summaryrefslogtreecommitdiff
path: root/smoketest
diff options
context:
space:
mode:
authorCheeze-It <16260577+Cheeze-It@users.noreply.github.com>2023-04-04 07:41:59 -0700
committerGitHub <noreply@github.com>2023-04-04 07:41:59 -0700
commit4d5bc82590533c2f1d65334636fd8427c2a1bf6b (patch)
tree1a5479aec55199ac195bd4c6761d7e693cdbfb8a /smoketest
parentd6ef0c54ad8c8f9f2c5f1811781dba6111201fe4 (diff)
parent94b65bb3936b607a6bc85fe23176ff855c722519 (diff)
downloadvyos-1x-4d5bc82590533c2f1d65334636fd8427c2a1bf6b.tar.gz
vyos-1x-4d5bc82590533c2f1d65334636fd8427c2a1bf6b.zip
Merge branch 'vyos:current' into current
Diffstat (limited to 'smoketest')
-rwxr-xr-xsmoketest/scripts/cli/test_firewall.py21
-rwxr-xr-xsmoketest/scripts/cli/test_load_balancing_wan.py4
-rwxr-xr-xsmoketest/scripts/cli/test_policy_route.py8
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_bgp.py24
-rwxr-xr-xsmoketest/scripts/cli/test_service_dns_forwarding.py27
-rwxr-xr-xsmoketest/scripts/cli/test_service_ipoe-server.py93
-rwxr-xr-xsmoketest/scripts/cli/test_service_ntp.py3
-rwxr-xr-xsmoketest/scripts/cli/test_system_sflow.py1
-rwxr-xr-xsmoketest/scripts/cli/test_vpn_ipsec.py10
-rwxr-xr-xsmoketest/scripts/system/test_kernel_options.py24
10 files changed, 189 insertions, 26 deletions
diff --git a/smoketest/scripts/cli/test_firewall.py b/smoketest/scripts/cli/test_firewall.py
index d61534d87..99d3b3ca1 100755
--- a/smoketest/scripts/cli/test_firewall.py
+++ b/smoketest/scripts/cli/test_firewall.py
@@ -198,6 +198,7 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
def test_ipv4_basic_rules(self):
name = 'smoketest'
interface = 'eth0'
+ interface_wc = 'l2tp*'
mss_range = '501-1460'
conn_mark = '555'
@@ -207,13 +208,13 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
self.cli_set(['firewall', 'name', name, 'rule', '1', 'source', 'address', '172.16.20.10'])
self.cli_set(['firewall', 'name', name, 'rule', '1', 'destination', 'address', '172.16.10.10'])
self.cli_set(['firewall', 'name', name, 'rule', '1', 'log', 'enable'])
- self.cli_set(['firewall', 'name', name, 'rule', '1', 'log-level', 'debug'])
+ self.cli_set(['firewall', 'name', name, 'rule', '1', 'log-options', 'level', 'debug'])
self.cli_set(['firewall', 'name', name, 'rule', '1', 'ttl', 'eq', '15'])
self.cli_set(['firewall', 'name', name, 'rule', '2', 'action', 'reject'])
self.cli_set(['firewall', 'name', name, 'rule', '2', 'protocol', 'tcp'])
self.cli_set(['firewall', 'name', name, 'rule', '2', 'destination', 'port', '8888'])
self.cli_set(['firewall', 'name', name, 'rule', '2', 'log', 'enable'])
- self.cli_set(['firewall', 'name', name, 'rule', '2', 'log-level', 'err'])
+ self.cli_set(['firewall', 'name', name, 'rule', '2', 'log-options', 'level', 'err'])
self.cli_set(['firewall', 'name', name, 'rule', '2', 'tcp', 'flags', 'syn'])
self.cli_set(['firewall', 'name', name, 'rule', '2', 'tcp', 'flags', 'not', 'ack'])
self.cli_set(['firewall', 'name', name, 'rule', '2', 'ttl', 'gt', '102'])
@@ -240,6 +241,7 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
self.cli_set(['firewall', 'name', name, 'rule', '6', 'connection-mark', conn_mark])
self.cli_set(['firewall', 'interface', interface, 'in', 'name', name])
+ self.cli_set(['firewall', 'interface', interface_wc, 'in', 'name', name])
