From 7ae9d8953ddc9ba38d62400187ce1ec44abb5a6e Mon Sep 17 00:00:00 2001 From: Nicolas Fort Date: Mon, 31 Jul 2023 13:09:31 +0000 Subject: T5014: fix conflicts. Add code for redirection, which is causing conflicts. Change code for new syntax --- smoketest/scripts/cli/test_nat.py | 39 ++++++++++++++++++++++++++++++--------- 1 file changed, 30 insertions(+), 9 deletions(-) (limited to 'smoketest/scripts') diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py index 673be9905..f0c4fef2e 100755 --- a/smoketest/scripts/cli/test_nat.py +++ b/smoketest/scripts/cli/test_nat.py @@ -231,6 +231,27 @@ class TestNAT(VyOSUnitTestSHIM.TestCase): self.verify_nftables(nftables_search, 'ip vyos_static_nat') + def test_dnat_redirect(self): + dst_addr_1 = '10.0.1.1' + dest_port = '5122' + protocol = 'tcp' + redirected_port = '22' + ifname = 'eth0' + + self.cli_set(dst_path + ['rule', '10', 'destination', 'address', dst_addr_1]) + self.cli_set(dst_path + ['rule', '10', 'destination', 'port', dest_port]) + self.cli_set(dst_path + ['rule', '10', 'protocol', protocol]) + self.cli_set(dst_path + ['rule', '10', 'inbound-interface', ifname]) + self.cli_set(dst_path + ['rule', '10', 'translation', 'redirect', 'port', redirected_port]) + + self.cli_commit() + + nftables_search = [ + [f'iifname "{ifname}"', f'ip daddr {dst_addr_1}', f'{protocol} dport {dest_port}', f'redirect to :{redirected_port}'] + ] + + self.verify_nftables(nftables_search, 'ip vyos_nat') + def test_nat_balance(self): ifname = 'eth0' member_1 = '198.51.100.1' @@ -246,17 +267,17 @@ class TestNAT(VyOSUnitTestSHIM.TestCase): self.cli_set(dst_path + ['rule', '1', 'inbound-interface', ifname]) self.cli_set(dst_path + ['rule', '1', 'protocol', 'tcp']) self.cli_set(dst_path + ['rule', '1', 'destination', 'port', dst_port]) - self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'source-address']) - self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'source-port']) - self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'destination-address']) - self.cli_set(dst_path + ['rule', '1', 'balance', 'hash', 'destination-port']) - self.cli_set(dst_path + ['rule', '1', 'balance', 'member', member_1, 'weight', weight_1]) - self.cli_set(dst_path + ['rule', '1', 'balance', 'member', member_2, 'weight', weight_2]) + self.cli_set(dst_path + ['rule', '1', 'load-balance', 'hash', 'source-address']) + self.cli_set(dst_path + ['rule', '1', 'load-balance', 'hash', 'source-port']) + self.cli_set(dst_path + ['rule', '1', 'load-balance', 'hash', 'destination-address']) + self.cli_set(dst_path + ['rule', '1', 'load-balance', 'hash', 'destination-port']) + self.cli_set(dst_path + ['rule', '1', 'load-balance', 'backend', member_1, 'weight', weight_1]) + self.cli_set(dst_path + ['rule', '1', 'load-balance', 'backend', member_2, 'weight', weight_2]) self.cli_set(src_path + ['rule', '1', 'outbound-interface', ifname]) - self.cli_set(src_path + ['rule', '1', 'balance', 'hash', 'random']) - self.cli_set(src_path + ['rule', '1', 'balance', 'member', member_3, 'weight', weight_3]) - self.cli_set(src_path + ['rule', '1', 'balance', 'member', member_4, 'weight', weight_4]) + self.cli_set(src_path + ['rule', '1', 'load-balance', 'hash', 'random']) + self.cli_set(src_path + ['rule', '1', 'load-balance', 'backend', member_3, 'weight', weight_3]) + self.cli_set(src_path + ['rule', '1', 'load-balance', 'backend', member_4, 'weight', weight_4]) self.cli_commit() -- cgit v1.2.3