diff options
| author | Christian Breunig <christian@breunig.cc> | 2025-01-08 06:05:50 +0100 |
|---|---|---|
| committer | Christian Breunig <christian@breunig.cc> | 2025-01-08 06:05:50 +0100 |
| commit | 3a57c0393952db3d4ccb538093de262ad9a56a27 (patch) | |
| tree | 8f245f46041bdd248489c8714e57c3a0fffbd12a | |
| parent | fe50656a6f1509976d04e8a750083d54bad28ecc (diff) | |
| download | vyos-1x-3a57c0393952db3d4ccb538093de262ad9a56a27.tar.gz vyos-1x-3a57c0393952db3d4ccb538093de262ad9a56a27.zip | |
smoketest: T6841: fix config tests which validate migration scripts
This complements commit dda428fc4 ("T6841: firewall: migrate existing VRF in
zone based firewall") which provides the new configuration files after CLI
was migrated.
| -rw-r--r-- | smoketest/config-tests/bgp-big-as-cloud | 56 | ||||
| -rw-r--r-- | smoketest/config-tests/dialup-router-complex | 22 | ||||
| -rw-r--r-- | smoketest/config-tests/dialup-router-wireguard-ipv6 | 16 |
3 files changed, 47 insertions, 47 deletions
diff --git a/smoketest/config-tests/bgp-big-as-cloud b/smoketest/config-tests/bgp-big-as-cloud index 8de0cdb02..03efef868 100644 --- a/smoketest/config-tests/bgp-big-as-cloud +++ b/smoketest/config-tests/bgp-big-as-cloud @@ -198,44 +198,44 @@ set firewall zone management from peers firewall ipv6-name 'peers-to-management- set firewall zone management from peers firewall name 'peers-to-management-4' set firewall zone management from servers firewall ipv6-name 'servers-to-management-6' set firewall zone management from servers firewall name 'servers-to-management-4' -set firewall zone management interface 'eth0' +set firewall zone management member interface 'eth0' set firewall zone peers default-action 'reject' set firewall zone peers from management firewall ipv6-name 'management-to-peers-6' set firewall zone peers from management firewall name 'management-to-peers-4' set firewall zone peers from servers firewall ipv6-name 'servers-to-peers-6' set firewall zone peers from servers firewall name 'servers-to-peers-4' -set firewall zone peers interface 'eth0.4088' -set firewall zone peers interface 'eth0.4089' -set firewall zone peers interface 'eth0.11' -set firewall zone peers interface 'eth0.838' -set firewall zone peers interface 'eth0.886' +set firewall zone peers member interface 'eth0.4088' +set firewall zone peers member interface 'eth0.4089' +set firewall zone peers member interface 'eth0.11' +set firewall zone peers member interface 'eth0.838' +set firewall zone peers member interface 'eth0.886' set firewall zone servers default-action 'reject' set firewall zone servers from management firewall ipv6-name 'management-to-servers-6' set firewall zone servers from management firewall name 'management-to-servers-4' set firewall zone servers from peers firewall ipv6-name 'peers-to-servers-6' set firewall zone servers from peers firewall name 'peers-to-servers-4' -set firewall zone servers interface 'eth0.1001' -set firewall zone servers interface 'eth0.105' -set firewall zone servers interface 'eth0.102' -set firewall zone servers interface 'eth0.1019' -set firewall zone servers interface 'eth0.1014' -set firewall zone servers interface 'eth0.1020' -set firewall zone servers interface 'eth0.1018' -set firewall zone servers interface 'eth0.1013' -set firewall zone servers interface 'eth0.1012' -set firewall zone servers interface 'eth0.1011' -set firewall zone servers interface 'eth0.1010' -set firewall zone servers interface 'eth0.1009' -set firewall zone servers interface 'eth0.1006' -set firewall zone servers interface 'eth0.1005' -set firewall zone servers interface 'eth0.1017' -set firewall zone servers interface 'eth0.1016' -set firewall zone servers interface 'eth0.1002' -set firewall zone servers interface 'eth0.1015' -set firewall