self.cli_commit()
@@ -247,8 +249,9 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
nftables_search = [
[f'iifname "{interface}"', f'jump NAME_{name}'],
- ['saddr 172.16.20.10', 'daddr 172.16.10.10', 'log prefix "[smoketest-1-A]" level debug', 'ip ttl 15', 'return'],
- ['tcp flags syn / syn,ack', 'tcp dport 8888', 'log prefix "[smoketest-2-R]" level err', 'ip ttl > 102', 'reject'],
+ [f'iifname "{interface_wc}"', f'jump NAME_{name}'],
+ ['saddr 172.16.20.10', 'daddr 172.16.10.10', 'log prefix "[smoketest-1-A]" log level debug', 'ip ttl 15', 'return'],
+ ['tcp flags syn / syn,ack', 'tcp dport 8888', 'log prefix "[smoketest-2-R]" log level err', 'ip ttl > 102', 'reject'],
['tcp dport 22', 'limit rate 5/minute', 'return'],
['log prefix "[smoketest-default-D]"','smoketest default-action', 'drop'],
['tcp dport 22', 'add @RECENT_smoketest_4 { ip saddr limit rate over 10/minute burst 10 packets }', 'meta pkttype host', 'drop'],
@@ -272,6 +275,10 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
self.cli_set(['firewall', 'name', name, 'rule', '6', 'packet-length', '1024'])
self.cli_set(['firewall', 'name', name, 'rule', '6', 'dscp', '17'])
self.cli_set(['firewall', 'name', name, 'rule', '6', 'dscp', '52'])
+ self.cli_set(['firewall', 'name', name, 'rule', '6', 'log', 'enable'])
+ self.cli_set(['firewall', 'name', name, 'rule', '6', 'log-options', 'group', '66'])
+ self.cli_set(['firewall', 'name', name, 'rule', '6', 'log-options', 'snapshot-length', '6666'])
+ self.cli_set(['firewall', 'name', name, 'rule', '6', 'log-options', 'queue-threshold','32000'])
self.cli_set(['firewall', 'name', name, 'rule', '7', 'action', 'accept'])
self.cli_set(['firewall', 'name', name, 'rule', '7', 'packet-length', '1-30000'])
@@ -301,7 +308,7 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
nftables_search = [
[f'iifname "{interface}"', f'jump NAME_{name}'],
- ['ip length { 64, 512, 1024 }', 'ip dscp { 0x11, 0x34 }', 'return'],
+ ['ip length { 64, 512, 1024 }', 'ip dscp { 0x11, 0x34 }', f'log prefix "[{name}-6-A]" log group 66 snaplen 6666 queue-threshold 32000', 'return'],
['ip length 1-30000', 'ip length != 60000-65535', 'ip dscp 0x03-0x0b', 'ip dscp != 0x15-0x19', 'return'],
[f'log prefix "[{name}-default-D]"', 'drop'],
['ip saddr 198.51.100.1', f'jump NAME_{name}'],
@@ -357,7 +364,7 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
self.cli_set(['firewall', 'ipv6-name', name, 'rule', '1', 'source', 'address', '2002::1'])
self.cli_set(['firewall', 'ipv6-name', name, 'rule', '1', 'destination', 'address', '2002::1:1'])
self.cli_set(['firewall', 'ipv6-name', name, 'rule', '1', 'log', 'enable'])
- self.cli_set(['firewall', 'ipv6-name', name, 'rule', '1', 'log-level', 'crit'])
+ self.cli_set(['firewall', 'ipv6-name', name, 'rule', '1', 'log-options', 'level', 'crit'])
self.cli_set(['firewall', 'ipv6-name', name, 'rule', '2', 'action', 'reject'])
self.cli_set(['firewall', 'ipv6-name', name, 'rule', '2', 'protocol', 'tcp_udp'])
@@ -374,7 +381,7 @@ class TestFirewall(VyOSUnitTestSHIM.TestCase):
nftables_search = [
[f'iifname "{interface}"', f'jump NAME6_{name}'],
- ['saddr 2002::1', 'daddr 2002::1:1', 'log prefix "[v6-smoketest-1-A]" level crit', 'return'],
