diff options
| author | Daniil Baturin <daniil@vyos.io> | 2024-05-29 10:19:45 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-29 10:19:45 +0200 |
| commit | db4c7f15b16b1d9730066d4ca42d7a500284443f (patch) | |
| tree | dcb18b3b5f84e9e89bd72febe3c15c35282edd7c /smoketest | |
| parent | df6ae88f6e366c015dfe55deb8e88ee67e0d5af5 (diff) | |
| parent | 55e02bef4f3aeff5e33cddc79f22b93fc671e491 (diff) | |
| download | vyos-1x-db4c7f15b16b1d9730066d4ca42d7a500284443f.tar.gz vyos-1x-db4c7f15b16b1d9730066d4ca42d7a500284443f.zip | |
Merge pull request #3534 from sever-sever/T6411
T6411: CGNAT fix sequences for external address ranges
Diffstat (limited to 'smoketest')
| -rwxr-xr-x | smoketest/scripts/cli/test_cgnat.py | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/smoketest/scripts/cli/test_cgnat.py b/smoketest/scripts/cli/test_cgnat.py index c65c58820..02dad3de5 100755 --- a/smoketest/scripts/cli/test_cgnat.py +++ b/smoketest/scripts/cli/test_cgnat.py @@ -95,5 +95,44 @@ class TestCGNAT(VyOSUnitTestSHIM.TestCase): self.verify_nftables(nftables_search, 'ip cgnat', inverse=False, args='-s') + def test_cgnat_sequence(self): + internal_name = 'earth' + external_name = 'milky_way' + internal_net = '100.64.0.0/28' + + ext_addr_alpha_proxima = '192.0.2.121/32' + ext_addr_beta_cygni = '198.51.100.23/32' + ext_addr_gamma_leonis = '203.0.113.102/32' + + ext_seq_beta_cygni = '3' + ext_seq_gamma_leonis = '10' + + external_ports = '1024-65535' + ports_per_subscriber = '10000' + rule = '100' + + nftables_search = [ + ['100.64.0.0 : 198.51.100.23 . 1024-11023, 100.64.0.1 : 198.51.100.23 . 11024-21023'], + ['100.64.0.4 : 198.51.100.23 . 41024-51023, 100.64.0.5 : 198.51.100.23 . 51024-61023'], + ['100.64.0.6 : 203.0.113.102 . 1024-11023, 100.64.0.7 : 203.0.113.102 . 11024-21023'], + ['100.64.0.8 : 203.0.113.102 . 21024-31023, 100.64.0.9 : 203.0.113.102 . 31024-41023'], + ['100.64.0.10 : 203.0.113.102 . 41024-51023, 100.64.0.11 : 203.0.113.102 . 51024-61023'], + ['100.64.0.12 : 192.0.2.121 . 1024-11023, 100.64.0.13 : 192.0.2.121 . 11024-21023'], + ['100.64.0.14 : 192.0.2.121 . 21024-31023, 100.64.0.15 : 192.0.2.121 . 31024-41023'], + ] + + self.cli_set(base_path + ['pool', 'external', external_name, 'external-port-range', external_ports]) + self.cli_set(base_path + ['pool', 'external', external_name, 'per-user-limit', 'port', ports_per_subscriber]) + self.cli_set(base_path + ['pool', 'external', external_name, 'range', ext_addr_alpha_proxima]) + self.cli_set(base_path + ['pool', 'external', external_name, 'range', ext_addr_beta_cygni, 'seq', ext_seq_beta_cygni]) + self.cli_set(base_path + ['pool', 'external', external_name, 'range', ext_addr_gamma_leonis, 'seq', ext_seq_gamma_leonis]) + self.cli_set(base_path + ['pool', 'internal', internal_name, 'range', internal_net]) + self.cli_set(base_path + ['rule', rule, 'source', 'pool', internal_name]) + self.cli_set(base_path + ['rule', rule, 'translation', 'pool', external_name]) + self.cli_commit() + + self.verify_nftables(nftables_search, 'ip cgnat', inverse=False, args='-s') + + if __name__ == '__main__': unittest.main(verbosity=2) |