zone servers interface 'eth0.1003' -set firewall zone servers interface 'eth0.1004' -set firewall zone servers interface 'eth0.1007' -set firewall zone servers interface 'eth0.1008' +set firewall zone servers member interface 'eth0.1001' +set firewall zone servers member interface 'eth0.105' +set firewall zone servers member interface 'eth0.102' +set firewall zone servers member interface 'eth0.1019' +set firewall zone servers member interface 'eth0.1014' +set firewall zone servers member interface 'eth0.1020' +set firewall zone servers member interface 'eth0.1018' +set firewall zone servers member interface 'eth0.1013' +set firewall zone servers member interface 'eth0.1012' +set firewall zone servers member interface 'eth0.1011' +set firewall zone servers member interface 'eth0.1010' +set firewall zone servers member interface 'eth0.1009' +set firewall zone servers member interface 'eth0.1006' +set firewall zone servers member interface 'eth0.1005' +set firewall zone servers member interface 'eth0.1017' +set firewall zone servers member interface 'eth0.1016' +set firewall zone servers member interface 'eth0.1002' +set firewall zone servers member interface 'eth0.1015' +set firewall zone servers member interface 'eth0.1003' +set firewall zone servers member interface 'eth0.1004' +set firewall zone servers member interface 'eth0.1007' +set firewall zone servers member interface 'eth0.1008' set high-availability vrrp group 11-4 address 192.0.68.1/27 set high-availability vrrp group 11-4 interface 'eth0.11' set high-availability vrrp group 11-4 priority '200' diff --git a/smoketest/config-tests/dialup-router-complex b/smoketest/config-tests/dialup-router-complex index 4416ef82e..c693cc382 100644 --- a/smoketest/config-tests/dialup-router-complex +++ b/smoketest/config-tests/dialup-router-complex @@ -508,7 +508,7 @@ set firewall zone DMZ from GUEST firewall name 'GUEST-DMZ' set firewall zone DMZ from LAN firewall name 'LAN-DMZ' set firewall zone DMZ from LOCAL firewall name 'LOCAL-DMZ' set firewall zone DMZ from WAN firewall name 'WAN-DMZ' -set firewall zone DMZ interface 'eth0.50' +set firewall zone DMZ member interface 'eth0.50' set firewall zone GUEST default-action 'drop' set firewall zone GUEST from DMZ firewall name 'DMZ-GUEST' set firewall zone GUEST from IOT firewall name 'IOT-GUEST' @@ -517,13 +517,13 @@ set firewall zone GUEST from LOCAL firewall ipv6-name 'ALLOW-ALL-6' set firewall zone GUEST from LOCAL firewall name 'LOCAL-GUEST' set firewall zone GUEST from WAN firewall ipv6-name 'ALLOW-ESTABLISHED-6' set firewall zone GUEST from WAN firewall name 'WAN-GUEST' -set firewall zone GUEST interface 'eth0.20' +set firewall zone GUEST member interface 'eth0.20' set firewall zone IOT default-action 'drop' set firewall zone IOT from GUEST firewall name 'GUEST-IOT' set firewall zone IOT from LAN firewall name 'LAN-IOT' set firewall zone IOT from LOCAL firewall name 'LOCAL-IOT' set firewall zone IOT from WAN firewall name 'WAN-IOT' -set firewall zone IOT interface 'eth0.35' +set firewall zone IOT member interface 'eth0.35' set firewall zone LAN default-action 'drop' set firewall zone LAN from DMZ firewall name 'DMZ-LAN' set firewall zone LAN from GUEST firewall name 'GUEST-LAN' @@ -532,13 +532,13 @@ set firewall zone LAN from LOCAL firewall ipv6-name 'ALLOW-ALL-6' set firewall zone LAN from LOCAL firewall name 'LOCAL-LAN' set firewall zone LAN from WAN firewall ipv6-name 'ALLOW-ESTABLISHED-6' set firewall zone LAN from WAN firewall name 'WAN-LAN' -set firewall zone LAN interface 'eth0.5' -set firewall zone LAN interface 'eth0.10' -set firewall zone LAN interface 'eth0.100' -set firewall zone LAN interface 'eth0.201' -set firewall zone LAN interface 'eth0.202' -set firewall zone LAN interface 'eth0.203' -set