+ ['saddr 2002::1', 'daddr 2002::1:1', 'log prefix "[v6-smoketest-1-A]" log level crit', 'return'],
['meta l4proto { tcp, udp }', 'th dport 8888', f'iifname "{interface}"', 'reject'],
['meta l4proto gre', f'oifname "{interface}"', 'return'],
['smoketest default-action', f'log prefix "[{name}-default-D]"', 'drop']
diff --git a/smoketest/scripts/cli/test_load_balancing_wan.py b/smoketest/scripts/cli/test_load_balancing_wan.py
index 0e1806f66..8df3471f7 100755
--- a/smoketest/scripts/cli/test_load_balancing_wan.py
+++ b/smoketest/scripts/cli/test_load_balancing_wan.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2022 VyOS maintainers and contributors
+# Copyright (C) 2022-2023 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -177,7 +177,7 @@ class TestLoadBalancingWan(VyOSUnitTestSHIM.TestCase):
nat_vyos_pre_snat_hook = """table ip nat {
chain VYOS_PRE_SNAT_HOOK {
type nat hook postrouting priority srcnat - 1; policy accept;
- return
+ counter jump WANLOADBALANCE
}
}"""
diff --git a/smoketest/scripts/cli/test_policy_route.py b/smoketest/scripts/cli/test_policy_route.py
index 4be36b134..a3df6bf4d 100755
--- a/smoketest/scripts/cli/test_policy_route.py
+++ b/smoketest/scripts/cli/test_policy_route.py
@@ -26,6 +26,7 @@ conn_mark_set = '111'
table_mark_offset = 0x7fffffff
table_id = '101'
interface = 'eth0'
+interface_wc = 'ppp*'
interface_ip = '172.16.10.1/24'
class TestPolicyRoute(VyOSUnitTestSHIM.TestCase):
@@ -236,7 +237,8 @@ class TestPolicyRoute(VyOSUnitTestSHIM.TestCase):
self.cli_set(['policy', 'route6', 'smoketest6', 'rule', '5', 'set', 'table', table_id])
self.cli_set(['policy', 'route', 'smoketest', 'interface', interface])
- self.cli_set(['policy', 'route6', 'smoketest6', 'interface', interface])
+ self.cli_set(['policy', 'route', 'smoketest', 'interface', interface_wc])
+ self.cli_set(['policy', 'route6', 'smoketest6', 'interface', interface_wc])
self.cli_commit()
@@ -244,7 +246,7 @@ class TestPolicyRoute(VyOSUnitTestSHIM.TestCase):
# IPv4
nftables_search = [
- [f'iifname "{interface}"', 'jump VYOS_PBR_smoketest'],
+ ['iifname { "' + interface + '", "' + interface_wc + '" }', 'jump VYOS_PBR_smoketest'],
['meta l4proto udp', 'drop'],
['tcp flags syn / syn,ack', 'meta mark set ' + mark_hex],
['ct state new', 'tcp dport 22', 'ip saddr 198.51.100.0/24', 'ip ttl > 2', 'meta mark set ' + mark_hex],
@@ -256,7 +258,7 @@ class TestPolicyRoute(VyOSUnitTestSHIM.TestCase):
# IPv6
nftables6_search = [
- [f'iifname "{interface}"', 'jump VYOS_PBR6_smoketest'],
+ [f'iifname "{interface_wc}"', 'jump VYOS_PBR6_smoketest'],
['meta l4proto udp', 'drop'],
['tcp flags syn / syn,ack', 'meta mark set ' + mark_hex],
['ct state new', 'tcp dport 22', 'ip6 saddr 2001:db8::/64', 'ip6 hoplimit > 2', 'meta mark set ' + mark_hex],
diff --git a/smoketest/scripts/cli/test_protocols_bgp.py b/smoketest/scripts/cli/test_protocols_bgp.py
index 4047ea8f4..f6eede87a 100755
--- a/smoketest/scripts/cli/test_protocols_bgp.py
+++ b/smoketest/scripts/cli/test_protocols_bgp.py
@@ -55,6 +55,7 @@ neighbor_config = {
'route_map_out' : route_map_out,
'no_send_comm_ext' : '',
'addpath_all' : '',
+ 'p_attr_discard' : '123',
},
'192.0.2.2' : {
'bfd_profile' : bfd_profile,
@@ -129,10 +130,12 @@ peer_group_config = {
