summaryrefslogtreecommitdiff
path: root/tests/integration/targets/vyos_firewall_rules/vars/pre-v1_4.yaml
diff options
context:
space:
mode:
authoromnom62 <75066712+omnom62@users.noreply.github.com>2025-01-25 21:38:00 +1000
committerGitHub <noreply@github.com>2025-01-25 06:38:00 -0500
commitd0c73e6bdd3ca3ff9d87c8339b2c5611b694d6dc (patch)
tree3b4f957ae38250dd4062e35ae44d7bb7bf66d635 /tests/integration/targets/vyos_firewall_rules/vars/pre-v1_4.yaml
parentaf5b93277699b2dc3732f08573ef127b784cb2ce (diff)
downloadvyos.vyos-d0c73e6bdd3ca3ff9d87c8339b2c5611b694d6dc.tar.gz
vyos.vyos-d0c73e6bdd3ca3ff9d87c8339b2c5611b694d6dc.zip
T6817 & T6825 & T7004 updates - fw_rules override and replaced fixes (#368)
* T6817 updates * updates / additions to unit tests and code for fw_rules (t6817) * code and use cases for override fw_rules * ovr idem unit test for fw rules v14 in WIP * Fixed replace add_rule func to remove unmatching confug - t6825 * first cut of unit tests for t6825 and t6817 - dfaft * Fixed replaced unit tests and code for inbound/outbound interface attributes * use network_cli's remove_empties * fixed disabled=True and a few unit tests in v1.3 * add_log func for firewall_rules updated * firewall_rules log attribute processing for v1.4 and idemp * + In overriden : - Added func to compare r_sets - Added code to isolate r_set changes to only targeted - Fixed parsers for packet_length_exclude - started to troubleshoot filter processing * completed fixes and unit tests for firewall_rules as in T6817 and T6825 * T7004 integration tests init fix * 'state' attrib processing fix * deleted and merged integration tests fixed for 1.3- and 1.4+ * fixed deleted, parsed, replaced integration tests for 1.3- and 1.4+ * fixed _remove_config, merged integration tests * added comments to unit tests * more v1.3- unit tests moved to 1.4+ unit test suite * 1.3/1.4 unit test suite synced * overridden integration test fixed * fixed replaced idempotency * moved data to vars (integration tests) * updated parsed (integration tests) * D.R.Y. for integration tests for firewall_rules plugin * vanilla data set for integration tests to support 1.5
Diffstat (limited to 'tests/integration/targets/vyos_firewall_rules/vars/pre-v1_4.yaml')
-rw-r--r--tests/integration/targets/vyos_firewall_rules/vars/pre-v1_4.yaml130
1 files changed, 130 insertions, 0 deletions
diff --git a/tests/integration/targets/vyos_firewall_rules/vars/pre-v1_4.yaml b/tests/integration/targets/vyos_firewall_rules/vars/pre-v1_4.yaml
new file mode 100644
index 0000000..c7d7398
--- /dev/null
+++ b/tests/integration/targets/vyos_firewall_rules/vars/pre-v1_4.yaml
@@ -0,0 +1,130 @@
+---
+merged_commands:
+ - set firewall ipv6-name UPLINK default-action 'accept'
+ - set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set'
+ - set firewall ipv6-name UPLINK rule 1 action 'accept'
+ - set firewall ipv6-name UPLINK rule 1
+ - set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible'
+ - set firewall ipv6-name UPLINK rule 1 protocol 'tcp'
+ - set firewall ipv6-name UPLINK rule 2 action 'accept'
+ - set firewall ipv6-name UPLINK rule 2
+ - set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible'
+ - set firewall ipv6-name UPLINK rule 2 protocol 'tcp'
+ - set firewall name INBOUND default-action 'accept'
+ - set firewall name INBOUND description 'IPv4 INBOUND rule set'
+ - set firewall name INBOUND rule 101 action 'accept'
+ - set firewall name INBOUND rule 101 disable
+ - set firewall name INBOUND rule 101
+ - set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible'
+ - set firewall name INBOUND rule 101 protocol 'tcp'
+ - set firewall name INBOUND rule 102 action 'reject'
+ - set firewall name INBOUND rule 102 disable
+ - set firewall name INBOUND rule 102
+ - set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible'
+ - set firewall name INBOUND rule 102 protocol 'tcp'
+ - set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible'
+ - set firewall name INBOUND rule 103 destination group address-group inbound
+ - set firewall name INBOUND rule 103
+ - set firewall name INBOUND rule 103 source address 192.0.2.0
+ - set firewall name INBOUND rule 103 state established enable
+ - set firewall name INBOUND rule 103 state related enable
+ - set firewall name INBOUND rule 103 state invalid disable
+ - set firewall name INBOUND rule 103 state new disable
