_optimizer_internal(self): fake_router_info = self._make_fake_router_info() with mock.patch.object(self.oaas_driver, '_get_vyatta_client') as mock_client_factory: mock_api = mock_client_factory.return_value self.oaas_driver._delete_optimizer(fake_router_info, self.fake_optimizer) cmds = [ vyatta_client.DeleteCmd("zone-policy"), vyatta_client.DeleteCmd( vyatta_oaas.FW_NAME.format(self.fake_optimizer_name)), vyatta_client.DeleteCmd("optimizer/state-policy"), ] mock_api.exec_cmd_batch.assert_called_once_with(cmds)
def _delete_optimizer(self, ri, opt): client = self._get_vyatta_client(ri.router) cmd_list = [] # Delete zones cmd_list.append(vyatta_client.DeleteCmd("zone-policy")) # Delete optimizer opt_name = vyatta_utils.get_optimizer_name(ri, opt) cmd_list.append( vyatta_client.DeleteCmd(FW_NAME.format( parse.quote_plus(opt_name)))) # Delete optimizer state policy cmd_list.append(vyatta_client.DeleteCmd("optimizer/state-policy")) client.exec_cmd_batch(cmd_list)
def test_configure_cmd_batch(self): client = self._create_client() cmd_list = [ vyatta_client.SetCmd('cmd1'), vyatta_client.DeleteCmd('cmd2') ] client.exec_cmd_batch(cmd_list) self.assertEqual(self._rest_mock.call_count, len(cmd_list) + 4)
def test_get_zone_cmds(self): firewall_name = 'fake_firewall0' eth_iface = 'eth0' fake_api = mock.NonCallableMock() fake_api.get_ethernet_if_id.return_value = eth_iface mac_address = '00:00:00:00:00:00' fake_apply_rule = mock.NonCallableMock() fake_apply_rule.router = { 'gw_port': { 'mac_address': mac_address }, l3_constants.INTERFACE_KEY: [{ 'mac_address': mac_address }] } trusted_zone_name = vyatta_utils.get_trusted_zone_name(fake_apply_rule) untrusted_zone_name = vyatta_utils.get_untrusted_zone_name( fake_apply_rule) cmds_actual = vyatta_utils.get_zone_cmds(fake_api, fake_apply_rule, firewall_name) cmds_expect = [ vyatta_client.DeleteCmd('zone-policy'), vyatta_client.SetCmd( vyatta_utils.ZONE_INTERFACE_CMD.format(trusted_zone_name, eth_iface)), vyatta_client.SetCmd( vyatta_utils.ZONE_INTERFACE_CMD.format(untrusted_zone_name, eth_iface)), vyatta_client.SetCmd( vyatta_utils.ZONE_FIREWALL_CMD.format( trusted_zone_name, untrusted_zone_name, parse.quote_plus(firewall_name))), vyatta_client.SetCmd( vyatta_utils.ZONE_FIREWALL_CMD.format( untrusted_zone_name, trusted_zone_name, parse.quote_plus(firewall_name))), ] self.assertEqual(cmds_expect, cmds_actual) fake_api.get_ethernet_if_id.assert_has_calls([ mock.call(mac_address), mock.call(mac_address), ])
def get_zone_cmds(rest_api, ri, opt_name): """Return zone update commands for Vyatta vRouter. Commands chain drops all zone-policy zones and create new zones based on internal interfaces and external gateway. """ cmd_list = [] # Delete the zone policies cmd_list.append(vyatta_client.DeleteCmd("zone-policy")) # Configure trusted zone trusted_zone_name = None # Add internal ports to trusted zone if l3_constants.INTERFACE_KEY in ri.router: trusted_zone_name = parse.quote_plus(get_trusted_zone_name(ri)) for port in ri.router[l3_constants.INTERFACE_KEY]: eth_if_id = rest_api.get_ethernet_if_id(port['mac_address']) cmd_list.append( vyatta_client.SetCmd( ZONE_INTERFACE_CMD.format(trusted_zone_name, eth_if_id))) # Configure untrusted zone untrusted_zone_name = get_untrusted_zone_name(ri) if untrusted_zone_name is not None: # Add external ports to untrusted zone if 'gw_port' in ri.router: gw_port = ri.router['gw_port'] eth_if_id = rest_api.get_ethernet_if_id(gw_port['mac_address']) cmd_list.append( vyatta_client.SetCmd( ZONE_INTERFACE_CMD.format(untrusted_zone_name, eth_if_id))) if trusted_zone_name is not None: # Associate optimizer to zone cmd_list.append( vyatta_client.SetCmd( ZONE_OPTIMIZER_CMD.format(trusted_zone_name, untrusted_zone_name, parse.quote_plus(opt_name)))) cmd_list.append( vyatta_client.SetCmd( ZONE_OPTIMIZER_CMD.format(untrusted_zone_name, trusted_zone_name, parse.quote_plus(opt_name)))) return cmd_list