'cap_over' : '',
'ttl_security' : '5',
'disable_conn_chk' : '',
+ 'p_attr_discard' : '250',
},
'bar' : {
'remote_as' : '111',
- 'graceful_rst_no' : ''
+ 'graceful_rst_no' : '',
+ 'port' : '667',
},
'foo-bar' : {
'advertise_map' : route_map_in,
@@ -237,6 +240,8 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' neighbor {peer} passive', frrconfig)
if 'password' in peer_config:
self.assertIn(f' neighbor {peer} password {peer_config["password"]}', frrconfig)
+ if 'port' in peer_config:
+ self.assertIn(f' neighbor {peer} port {peer_config["port"]}', frrconfig)
if 'remote_as' in peer_config:
self.assertIn(f' neighbor {peer} remote-as {peer_config["remote_as"]}', frrconfig)
if 'solo' in peer_config:
@@ -261,6 +266,8 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' no neighbor {peer} send-community extended', frrconfig)
if 'addpath_all' in peer_config:
self.assertIn(f' neighbor {peer} addpath-tx-all-paths', frrconfig)
+ if 'p_attr_discard' in peer_config:
+ self.assertIn(f' neighbor {peer} path-attribute discard {peer_config["p_attr_discard"]}', frrconfig)
if 'addpath_per_as' in peer_config:
self.assertIn(f' neighbor {peer} addpath-tx-bestpath-per-AS', frrconfig)
if 'advertise_map' in peer_config:
@@ -290,6 +297,9 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
max_path_v6ibgp = '16'
cond_adv_timer = '30'
min_hold_time = '2'
+ tcp_keepalive_idle = '66'
+ tcp_keepalive_interval = '77'
+ tcp_keepalive_probes = '22'
self.cli_set(base_path + ['parameters', 'router-id', router_id])
self.cli_set(base_path + ['parameters', 'log-neighbor-changes'])
@@ -320,6 +330,9 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['parameters', 'route-reflector-allow-outbound-policy'])
self.cli_set(base_path + ['parameters', 'shutdown'])
self.cli_set(base_path + ['parameters', 'suppress-fib-pending'])
+ self.cli_set(base_path + ['parameters', 'tcp-keepalive', 'idle', tcp_keepalive_idle])
+ self.cli_set(base_path + ['parameters', 'tcp-keepalive', 'interval', tcp_keepalive_interval])
+ self.cli_set(base_path + ['parameters', 'tcp-keepalive', 'probes', tcp_keepalive_probes])
# AFI maximum path support
self.cli_set(base_path + ['address-family', 'ipv4-unicast', 'maximum-paths', 'ebgp', max_path_v4])
@@ -349,6 +362,7 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.assertIn(f' bgp route-reflector allow-outbound-policy', frrconfig)
self.assertIn(f' bgp shutdown', frrconfig)
self.assertIn(f' bgp suppress-fib-pending', frrconfig)
+ self.assertIn(f' bgp tcp-keepalive {tcp_keepalive_idle} {tcp_keepalive_interval} {tcp_keepalive_probes}', frrconfig)
self.assertNotIn(f'bgp ebgp-requires-policy', frrconfig)
self.assertIn(f' no bgp suppress-duplicates', frrconfig)
@@ -414,6 +428,8 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['neighbor', peer, 'ttl-security', 'hops', peer_config["ttl_security"]])
if 'update_src' in peer_config:
self.cli_set(base_path + ['neighbor', peer, 'update-source', peer_config["update_src"]])
+ if 'p_attr_discard' in peer_config:
+ self.cli_set(base_path + ['neighbor', peer, 'path-attribute', 'discard', peer_config["p_attr_discard"]])
if 'route_map_in' in peer_config:
self.cli_set(base_path + ['neighbor', peer, 'address-family', afi, 'route-map', 'import', peer_config["route_map_in"]])
