Merge pull request #3804 from HollyGurza/T6362

T6362: Create conntrack logger daemon
author: Daniil Baturin <daniil@vyos.io> 2024-07-29 17:11:24 +0100
committer: GitHub <noreply@github.com> 2024-07-29 17:11:24 +0100
commit: 7724a5f58b515fbc094b4f211d455c1bd5071a74 (patch)
tree: 17622524743d35934037fd665ecb4aeb62ad33ae /smoketest
parent: 9149c657dfdb4d8297aba3ef1ed1346e670b071b (diff)
parent: c509d0e6caae55106a2fbde3059652a493ed3903 (diff)
download: vyos-1x-7724a5f58b515fbc094b4f211d455c1bd5071a74.tar.gz
vyos-1x-7724a5f58b515fbc094b4f211d455c1bd5071a74.zip
1 files changed, 34 insertions, 1 deletions
diff --git a/smoketest/scripts/cli/test_system_conntrack.py b/smoketest/scripts/cli/test_system_conntrack.py
index 3ae7b6217..c07fdce77 100755
--- a/smoketest/scripts/cli/test_system_conntrack.py
+++ b/smoketest/scripts/cli/test_system_conntrack.py
@@ -20,7 +20,7 @@ import unittest
 from base_vyostest_shim import VyOSUnitTestSHIM
 
 from vyos.firewall import find_nftables_rule
-from vyos.utils.file import read_file
+from vyos.utils.file import read_file, read_json
 
 base_path = ['system', 'conntrack']
 
@@ -28,6 +28,9 @@ def get_sysctl(parameter):
     tmp = parameter.replace(r'.', r'/')
     return read_file(f'/proc/sys/{tmp}')
 
+def get_logger_config():
+    return read_json('/run/vyos-conntrack-logger.conf')
+
 class TestSystemConntrack(VyOSUnitTestSHIM.TestCase):
     @classmethod
     def setUpClass(cls):
@@ -280,5 +283,35 @@ class TestSystemConntrack(VyOSUnitTestSHIM.TestCase):
         self.verify_nftables(nftables6_search, 'ip6 vyos_conntrack')
 
         self.cli_delete(['firewall'])
+
+    def test_conntrack_log(self):
+        expected_config = {
+            'event': {
+                'destroy': {},
+                'new': {},
+                'update': {},
+            },
+            'queue_size': '10000'
+        }
+        self.cli_set(base_path + ['log', 'event', 'destroy'])
+        self.cli_set(base_path + ['log', 'event', 'new'])
+        self.cli_set(base_path + ['log', 'event', 'update'])
+        self.cli_set(base_path + ['log', 'queue-size', '10000'])
+        self.cli_commit()
+        self.assertEqual(expected_config, get_logger_config())
+        self.assertEqual('0', get_sysctl('net.netfilter.nf_conntrack_timestamp'))
+
+        for event in ['destroy', 'new', 'update']:
+            for proto in ['icmp', 'other', 'tcp', 'udp']:
+                self.cli_set(base_path + ['log', 'event', event, proto])
+                expected_config['event'][event][proto] = {}
+        self.cli_set(base_path + ['log', 'timestamp'])
+        expected_config['timestamp'] = {}
+        self.cli_commit()
+
+        self.assertEqual(expected_config, get_logger_config())
+        self.assertEqual('1', get_sysctl('net.netfilter.nf_conntrack_timestamp'))
+
+
 if __name__ == '__main__':
     unittest.main(verbosity=2)
author	Daniil Baturin <daniil@vyos.io>	2024-07-29 17:11:24 +0100
committer	GitHub <noreply@github.com>	2024-07-29 17:11:24 +0100
commit	7724a5f58b515fbc094b4f211d455c1bd5071a74 (patch)
tree	17622524743d35934037fd665ecb4aeb62ad33ae /smoketest
parent	9149c657dfdb4d8297aba3ef1ed1346e670b071b (diff)
parent	c509d0e6caae55106a2fbde3059652a493ed3903 (diff)
download	vyos-1x-7724a5f58b515fbc094b4f211d455c1bd5071a74.tar.gz vyos-1x-7724a5f58b515fbc094b4f211d455c1bd5071a74.zip