cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From raj...@apache.org
Subject [1/2] git commit: updated refs/heads/master to 8efdcfc
Date Mon, 13 Feb 2017 10:37:47 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/master a79c1f672 -> 8efdcfc1c


Marvin test to verify that adding TCP ports 500,4500 and 1701 in vpn should not fail Bug-Id:
CS-43653 Reviewed-by: Self

Made changes as per pavanb018 review comments


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/50cbaf9f
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/50cbaf9f
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/50cbaf9f

Branch: refs/heads/master
Commit: 50cbaf9f19a9179412478ec147c70dcf57763f59
Parents: bb9148b
Author: sanjeevn <sanjeev.neelarapu@citrix.com>
Authored: Mon Dec 7 17:55:50 2015 +0530
Committer: sanjeev <sanjeev.neelarapu@accelerite.com>
Committed: Wed Jun 1 17:48:19 2016 +0530

----------------------------------------------------------------------
 test/integration/component/test_vpn_users.py | 75 ++++++++++++++++++++++-
 1 file changed, 73 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/50cbaf9f/test/integration/component/test_vpn_users.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_vpn_users.py b/test/integration/component/test_vpn_users.py
index 72e10a4..3da7c8e 100644
--- a/test/integration/component/test_vpn_users.py
+++ b/test/integration/component/test_vpn_users.py
@@ -29,13 +29,15 @@ from marvin.lib.base import (
                                         Vpn,
                                         VpnUser,
                                         Configurations,
-                                        NATRule
+                                        NATRule,
+                                        FireWallRule
                                         )
 from marvin.lib.common import (get_domain,
                                         get_zone,
                                         get_template
                                         )
-from marvin.lib.utils import cleanup_resources
+from marvin.lib.utils import cleanup_resources, validateList
+from marvin.codes import PASS
 
 
 class Services:
@@ -451,3 +453,72 @@ class TestVPNUsers(cloudstackTestCase):
             self.fail("Domain admin should be allowed to create VPN user: %s" %
                                                                             e)
         return
+
+    @attr(tags=["advanced", "advancedns"], required_hardware="false")
+    def test_08_add_TCP_PF_Rule_In_VPN(self):
+        """
+        Test to add TCP Port Forwarding rule for specific ports(500,1701 and 4500) in VPN
+        """
+        # Steps for verification
+        # 1. Enable vpn on SourceNAT IP address
+        # 2. Configure PF with TCP ports 500,1701 and 4500. It should be allowed
+        # Should not conflict with UPD ports used for VPN
+
+        vm_res = VirtualMachine.list(
+            self.apiclient,
+            id=self.virtual_machine.id,
+            listall=True
+        )
+        self.assertEqual(
+            validateList(vm_res)[0],
+            PASS,
+            "Failed to list virtual machine"
+        )
+        network_id = vm_res[0].nic[0].networkid
+        src_nat_list = PublicIPAddress.list(
+            self.apiclient,
+            account=self.account.name,
+            domainid=self.account.domainid,
+            listall=True,
+            issourcenat=True,
+            associatednetworkid=network_id
+        )
+        self.assertEqual(
+            validateList(src_nat_list)[0],
+            PASS,
+            "Failed to list source nat ip address"
+        )
+        ip = src_nat_list[0]
+        try:
+            vpn = Vpn.create(
+                self.apiclient,
+                publicipid=ip.id,
+                account=self.account.name,
+                domainid=self.account.domainid,
+            )
+            self.assertIsNotNone(
+                vpn,
+                "Failed to create remote access vpn"
+            )
+        except Exception as e:
+            self.fail("Failed to enable vpn on SourceNAT IP with error: %s" % e)
+
+        #Create PF rule with TCP ports 500,4500 and 1701
+        self.services['natrule']['protocol']="TCP"
+        for port in [500, 4500, 1701]:
+            self.services['natrule']['privateport'] = port
+            self.services['natrule']['publicport'] = port
+            try:
+                nat = NATRule.create(
+                    self.apiclient,
+                    self.virtual_machine,
+                    self.services["natrule"],
+                    ip.id
+                )
+                self.assertIsNotNone(
+                    nat,
+                    "Failed to add PF rule with tcp parts matching vpn"
+                )
+            except Exception as e:
+                self.fail("Creating PF rule for TCP port %s in VPN failed : %s" % (port,
e))
+        return


Mime
View raw message