From 93aaf8615a0535dfe8cbd3b68dd82a1051a31411 Mon Sep 17 00:00:00 2001 From: YVarshitha <63169351+YVarshitha@users.noreply.github.com> Date: Fri, 27 Aug 2021 11:00:33 -0400 Subject: IPV6 ICMP type name in vyos.vyos.vyos_firewall_rules is not idempotent (#187) IPV6 ICMP type name in vyos.vyos.vyos_firewall_rules is not idempotent SUMMARY fix issue: #170 ISSUE TYPE Bugfix Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: GomathiselviS Reviewed-by: None --- .../vyos/fixtures/vyos_firewall_rules_config.cfg | 2 ++ .../network/vyos/test_vyos_firewall_rules.py | 32 ++++++++++++++++++++++ 2 files changed, 34 insertions(+) (limited to 'tests/unit') diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg index f65b386..8726301 100644 --- a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg +++ b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg @@ -11,3 +11,5 @@ set firewall name V4-INGRESS rule 101 action 'accept' set firewall name V4-INGRESS rule 101 ipsec 'match-ipsec' set firewall name V4-EGRESS default-action 'reject' set firewall ipv6-name V6-EGRESS default-action 'reject' +set firewall ipv6-name V6-EGRESS rule 20 +set firewall ipv6-name V6-EGRESS rule 20 icmpv6 type 'echo-request' \ No newline at end of file diff --git a/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py b/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py index 682b2da..520446e 100644 --- a/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py +++ b/tests/unit/modules/network/vyos/test_vyos_firewall_rules.py @@ -416,6 +416,7 @@ class TestVyosFirewallRulesModule(TestVyosModule): ipsec="match-ipsec", protocol="icmp", disabled=True, + icmp=dict(type_name="echo-request"), ) ], ), @@ -435,6 +436,7 @@ class TestVyosFirewallRulesModule(TestVyosModule): "set firewall ipv6-name INBOUND rule 101 disabled", "set firewall ipv6-name INBOUND rule 101 action 'accept'", "set firewall ipv6-name INBOUND rule 101 ipsec 'match-ipsec'", + "set firewall ipv6-name INBOUND rule 101 icmpv6 type echo-request", ] self.execute_module(changed=True, commands=commands) @@ -771,6 +773,12 @@ class TestVyosFirewallRulesModule(TestVyosModule): name="V6-EGRESS", default_action="reject", description="This rule-set is configured by Ansible RM", + rules=[ + dict( + icmp=dict(type_name="echo-request"), + number=20, + ) + ], ), ], ), @@ -831,6 +839,12 @@ class TestVyosFirewallRulesModule(TestVyosModule): dict( name="V6-EGRESS", default_action="reject", + rules=[ + dict( + icmp=dict(type_name="echo-request"), + number=20, + ) + ], ), ], ), @@ -884,6 +898,12 @@ class TestVyosFirewallRulesModule(TestVyosModule): dict( name="V6-EGRESS", default_action="reject", + rules=[ + dict( + icmp=dict(type_name="echo-request"), + number=20, + ) + ], ), ], ), @@ -933,6 +953,12 @@ class TestVyosFirewallRulesModule(TestVyosModule): dict( name="V6-EGRESS", default_action="reject", + rules=[ + dict( + icmp=dict(type_name="echo-request"), + number=20, + ) + ], ), ], ), @@ -1070,6 +1096,12 @@ class TestVyosFirewallRulesModule(TestVyosModule): dict( name="V6-EGRESS", default_action="reject", + rules=[ + dict( + icmp=dict(type_name="echo-request"), + number=20, + ) + ], ), ], ), -- cgit v1.2.3