if 'route_map_out' in peer_config:
@@ -463,8 +479,6 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
for peer, peer_config in neighbor_config.items():
if 'adv_interv' in peer_config:
self.assertIn(f' neighbor {peer} advertisement-interval {peer_config["adv_interv"]}', frrconfig)
- if 'port' in peer_config:
- self.assertIn(f' neighbor {peer} port {peer_config["port"]}', frrconfig)
if 'cap_strict' in peer_config:
self.assertIn(f' neighbor {peer} strict-capability-match', frrconfig)
@@ -500,6 +514,8 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['peer-group', peer_group, 'passive'])
if 'password' in config:
self.cli_set(base_path + ['peer-group', peer_group, 'password', config["password"]])
+ if 'port' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'port', config["port"]])
if 'remote_as' in config:
self.cli_set(base_path + ['peer-group', peer_group, 'remote-as', config["remote_as"]])
if 'shutdown' in config:
@@ -532,6 +548,8 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['peer-group', peer_group, 'graceful-restart', 'restart-helper'])
if 'disable_conn_chk' in config:
self.cli_set(base_path + ['peer-group', peer_group, 'disable-connected-check'])
+ if 'p_attr_discard' in config:
+ self.cli_set(base_path + ['peer-group', peer_group, 'path-attribute', 'discard', config["p_attr_discard"]])
# Conditional advertisement
if 'advertise_map' in config:
diff --git a/smoketest/scripts/cli/test_service_dns_forwarding.py b/smoketest/scripts/cli/test_service_dns_forwarding.py
index 94e0597ad..88492e348 100755
--- a/smoketest/scripts/cli/test_service_dns_forwarding.py
+++ b/smoketest/scripts/cli/test_service_dns_forwarding.py
@@ -20,6 +20,7 @@ import unittest
from base_vyostest_shim import VyOSUnitTestSHIM
from vyos.configsession import ConfigSessionError
+from vyos.template import bracketize_ipv6
from vyos.util import read_file
from vyos.util import process_named_running
@@ -141,15 +142,20 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase):
for address in listen_adress:
self.cli_set(base_path + ['listen-address', address])
- nameservers = ['192.0.2.1', '192.0.2.2']
- for nameserver in nameservers:
- self.cli_set(base_path + ['name-server', nameserver])
+ nameservers = {'192.0.2.1': {}, '192.0.2.2': {'port': '53'}, '2001:db8::1': {'port': '853'}}
+ for h,p in nameservers.items():
+ if 'port' in p:
+ self.cli_set(base_path + ['name-server', h, 'port', p['port']])
+ else:
+ self.cli_set(base_path + ['name-server', h])
# commit changes
self.cli_commit()
tmp = get_config_value(r'\+.', file=FORWARD_FILE)
- self.assertEqual(tmp, ', '.join(nameservers))
+ canonical_entries = [(lambda h, p: f"{bracketize_ipv6(h)}:{p['port'] if 'port' in p else 53}")(h, p)
+ for (h, p) in nameservers.items()]
+ self.assertEqual(tmp, ', '.join(canonical_entries))
# Do not use local /etc/hosts file in name resolution
# default: yes
@@ -163,10 +169,13 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['listen-address', address])
domains = ['vyos.io', 'vyos.net', 'vyos.com']
- nameservers = ['192.0.2.1', '192.0.2.2']
+ nameservers = {'192.0.2.1': {}, '192.0.2.2': {'port': '53'}, '2001:db8::1': {'port': '853'}}
for domain in domains:
- for nameserver in nameservers:
