def test_custom_bgp_communities_ok(self): """{}: custom BGP communities""" clients_config = [ "clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222", " ip: 192.0.2.21", " cfg:", " attach_custom_communities:" ] yaml_lines = clients_config + [ " - test1", " - test2", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", " custom_communities:", " test1:", " std: '1:1'" ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(yaml_lines)) self._contains_err( "The custom BGP community test2 referenced on client AS222 192.0.2.21 is not declared on the general configuration." ) yaml_lines = clients_config + [ " - test1", ] self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(yaml_lines)) self._contains_err()
def test_multiple_ip_addresses(self): """{}: clients with multiple IP addresses""" clients_config = [ "clients:", " - asn: 111", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::11'", " - asn: 222", " ip:", " - '192.0.2.21'", " - '2001:db8:1:1::21'", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err() # Duplicate address. clients_config = [ "clients:", " - asn: 111", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::11'", " - asn: 222", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::21'", ] self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err("Duplicate IP address found: 192.0.2.11")
def test_global_only_option(self): """{}: global only option""" clients_config = [ "clients:", " - asn: 222", " ip: 192.0.2.21", " cfg:", " filtering:", " irrdb:", " allow_longer_prefixes: True" ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err( "Unknown statement at 'clients.cfg.filtering.irrdb' level: 'allow_longer_prefixes'" )
def test_blackhole_filtering_propagation(self): """{}: inherit from general cfg - blackhole filtering""" clients_config = [ "clients:", " - asn: 111", " ip: 192.0.2.11", " cfg:", " blackhole_filtering:", " - asn: 222", " ip: 192.0.2.21", " cfg:", " blackhole_filtering:", " announce_to_client: True", " - asn: 333", " ip: 192.0.2.31", " cfg:", " blackhole_filtering:", " announce_to_client: False", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self.cfg.parse() self._contains_err() self.assertIs(general["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[0] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[1] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[2] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False) # ------------------------ general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", " blackhole_filtering:", " announce_to_client: False" ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self.cfg.parse() self._contains_err() self.assertTrue( general["blackhole_filtering"]["announce_to_client"] is False) client = self.cfg[0] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False) client = self.cfg[1] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[2] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False)
class TestConfigParserClients(TestConfigParserBase): FILE_PATH = "config.d/clients.yml" CONFIG_PARSER_CLASS = ConfigParserClients SHORT_DESCR = "Clients config parser" def test_valid_cfg(self): """{}: valid configuration""" self._contains_err() def test_unknown_statement(self): """{}: unknown statement""" self.cfg[0]["test"] = "test" self._contains_err("Unknown statement at 'clients' level: 'test'.") def test_as(self): """{}: AS number""" for v in (-1, 0, "test"): self.cfg[0]["asn"] = v self._contains_err( "Error parsing 'asn' at 'clients' level - Invalid ASN: {}.". format(v)) def test_ip(self): """{}: IP address""" for v in ("192.0.2.1/24", "2001:db8::1/64"): self.cfg[0]["ip"] = v self._contains_err( "Error parsing 'ip' at 'clients' level - Invalid IP address: {}." .format(v)) for v in ("192.0.2.1", "10.0.1.1", "1.2.3.4", "fe80::1", "2001:DB8::1"): self.cfg[0]["ip"] = v self._contains_err() def test_duplicate_ip(self): """{}: duplicate IP addresses""" self.cfg[0]["ip"] = "192.0.2.1" self.cfg[1]["ip"] = self.cfg[0]["ip"] self._contains_err("Duplicate IP address found: 192.0.2.1.") def test_next_hop_policy_no_authorized_addresses_with_list(self): """{}: next_hop.policy != authorized_addresses, list given""" self.cfg[0]["cfg"]["filtering"]["next_hop"]["policy"] = "strict" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "authorized_addresses_list"] = ["192.168.0.1"] self._contains_err( "AS3333 192.0.2.11 is not 'authorized_addresses' but the 'authorized_addresses_list' option is set" ) def test_next_hop_policy_authorized_addresses_empty(self): """{}: next_hop.policy authorized_addresses, empty list""" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "policy"] = "authorized_addresses" self._contains_err( "set to 'authorized_addresses' but the list of authorized IP addresses ('authorized_addresses_list') is empty" ) def test_next_hop_policy_authorized_addresses_invalid(self): """{}: next_hop.policy authorized_addresses, invalid list""" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "policy"] = "authorized_addresses" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "authorized_addresses_list"] = "test" self._contains_err( "Error parsing 'authorized_addresses_list' at 'clients.cfg.filtering.next_hop' level - Invalid format: must be a list." ) def test_next_hop_policy_authorized_addresses_invalid_address(self): """{}: next_hop.policy authorized_addresses, invalid IP addr""" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "policy"] = "authorized_addresses" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "authorized_addresses_list"] = ["test"] self._contains_err( "Error parsing 'authorized_addresses_list' at 'clients.cfg.filtering.next_hop' level - Invalid IP address: test." ) def test_next_hop_policy_both(self): """{}: next_hop.policy and next_hop_policy""" self.cfg[0]["cfg"]["filtering"]["next_hop_policy"] = "strict" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "policy"] = "authorized_addresses" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "authorized_addresses_list"] = ["test"] self._contains_err( "Can't use the new 'next_hop' and the old 'next_hop_policy' statements simultaneously" ) def test_next_hop_policy_authorized_addresses_ok(self): """{}: next_hop.policy authorized_addresses, ok""" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "policy"] = "authorized_addresses" self.cfg[0]["cfg"]["filtering"]["next_hop"][ "authorized_addresses_list"] = ["192.168.0.1"] self._contains_err() def test_multiple_ip_addresses(self): """{}: clients with multiple IP addresses""" clients_config = [ "clients:", " - asn: 111", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::11'", " - asn: 222", " ip:", " - '192.0.2.21'", " - '2001:db8:1:1::21'", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err() # Duplicate address. clients_config = [ "clients:", " - asn: 111", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::11'", " - asn: 222", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::21'", ] self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err("Duplicate IP address found: 192.0.2.11") def test_inherit_from_general_cfg(self): """{}: inherit from general cfg""" general = ConfigParserGeneral() general._load_from_yaml("\n".join( ["cfg:", " rs_as: 999", " router_id: 192.0.2.2"])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join([ "clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222", " ip: 192.0.2.21", " cfg:", " passive: False", " prepend_rs_as: True", " add_path: True", " filtering:", " irrdb:", " enforce_origin_in_as_set: False", " enforce_prefix_in_as_set: False", " white_list_pref:", " - prefix: 192.0.2.0", " length: 24", " white_list_asn:", " - 11", " - 12", " white_list_route:", " - prefix: 192.0.2.0", " length: 24", " le: 32", " asn: 65534", " rpki_bgp_origin_validation:", " enabled: True", " reject_invalid: False", " reject_invalid_as_in_as_path: False", " max_as_path_len: 64", " ipv4_pref_len:", " min: 1", " max: 2", " ipv6_pref_len:", " min: 3", " max: 4", " # test pre v0.6.0 format for next_hop", " next_hop_policy: same-as", " max_prefix:", " # test pre v0.13.0 format for peering_db", " peering_db: False", " limit_ipv4: 10", " limit_ipv6: 20", " reject_policy:", " policy: tag", " graceful_shutdown:", " enabled: True", " - asn: 333", " ip: 192.0.2.31", " cfg:", " filtering:", " next_hop:", " policy: 'authorized_addresses'", " authorized_addresses_list:", " - '192.0.2.31'", " - '192.0.2.32'", " - '2001:db8:0:0::31'", " irrdb:", " # testing optional ASN", " white_list_route:", " - prefix: 192.0.2.0", " length: 24", " le: 32" ])) self.cfg.parse() self._contains_err() client = self.cfg[0] self.assertEqual(client["cfg"]["passive"], True) self.assertEqual(client["cfg"]["add_path"], False) self.assertEqual(client["cfg"]["prepend_rs_as"], False) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_origin_in_as_set"], True) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_prefix_in_as_set"], True) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_pref"], None) self.assertEqual(client["cfg"]["filtering"]["irrdb"]["white_list_asn"], None) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["enabled"], False) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["reject_invalid"], True) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], True) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 32) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 8) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 24) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 12) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 48) self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"], "strict") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"]["enabled"], True) self.assertEqual(client["cfg"]["filtering"]["reject_policy"]["policy"], "reject") client = self.cfg[1] self.assertEqual(client["cfg"]["passive"], False) self.assertEqual(client["cfg"]["add_path"], True) self.assertEqual(client["cfg"]["prepend_rs_as"], True) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_origin_in_as_set"], False) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_prefix_in_as_set"], False) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_pref"][0] ["prefix"], "192.0.2.0") self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_pref"][0] ["length"], 24) self.assertEqual(client["cfg"]["filtering"]["irrdb"]["white_list_asn"], [11, 12]) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["prefix"], "192.0.2.0") self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["length"], 24) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["le"], 32) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["asn"], 65534) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["enabled"], True) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["reject_invalid"], False) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], False) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 64) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 1) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 2) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 3) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 4) self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"], "same-as") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], 10) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], 20) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"]["enabled"], False) self.assertEqual(client["cfg"]["filtering"]["reject_policy"]["policy"], "tag") self.assertEqual(client["cfg"]["graceful_shutdown"]["enabled"], True) client = self.cfg[2] self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"], "authorized_addresses") self.assertEqual( client["cfg"]["filtering"]["next_hop"] ["authorized_addresses_list"], ["192.0.2.31", "192.0.2.32", "2001:db8:0:0::31"]) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["prefix"], "192.0.2.0") self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["length"], 24) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["le"], 32) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["asn"], None) def test_blackhole_filtering_propagation(self): """{}: inherit from general cfg - blackhole filtering""" clients_config = [ "clients:", " - asn: 111", " ip: 192.0.2.11", " cfg:", " blackhole_filtering:", " - asn: 222", " ip: 192.0.2.21", " cfg:", " blackhole_filtering:", " announce_to_client: True", " - asn: 333", " ip: 192.0.2.31", " cfg:", " blackhole_filtering:", " announce_to_client: False", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self.cfg.parse() self._contains_err() self.assertIs(general["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[0] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[1] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[2] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False) # ------------------------ general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", " blackhole_filtering:", " announce_to_client: False" ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self.cfg.parse() self._contains_err() self.assertTrue( general["blackhole_filtering"]["announce_to_client"] is False) client = self.cfg[0] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False) client = self.cfg[1] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[2] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False) def test_custom_bgp_communities_ok(self): """{}: custom BGP communities""" clients_config = [ "clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222", " ip: 192.0.2.21", " cfg:", " attach_custom_communities:" ] yaml_lines = clients_config + [ " - test1", " - test2", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", " custom_communities:", " test1:", " std: '1:1'" ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(yaml_lines)) self._contains_err( "The custom BGP community test2 referenced on client AS222 192.0.2.21 is not declared on the general configuration." ) yaml_lines = clients_config + [ " - test1", ] self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(yaml_lines)) self._contains_err() def test_global_only_option(self): """{}: global only option""" clients_config = [ "clients:", " - asn: 222", " ip: 192.0.2.21", " cfg:", " filtering:", " irrdb:", " allow_longer_prefixes: True" ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err( "Unknown statement at 'clients.cfg.filtering.irrdb' level: 'allow_longer_prefixes'" )
def test_inherit_from_general_cfg(self): """{}: inherit from general cfg""" general = ConfigParserGeneral() general._load_from_yaml("\n".join( ["cfg:", " rs_as: 999", " router_id: 192.0.2.2"])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join([ "clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222", " ip: 192.0.2.21", " cfg:", " passive: False", " prepend_rs_as: True", " add_path: True", " filtering:", " irrdb:", " enforce_origin_in_as_set: False", " enforce_prefix_in_as_set: False", " white_list_pref:", " - prefix: 192.0.2.0", " length: 24", " white_list_asn:", " - 11", " - 12", " white_list_route:", " - prefix: 192.0.2.0", " length: 24", " le: 32", " asn: 65534", " rpki_bgp_origin_validation:", " enabled: True", " reject_invalid: False", " reject_invalid_as_in_as_path: False", " max_as_path_len: 64", " ipv4_pref_len:", " min: 1", " max: 2", " ipv6_pref_len:", " min: 3", " max: 4", " # test pre v0.6.0 format for next_hop", " next_hop_policy: same-as", " max_prefix:", " # test pre v0.13.0 format for peering_db", " peering_db: False", " limit_ipv4: 10", " limit_ipv6: 20", " reject_policy:", " policy: tag", " graceful_shutdown:", " enabled: True", " - asn: 333", " ip: 192.0.2.31", " cfg:", " filtering:", " next_hop:", " policy: 'authorized_addresses'", " authorized_addresses_list:", " - '192.0.2.31'", " - '192.0.2.32'", " - '2001:db8:0:0::31'", " irrdb:", " # testing optional ASN", " white_list_route:", " - prefix: 192.0.2.0", " length: 24", " le: 32" ])) self.cfg.parse() self._contains_err() client = self.cfg[0] self.assertEqual(client["cfg"]["passive"], True) self.assertEqual(client["cfg"]["add_path"], False) self.assertEqual(client["cfg"]["prepend_rs_as"], False) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_origin_in_as_set"], True) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_prefix_in_as_set"], True) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_pref"], None) self.assertEqual(client["cfg"]["filtering"]["irrdb"]["white_list_asn"], None) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["enabled"], False) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["reject_invalid"], True) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], True) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 32) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 8) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 24) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 12) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 