+ - set firewall name INBOUND rule 103 action 'accept'
+
+populate_config:
+ - set firewall group address-group 'inbound'
+ - set firewall ipv6-name UPLINK default-action 'accept'
+ - set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set'
+ - set firewall ipv6-name UPLINK rule 1 action 'accept'
+ - set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible'
+ - set firewall ipv6-name UPLINK rule 1 protocol 'tcp'
+ - set firewall ipv6-name UPLINK rule 2 action 'accept'
+ - set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible'
+ - set firewall ipv6-name UPLINK rule 2 protocol 'tcp'
+ - set firewall name INBOUND default-action 'accept'
+ - set firewall name INBOUND description 'IPv4 INBOUND rule set'
+ - set firewall name INBOUND rule 101 action 'accept'
+ - set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible'
+ - set firewall name INBOUND rule 101 protocol 'tcp'
+ - set firewall name INBOUND rule 102 action 'reject'
+ - set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible'
+ - set firewall name INBOUND rule 102 protocol 'tcp'
+ - set firewall name INBOUND rule 103 action 'accept'
+ - set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible'
+ - set firewall name INBOUND rule 103 destination group address-group 'inbound'
+ - set firewall name INBOUND rule 103 source address '192.0.2.0'
+ - set firewall name INBOUND rule 103 state established 'enable'
+ - set firewall name INBOUND rule 103 state invalid 'disable'
+ - set firewall name INBOUND rule 103 state new 'disable'
+ - set firewall name INBOUND rule 103 state related 'enable'
+
+remove_config:
+ - delete firewall name
+ - delete firewall ipv6-name
+
+parsed_config_file: "_parsed_config_1_3.cfg"
+
+replaced_commands:
+ - delete firewall ipv6-name UPLINK rule 1
+ - delete firewall ipv6-name UPLINK rule 2
+ - delete firewall name INBOUND rule 102
+ - delete firewall name INBOUND rule 103
+ - set firewall name INBOUND rule 104 action 'reject'
+ - set firewall name INBOUND rule 104 description 'Rule 104 is configured by Ansible'
+ - set firewall name INBOUND rule 104
+ - set firewall name INBOUND rule 104 protocol 'udp'
+
+overridden_commands:
+ - delete firewall ipv6-name UPLINK
+ - delete firewall name INBOUND
+ - set firewall name Downlink default-action 'accept'
+ - set firewall name Downlink description 'IPv4 INBOUND rule set'
+ - set firewall name Downlink rule 501 action 'accept'
+ - set firewall name Downlink rule 501
+ - set firewall name Downlink rule 501 description 'Rule 501 is configured by Ansible'
+ - set firewall name Downlink rule 501 protocol 'tcp'
+ - set firewall name Downlink rule 502 action 'reject'
+ - set firewall name Downlink rule 502
+ - set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible'
+ - set firewall name Downlink rule 502 protocol 'tcp'
+
+rendered:
+ commands:
+ - set firewall ipv6-name UPLINK default-action 'accept'
+ - set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set'
+ - set firewall name INBOUND default-action 'accept'
+ - set firewall name INBOUND description 'IPv4 INBOUND rule set'
+ - set firewall name INBOUND rule 101 action 'accept'
+ - set firewall name INBOUND rule 101
+ - set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible'
+ - set firewall name INBOUND rule 101 protocol 'tcp'
+ - set firewall name INBOUND rule 102 action 'reject'
+ - set firewall name INBOUND rule 102
+ - set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible'
+ - set firewall name INBOUND rule 102 protocol 'tcp'
+ - set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible'
+ - set firewall name INBOUND rule 103 destination group address-group inbound
+ - set firewall name INBOUND rule 103
+ - set firewall name INBOUND rule 103 source address 192.0.2.0
+ - set firewall name INBOUND rule 103 state established enable
+ - set firewall name INBOUND rule 103 state related enable
+ - set firewall name INBOUND rule 103 state invalid disable
+ - set firewall name INBOUND rule 103 state new disable
+ - set firewall name INBOUND rule 103 action 'accept'
+deleted_rs:
+ commands:
+ - delete firewall ipv6-name UPLINK
+ - delete firewall name INBOUND
+ after: []
+deleted_afi_all:
+ commands:
+ - delete firewall ipv6-name
+ - delete firewall name
+ after: []
+
+state_dict:
+ established: true
+ new: false
+ invalid: false
+ related: true
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-24 10:46:02 +0000