- self.cli_set(base_path + ['domain', domain, 'server', nameserver])
+ for h,p in nameservers.items():
+ if 'port' in p:
+ self.cli_set(base_path + ['domain', domain, 'name-server', h, 'port', p['port']])
+ else:
+ self.cli_set(base_path + ['domain', domain, 'name-server', h])
# Test 'recursion-desired' flag for only one domain
if domain == domains[0]:
@@ -186,7 +195,9 @@ class TestServicePowerDNS(VyOSUnitTestSHIM.TestCase):
if domain == domains[0]: key =f'\+{domain}'
else: key =f'{domain}'
tmp = get_config_value(key, file=FORWARD_FILE)
- self.assertEqual(tmp, ', '.join(nameservers))
+ canonical_entries = [(lambda h, p: f"{bracketize_ipv6(h)}:{p['port'] if 'port' in p else 53}")(h, p)
+ for (h, p) in nameservers.items()]
+ self.assertEqual(tmp, ', '.join(canonical_entries))
# Test 'negative trust anchor' flag for the second domain only
if domain == domains[1]:
diff --git a/smoketest/scripts/cli/test_service_ipoe-server.py b/smoketest/scripts/cli/test_service_ipoe-server.py
index bdab35834..8a141b8f0 100755
--- a/smoketest/scripts/cli/test_service_ipoe-server.py
+++ b/smoketest/scripts/cli/test_service_ipoe-server.py
@@ -26,6 +26,13 @@ from configparser import ConfigParser
ac_name = 'ACN'
interface = 'eth0'
+
+def getConfig(string, end='cli'):
+ command = f'cat /run/accel-pppd/ipoe.conf | sed -n "/^{string}/,/^{end}/p"'
+ out = cmd(command)
+ return out
+
+
class TestServiceIPoEServer(BasicAccelPPPTest.TestCase):
@classmethod
def setUpClass(cls):
@@ -86,6 +93,92 @@ class TestServiceIPoEServer(BasicAccelPPPTest.TestCase):
tmp = re.findall(regex, tmp)
self.assertTrue(tmp)
+ def test_accel_named_pool(self):
+ first_pool = 'VyOS-pool1'
+ first_subnet = '192.0.2.0/25'
+ first_gateway = '192.0.2.1'
+ second_pool = 'Vyos-pool2'
+ second_subnet = '203.0.113.0/25'
+ second_gateway = '203.0.113.1'
+
+ self.set(['authentication', 'mode', 'noauth'])
+ self.set(['client-ip-pool', 'name', first_pool, 'gateway-address', first_gateway])
+ self.set(['client-ip-pool', 'name', first_pool, 'subnet', first_subnet])
+ self.set(['client-ip-pool', 'name', second_pool, 'gateway-address', second_gateway])
+ self.set(['client-ip-pool', 'name', second_pool, 'subnet', second_subnet])
+ self.set(['interface', interface])
+
+ # commit changes
+ self.cli_commit()
+
+
+ # Validate configuration values
+ conf = ConfigParser(allow_no_value=True, delimiters='=', strict=False)
+ conf.read(self._config_file)
+
+ self.assertTrue(conf['ipoe']['interface'], f'{interface},shared=1,mode=L2,ifcfg=1,start=dhcpv4,ipv6=1')
+ self.assertTrue(conf['ipoe']['noauth'], '1')
+ self.assertTrue(conf['ipoe']['ip-pool'], first_pool)
+ self.assertTrue(conf['ipoe']['ip-pool'], second_pool)
+ self.assertTrue(conf['ipoe']['gw-ip-address'], f'{first_gateway}/25')
+ self.assertTrue(conf['ipoe']['gw-ip-address'], f'{second_gateway}/25')
+
+ config = getConfig('[ip-pool]')
+ pool_config = f'''{second_subnet},name={second_pool}
+{first_subnet},name={first_pool}
+gw-ip-address={second_gateway}/25
+gw-ip-address={first_gateway}/25'''
+ self.assertIn(pool_config, config)
+
+
+ def test_accel_next_pool(self):
+ first_pool = 'VyOS-pool1'
+ first_subnet = '192.0.2.0/25'
+ first_gateway = '192.0.2.1'
+ second_pool = 'Vyos-pool2'