48) self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"], "strict") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"]["enabled"], True) self.assertEqual(client["cfg"]["filtering"]["reject_policy"]["policy"], "reject") client = self.cfg[1] self.assertEqual(client["cfg"]["passive"], False) self.assertEqual(client["cfg"]["add_path"], True) self.assertEqual(client["cfg"]["prepend_rs_as"], True) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_origin_in_as_set"], False) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["enforce_prefix_in_as_set"], False) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_pref"][0] ["prefix"], "192.0.2.0") self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_pref"][0] ["length"], 24) self.assertEqual(client["cfg"]["filtering"]["irrdb"]["white_list_asn"], [11, 12]) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["prefix"], "192.0.2.0") self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["length"], 24) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["le"], 32) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["asn"], 65534) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["enabled"], True) self.assertEqual( client["cfg"]["filtering"]["rpki_bgp_origin_validation"] ["reject_invalid"], False) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], False) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 64) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 1) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 2) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 3) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 4) self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"], "same-as") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], 10) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], 20) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"]["enabled"], False) self.assertEqual(client["cfg"]["filtering"]["reject_policy"]["policy"], "tag") self.assertEqual(client["cfg"]["graceful_shutdown"]["enabled"], True) client = self.cfg[2] self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"], "authorized_addresses") self.assertEqual( client["cfg"]["filtering"]["next_hop"] ["authorized_addresses_list"], ["192.0.2.31", "192.0.2.32", "2001:db8:0:0::31"]) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["prefix"], "192.0.2.0") self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0] ["length"], 24) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["le"], 32) self.assertEqual( client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["asn"], None)
class TestConfigParserClients(TestConfigParserBase): FILE_PATH = "config.d/clients.yml" CONFIG_PARSER_CLASS = ConfigParserClients SHORT_DESCR = "Clients config parser" def test_valid_cfg(self): """{}: valid configuration""" self._contains_err() def test_unknown_statement(self): """{}: unknown statement""" self.cfg[0]["test"] = "test" self._contains_err("Unknown statement at 'clients' level: 'test'.") def test_as(self): """{}: AS number""" for v in (-1, 0, "test"): self.cfg[0]["asn"] = v self._contains_err( "Error parsing 'asn' at 'clients' level - Invalid ASN: {}.". format(v)) def test_ip(self): """{}: IP address""" for v in ("192.0.2.1/24", "2001:db8::1/64"): self.cfg[0]["ip"] = v self._contains_err( "Error parsing 'ip' at 'clients' level - Invalid IP address: {}." .format(v)) for v in ("192.0.2.1", "10.0.1.1", "1.2.3.4", "fe80::1", "2001:DB8::1"): self.cfg[0]["ip"] = v self._contains_err() def test_duplicate_ip(self): """{}: duplicate IP addresses""" self.cfg[0]["ip"] = "192.0.2.1" self.cfg[1]["ip"] = self.cfg[0]["ip"] self._contains_err("Duplicate IP address found: 192.0.2.1.") def test_multiple_ip_addresses(self): """{}: clients with multiple IP addresses""" clients_config = [ "clients:", " - asn: 111", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::11'", " - asn: 222", " ip:", " - '192.0.2.21'", " - '2001:db8:1:1::21'", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err() # Duplicate address. clients_config = [ "clients:", " - asn: 111", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::11'", " - asn: 222", " ip:", " - '192.0.2.11'", " - '2001:db8:1:1::21'", ] self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self._contains_err("Duplicate IP address found: 192.0.2.11") def test_inherit_from_general_cfg(self): """{}: inherit from general cfg""" general = ConfigParserGeneral() general._load_from_yaml("\n".join( ["cfg:", " rs_as: 999", " router_id: 192.0.2.2"])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join([ "clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222", " ip: 192.0.2.21", " cfg:", " passive: False", " prepend_rs_as: True", " add_path: True", " filtering:", " rpsl:", " enforce_origin_in_as_set: False", " enforce_prefix_in_as_set: False", " rpki:", " enabled: True", " reject_invalid_as_in_as_path: False", " max_as_path_len: 64", " ipv4_pref_len:", " min: 1", " max: 2", " ipv6_pref_len:", " min: 3", " max: 4", " next_hop_policy: same-as", " max_prefix:", " peering_db: False", " limit_ipv4: 10", " limit_ipv6: 20" ])) self.cfg.parse() self._contains_err() client = self.cfg[0] self.assertEqual(client["cfg"]["passive"], True) self.assertEqual(client["cfg"]["add_path"], False) self.assertEqual(client["cfg"]["prepend_rs_as"], False) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_origin_in_as_set"], True) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_prefix_in_as_set"], True) self.assertEqual(client["cfg"]["filtering"]["rpki"]["enabled"], False) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], True) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 32) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 8) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 24) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 12) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 48) self.assertEqual(client["cfg"]["filtering"]["next_hop_policy"], "strict") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"], True) client = self.cfg[1] self.assertEqual(client["cfg"]["passive"], False) self.assertEqual(client["cfg"]["add_path"], True) self.assertEqual(client["cfg"]["prepend_rs_as"], True) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_origin_in_as_set"], False) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_prefix_in_as_set"], False) self.assertEqual(client["cfg"]["filtering"]["rpki"]["enabled"], True) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], False) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 64) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 1) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 2) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 3) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 4) self.assertEqual(client["cfg"]["filtering"]["next_hop_policy"], "same-as") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], 10) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], 20) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"], False) def test_blackhole_filtering_propagation(self): """{}: inherit from general cfg - blackhole filtering""" clients_config = [ "clients:", " - asn: 111", " ip: 192.0.2.11", " cfg:", " blackhole_filtering:", " - asn: 222", " ip: 192.0.2.21", " cfg:", " blackhole_filtering:", " announce_to_client: True", " - asn: 333", " ip: 192.0.2.31", " cfg:", " blackhole_filtering:", " announce_to_client: False", ] general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self.cfg.parse() self._contains_err() self.assertIs(general["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[0] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[1] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[2] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False) # ------------------------ general = ConfigParserGeneral() general._load_from_yaml("\n".join([ "cfg:", " rs_as: 999", " router_id: 192.0.2.2", " blackhole_filtering:", " announce_to_client: False" ])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join(clients_config)) self.cfg.parse() self._contains_err() self.assertTrue( general["blackhole_filtering"]["announce_to_client"] is False) client = self.cfg[0] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False) client = self.cfg[1] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], True) client = self.cfg[2] self.assertIs( client["cfg"]["blackhole_filtering"]["announce_to_client"], False)
def test_inherit_from_general_cfg(self): """{}: inherit from general cfg""" general = ConfigParserGeneral() general._load_from_yaml("\n".join( ["cfg:", " rs_as: 999", " router_id: 192.0.2.2"])) general.parse() self.cfg = ConfigParserClients(general_cfg=general) self.cfg._load_from_yaml("\n".join([ "clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222", " ip: 192.0.2.21", " cfg:", " passive: False", " prepend_rs_as: True", " add_path: True", " filtering:", " rpsl:", " enforce_origin_in_as_set: False", " enforce_prefix_in_as_set: False", " rpki:", " enabled: True", " reject_invalid_as_in_as_path: False", " max_as_path_len: 64", " ipv4_pref_len:", " min: 1", " max: 2", " ipv6_pref_len:", " min: 3", " max: 4", " next_hop_policy: same-as", " max_prefix:", " peering_db: False", " limit_ipv4: 10", " limit_ipv6: 20" ])) self.cfg.parse() self._contains_err() client = self.cfg[0] self.assertEqual(client["cfg"]["passive"], True) self.assertEqual(client["cfg"]["add_path"], False) self.assertEqual(client["cfg"]["prepend_rs_as"], False) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_origin_in_as_set"], True) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_prefix_in_as_set"], True) self.assertEqual(client["cfg"]["filtering"]["rpki"]["enabled"], False) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], True) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 32) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 8) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 24) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 12) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 48) self.assertEqual(client["cfg"]["filtering"]["next_hop_policy"], "strict") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], None) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"], True) client = self.cfg[1] self.assertEqual(client["cfg"]["passive"], False) self.assertEqual(client["cfg"]["add_path"], True) self.assertEqual(client["cfg"]["prepend_rs_as"], True) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_origin_in_as_set"], False) self.assertEqual( client["cfg"]["filtering"]["rpsl"]["enforce_prefix_in_as_set"], False) self.assertEqual(client["cfg"]["filtering"]["rpki"]["enabled"], True) self.assertEqual( client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], False) self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 64) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 1) self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 2) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 3) self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 4) self.assertEqual(client["cfg"]["filtering"]["next_hop_policy"], "same-as") self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], 10) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], 20) self.assertEqual( client["cfg"]["filtering"]["max_prefix"]["peering_db"], False)