summaryrefslogtreecommitdiff
path: root/smoketest/scripts/cli/test_service_dns_forwarding.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-09-24 18:23:08 +0200
committerChristian Poessinger <christian@poessinger.com>2020-09-24 18:23:39 +0200
commit4db00f1cd820f4fc462ce3537d692694224e02a4 (patch)
treee7653deb3e1a943339e50e5fa4cdf4c466539ffa /smoketest/scripts/cli/test_service_dns_forwarding.py
parent2b06653a824f21bf5b3a843f109f99096e7500ff (diff)
downloadvyos-1x-4db00f1cd820f4fc462ce3537d692694224e02a4.tar.gz
vyos-1x-4db00f1cd820f4fc462ce3537d692694224e02a4.zip
smoketest: dns: forwarding: T2921: add initial testcases
Diffstat (limited to 'smoketest/scripts/cli/test_service_dns_forwarding.py')
-rwxr-xr-xsmoketest/scripts/cli/test_service_dns_forwarding.py163
1 files changed, 163 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_service_dns_forwarding.py b/smoketest/scripts/cli/test_service_dns_forwarding.py
new file mode 100755
index 000000000..0ae27a4d4
--- /dev/null
+++ b/smoketest/scripts/cli/test_service_dns_forwarding.py
@@ -0,0 +1,163 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2019-2020 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import re
+import os
+import unittest
+
+from psutil import process_iter
+
+from vyos.configsession import ConfigSession, ConfigSessionError
+from vyos.util import read_file
+from vyos.util import process_named_running
+
+CONFIG_FILE = '/run/powerdns/recursor.conf'
+FORWARD_FILE = '/run/powerdns/recursor.forward-zones.conf'
+PROCESS_NAME= 'pdns-r/worker'
+
+base_path = ['service', 'dns', 'forwarding']
+
+allow_from = ['192.0.2.0/24', '2001:db8::/32']
+listen_adress = ['127.0.0.1', '::1']
+
+def get_config_value(key, file=CONFIG_FILE):
+ tmp = read_file(file)
+ tmp = re.findall(r'\n{}=+(.*)'.format(key), tmp)
+ return tmp[0]
+
+class TestServicePowerDNS(unittest.TestCase):
+ def setUp(self):
+ self.session = ConfigSession(os.getpid())
+
+ def tearDown(self):
+ # Delete DNS forwarding configuration
+ self.session.delete(base_path)
+ self.session.commit()
+ del self.session
+
+ def test_basic_forwarding(self):
+ """ Check basic DNS forwarding settings """
+ cache_size = '20'
+ negative_ttl = '120'
+
+ self.session.set(base_path + ['cache-size', cache_size])
+ self.session.set(base_path + ['negative-ttl', negative_ttl])
+
+ # check validate() - allow from must be defined
+ with self.assertRaises(ConfigSessionError):
+ self.session.commit()
+ for network in allow_from:
+ self.session.set(base_path + ['allow-from', network])
+
+ # check validate() - listen-address must be defined
+ with self.assertRaises(ConfigSessionError):
+ self.session.commit()
+ for address in listen_adress:
+ self.session.set(base_path + ['listen-address', address])
+
+ # configure DNSSEC
+ self.session.set(base_path + ['dnssec', 'validate'])
+
+ # commit changes
+ self.session.commit()
+
+ # Check configured cache-size
+ tmp = get_config_value('max-cache-entries')
+ self.assertEqual(tmp, cache_size)
+
+ # Networks allowed to query this server
+ tmp = get_config_value('allow-from')
+ self.assertEqual(tmp, ','.join(allow_from))
+
+ # Addresses to listen for DNS queries
+ tmp = get_config_value('local-address')
+ self.assertEqual(tmp, ','.join(listen_adress))
+
+ # Maximum amount of time negative entries are cached
+ tmp = get_config_value('max-negative-ttl')
+ self.assertEqual(tmp, negative_ttl)
+
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ def test_dnssec(self):
+ """ DNSSEC option testing """
+
+ for network in allow_from:
+ self.session.set(base_path + ['allow-from', network])
+ for address in listen_adress:
+ self.session.set(base_path + ['listen-address', address])
+
+ options = ['off', 'process-no-validate', 'process', 'log-fail', 'validate']
+ for option in options:
+ self.session.set(base_path + ['dnssec', option])
+
+ # commit changes
+ self.session.commit()
+
+ tmp = get_config_value('dnssec')
+ self.assertEqual(tmp, option)
+
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ def test_external_nameserver(self):
+ """ Externe Domain Name Servers (DNS) addresses """
+
+ for network in allow_from:
+ self.session.set(base_path + ['allow-from', network])
+ for address in listen_adress:
+ self.session.set(base_path + ['listen-address', address])
+
+ nameservers = ['192.0.2.1', '192.0.2.2']
+ for nameserver in nameservers:
+ self.session.set(base_path + ['name-server', nameserver])
+
+ # commit changes
+ self.session.commit()
+
+ tmp = get_config_value(r'\+.', file=FORWARD_FILE)
+ self.assertEqual(tmp, ', '.join(nameservers))
+
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+ def test_domain_forwarding(self):
+ """ Externe Domain Name Servers (DNS) addresses """
+
+ for network in allow_from:
+ self.session.set(base_path + ['allow-from', network])
+ for address in listen_adress:
+ self.session.set(base_path + ['listen-address', address])
+
+ domains = ['vyos.io', 'vyos.net']
+ nameservers = ['192.0.2.1', '192.0.2.2']
+ for domain in domains:
+ for nameserver in nameservers:
+ self.session.set(base_path + ['domain', domain, 'server', nameserver])
+
+ # commit changes
+ self.session.commit()
+
+ for domain in domains:
+ tmp = get_config_value(domain, file=FORWARD_FILE)
+ self.assertEqual(tmp, ', '.join(nameservers))
+
+ # Check for running process
+ self.assertTrue(process_named_running(PROCESS_NAME))
+
+if __name__ == '__main__':
+ unittest.main()