+ second_subnet = '203.0.113.0/25'
+ second_gateway = '203.0.113.1'
+ third_pool = 'Vyos-pool3'
+ third_subnet = '198.51.100.0/24'
+ third_gateway = '198.51.100.1'
+
+ self.set(['authentication', 'mode', 'noauth'])
+ self.set(['client-ip-pool', 'name', first_pool, 'gateway-address', first_gateway])
+ self.set(['client-ip-pool', 'name', first_pool, 'subnet', first_subnet])
+ self.set(['client-ip-pool', 'name', first_pool, 'next-pool', second_pool])
+ self.set(['client-ip-pool', 'name', second_pool, 'gateway-address', second_gateway])
+ self.set(['client-ip-pool', 'name', second_pool, 'subnet', second_subnet])
+ self.set(['client-ip-pool', 'name', second_pool, 'next-pool', third_pool])
+ self.set(['client-ip-pool', 'name', third_pool, 'gateway-address', third_gateway])
+ self.set(['client-ip-pool', 'name', third_pool, 'subnet', third_subnet])
+ self.set(['interface', interface])
+
+ # commit changes
+ self.cli_commit()
+
+
+ # Validate configuration values
+ conf = ConfigParser(allow_no_value=True, delimiters='=', strict=False)
+ conf.read(self._config_file)
+
+ self.assertTrue(conf['ipoe']['interface'], f'{interface},shared=1,mode=L2,ifcfg=1,start=dhcpv4,ipv6=1')
+ self.assertTrue(conf['ipoe']['noauth'], '1')
+ self.assertTrue(conf['ipoe']['ip-pool'], first_pool)
+ self.assertTrue(conf['ipoe']['gw-ip-address'], f'{first_gateway}/25')
+ self.assertTrue(conf['ipoe']['gw-ip-address'], f'{second_gateway}/25')
+ self.assertTrue(conf['ipoe']['gw-ip-address'], f'{third_gateway}/24')
+
+ config = getConfig('[ip-pool]')
+ # T5099 required specific order
+ pool_config = f'''{third_subnet},name={third_pool}
+{second_subnet},name={second_pool},next={third_pool}
+{first_subnet},name={first_pool},next={second_pool}
+gw-ip-address={third_gateway}/24
+gw-ip-address={second_gateway}/25
+gw-ip-address={first_gateway}/25'''
+ self.assertIn(pool_config, config)
+
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/smoketest/scripts/cli/test_service_ntp.py b/smoketest/scripts/cli/test_service_ntp.py
index 3ccd19a31..046e5eea6 100755
--- a/smoketest/scripts/cli/test_service_ntp.py
+++ b/smoketest/scripts/cli/test_service_ntp.py
@@ -46,7 +46,7 @@ class TestSystemNTP(VyOSUnitTestSHIM.TestCase):
def test_01_ntp_options(self):
# Test basic NTP support with multiple servers and their options
servers = ['192.0.2.1', '192.0.2.2']
- options = ['noselect', 'prefer']
+ options = ['nts', 'noselect', 'prefer']
pools = ['pool.vyos.io']
for server in servers:
@@ -65,6 +65,7 @@ class TestSystemNTP(VyOSUnitTestSHIM.TestCase):
config = cmd(f'sudo cat {NTP_CONF}')
self.assertIn('driftfile /run/chrony/drift', config)
self.assertIn('dumpdir /run/chrony', config)
+ self.assertIn('ntsdumpdir /run/chrony', config)
self.assertIn('clientloglimit 1048576', config)
self.assertIn('rtcsync', config)
self.assertIn('makestep 1.0 3', config)
diff --git a/smoketest/scripts/cli/test_system_sflow.py b/smoketest/scripts/cli/test_system_sflow.py
index fef88b56a..1aec050a4 100755
--- a/smoketest/scripts/cli/test_system_sflow.py
+++ b/smoketest/scripts/cli/test_system_sflow.py
@@ -91,6 +91,7 @@ class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
self.assertIn(f'collector {{ ip = {server} udpport = {port} }}', hsflowd)