firewall zone LAN interface 'eth0.204' +set firewall zone LAN member interface 'eth0.5' +set firewall zone LAN member interface 'eth0.10' +set firewall zone LAN member interface 'eth0.100' +set firewall zone LAN member interface 'eth0.201' +set firewall zone LAN member interface 'eth0.202' +set firewall zone LAN member interface 'eth0.203' +set firewall zone LAN member interface 'eth0.204' set firewall zone LOCAL default-action 'drop' set firewall zone LOCAL from DMZ firewall name 'DMZ-LOCAL' set firewall zone LOCAL from GUEST firewall ipv6-name 'ALLOW-ESTABLISHED-6' @@ -558,7 +558,7 @@ set firewall zone WAN from LAN firewall ipv6-name 'ALLOW-ALL-6' set firewall zone WAN from LAN firewall name 'LAN-WAN' set firewall zone WAN from LOCAL firewall ipv6-name 'ALLOW-ALL-6' set firewall zone WAN from LOCAL firewall name 'LOCAL-WAN' -set firewall zone WAN interface 'pppoe0' +set firewall zone WAN member interface 'pppoe0' set interfaces dummy dum0 address '172.16.254.30/32' set interfaces ethernet eth0 duplex 'auto' set interfaces ethernet eth0 speed 'auto' diff --git a/smoketest/config-tests/dialup-router-wireguard-ipv6 b/smoketest/config-tests/dialup-router-wireguard-ipv6 index c2cf2e9d8..3e298fb82 100644 --- a/smoketest/config-tests/dialup-router-wireguard-ipv6 +++ b/smoketest/config-tests/dialup-router-wireguard-ipv6 @@ -391,7 +391,7 @@ set firewall zone DMZ from GUEST firewall name 'GUEST-DMZ' set firewall zone DMZ from LAN firewall name 'LAN-DMZ' set firewall zone DMZ from LOCAL firewall name 'LOCAL-DMZ' set firewall zone DMZ from WAN firewall name 'WAN-DMZ' -set firewall zone DMZ interface 'eth0.50' +set firewall zone DMZ member interface 'eth0.50' set firewall zone GUEST default-action 'drop' set firewall zone GUEST from DMZ firewall name 'DMZ-GUEST' set firewall zone GUEST from LAN firewall name 'LAN-GUEST' @@ -399,7 +399,7 @@ set firewall zone GUEST from LOCAL firewall ipv6-name 'ALLOW-ALL-6' set firewall zone GUEST from LOCAL firewall name 'LOCAL-GUEST' set firewall zone GUEST from WAN firewall ipv6-name 'ALLOW-ESTABLISHED-6' set firewall zone GUEST from WAN firewall name 'WAN-GUEST' -set firewall zone GUEST interface 'eth1.20' +set firewall zone GUEST member interface 'eth1.20' set firewall zone LAN default-action 'drop' set firewall zone LAN from DMZ firewall name 'DMZ-LAN' set firewall zone LAN from GUEST firewall name 'GUEST-LAN' @@ -407,10 +407,10 @@ set firewall zone LAN from LOCAL firewall ipv6-name 'ALLOW-ALL-6' set firewall zone LAN from LOCAL firewall name 'LOCAL-LAN' set firewall zone LAN from WAN firewall ipv6-name 'ALLOW-ESTABLISHED-6' set firewall zone LAN from WAN firewall name 'WAN-LAN' -set firewall zone LAN interface 'eth0.5' -set firewall zone LAN interface 'eth0.10' -set firewall zone LAN interface 'wg100' -set firewall zone LAN interface 'wg200' +set firewall zone LAN member interface 'eth0.5' +set firewall zone LAN member interface 'eth0.10' +set firewall zone LAN member interface 'wg100' +set firewall zone LAN member interface 'wg200' set firewall zone LOCAL default-action 'drop' set firewall zone LOCAL from DMZ firewall name 'DMZ-LOCAL' set firewall zone LOCAL from GUEST firewall ipv6-name 'ALLOW-ESTABLISHED-6' @@ -428,8 +428,8 @@ set firewall zone WAN from LAN firewall ipv6-name 'ALLOW-ALL-6' set firewall zone WAN from LAN firewall name 'LAN-WAN' set firewall zone WAN from LOCAL firewall ipv6-name 'ALLOW-ALL-6' set firewall zone WAN from LOCAL firewall name 'LOCAL-WAN' -set firewall zone WAN interface 'pppoe0' -set firewall zone WAN interface 'wg666' +set firewall zone WAN member interface 'pppoe0' +set firewall zone WAN member interface 'wg666' set interfaces dummy dum0 address '172.16.254.30/32' set interfaces ethernet eth0 duplex 'auto' set interfaces ethernet eth0 offload gro |