From abe6f677ec620c98af7b612569d0d431e05a0bf7 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Wed, 24 Jun 2020 18:56:36 +0200
Subject: wireguard: extend tests with multiple allowed-ips

---
 scripts/cli/test_interfaces_wireguard.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'scripts/cli')

diff --git a/scripts/cli/test_interfaces_wireguard.py b/scripts/cli/test_interfaces_wireguard.py
index 159be02f1..0c32a4696 100755
--- a/scripts/cli/test_interfaces_wireguard.py
+++ b/scripts/cli/test_interfaces_wireguard.py
@@ -22,7 +22,7 @@ from base_interfaces_test import BasicInterfaceTest
 
 # Generate WireGuard default keypair
 if not os.path.isdir('/config/auth/wireguard/default'):
-    os.system('/usr/libexec/vyos/op_mode/wireguard.py --genkey')
+    os.system('sudo /usr/libexec/vyos/op_mode/wireguard.py --genkey')
 
 base_path = ['interfaces', 'wireguard']
 
@@ -54,7 +54,7 @@ class WireGuardInterfaceTest(unittest.TestCase):
             self.session.set(base_path + [intf, 'peer', peer, 'port', '1337'])
 
             # Allow different prefixes to traverse the tunnel
-            allowed_ips = ['0.0.0.0/0']
+            allowed_ips = ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']
             for ip in allowed_ips:
                 self.session.set(base_path + [intf, 'peer', peer, 'allowed-ips', ip])
 
@@ -62,5 +62,7 @@ class WireGuardInterfaceTest(unittest.TestCase):
             self.session.set(base_path + [intf, 'peer', peer, 'pubkey', pubkey])
             self.session.commit()
 
+            self.assertTrue(os.path.isdir(f'/sys/class/net/{intf}'))
+
 if __name__ == '__main__':
     unittest.main()
-- 
cgit v1.2.3