self.assertIn(f'collector {{ ip = {local_server} udpport = {default_port} }}', hsflowd)
self.assertIn(f'dropmon {{ limit={mon_limit} start=on sw=on hw=off }}', hsflowd)
+ self.assertIn('dbus { }', hsflowd)
for interface in Section.interfaces('ethernet'):
self.assertIn(f'pcap {{ dev={interface} }}', hsflowd)
diff --git a/smoketest/scripts/cli/test_vpn_ipsec.py b/smoketest/scripts/cli/test_vpn_ipsec.py
index 61363b853..b677f0e45 100755
--- a/smoketest/scripts/cli/test_vpn_ipsec.py
+++ b/smoketest/scripts/cli/test_vpn_ipsec.py
@@ -117,6 +117,8 @@ rgiyCHemtMepq57Pl1Nmj49eEA==
"""
class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
+ skip_process_check = False
+
@classmethod
def setUpClass(cls):
super(TestVPNIPsec, cls).setUpClass()
@@ -141,7 +143,10 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
def tearDown(self):
# Check for running process
- self.assertTrue(process_named_running(PROCESS_NAME))
+ if not self.skip_process_check:
+ self.assertTrue(process_named_running(PROCESS_NAME))
+ else:
+ self.skip_process_check = False # Reset
self.cli_delete(base_path)
self.cli_delete(tunnel_path)
@@ -151,6 +156,9 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
self.assertFalse(process_named_running(PROCESS_NAME))
def test_01_dhcp_fail_handling(self):
+ # Skip process check - connection is not created for this test
+ self.skip_process_check = True
+
# Interface for dhcp-interface
self.cli_set(ethernet_path + [interface, 'vif', vif, 'address', 'dhcp']) # Use VLAN to avoid getting IP from qemu dhcp server
diff --git a/smoketest/scripts/system/test_kernel_options.py b/smoketest/scripts/system/test_kernel_options.py
index 4d9cbacbe..94be0483a 100755
--- a/smoketest/scripts/system/test_kernel_options.py
+++ b/smoketest/scripts/system/test_kernel_options.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2020 VyOS maintainers and contributors
+# Copyright (C) 2020-2023 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -14,14 +14,19 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+import gzip
import re
+import os
import platform
import unittest
+from vyos.util import call
from vyos.util import read_file
kernel = platform.release()
config = read_file(f'/boot/config-{kernel}')
+CONFIG = '/proc/config.gz'
+
class TestKernelModules(unittest.TestCase):
""" VyOS makes use of a lot of Kernel drivers, modules and features. The
@@ -42,6 +47,22 @@ class TestKernelModules(unittest.TestCase):
tmp = re.findall(f'{option}=(y|m)', config)
self.assertTrue(tmp)
+ def test_dropmon_enabled(self):
+ options_to_check = [
+ 'CONFIG_NET_DROP_MONITOR=y',
+ 'CONFIG_UPROBE_EVENTS=y',
+ 'CONFIG_BPF_EVENTS=y',
+ 'CONFIG_TRACEPOINTS=y'
+ ]
+ if not os.path.isfile(CONFIG):
+ call('sudo modprobe configs')
+
+ with gzip.open(CONFIG, 'rt') as f:
+ config_data = f.read()
+ for option in options_to_check:
+ self.assertIn(option, config_data,
+ f"Option {option} is not present in /proc/config.gz")
+
def test_qemu_support(self):
# The bond/lacp interface must be enabled in the OS Kernel
for option in ['CONFIG_VIRTIO_BLK', 'CONFIG_SCSI_VIRTIO',
@@ -58,6 +79,7 @@ class TestKernelModules(unittest.TestCase):
tmp = re.findall(f'{option}=(y|m)', config)
self.assertTrue(tmp)
+
if __name__ == '__main__':
unittest.main(verbosity=2)