diff options
Diffstat (limited to 'tests/unit')
9 files changed, 115 insertions, 0 deletions
diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg index f54a03dc..464f132f 100644 --- a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg +++ b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config.cfg @@ -2,6 +2,8 @@ set firewall group address-group RND-HOSTS address 192.0.2.1 set firewall group address-group RND-HOSTS address 192.0.2.3 set firewall group address-group RND-HOSTS address 192.0.2.5 set firewall group address-group RND-HOSTS description 'This group has the Management hosts address lists' +set firewall group address-group DELETE-HOSTS address 1.2.3.4 +set firewall group address-group DELETE-HOSTS description 'The (single) last address from this group will be deleted in the tests' set firewall group ipv6-address-group LOCAL-v6 address ::1 set firewall group ipv6-address-group LOCAL-v6 address fdec:2503:89d6:59b3::1 set firewall group ipv6-address-group LOCAL-v6 description 'This group has the hosts address lists of this machine' diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config_v14.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config_v14.cfg index 0a1247dd..ad60b45c 100644 --- a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config_v14.cfg +++ b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_global_config_v14.cfg @@ -2,6 +2,8 @@ set firewall group address-group RND-HOSTS address 192.0.2.1 set firewall group address-group RND-HOSTS address 192.0.2.3 set firewall group address-group RND-HOSTS address 192.0.2.5 set firewall group address-group RND-HOSTS description 'This group has the Management hosts address lists' +set firewall group address-group DELETE-HOSTS address 1.2.3.4 +set firewall group address-group DELETE-HOSTS description 'The (single) last address from this group will be deleted in the tests' set firewall group ipv6-address-group LOCAL-v6 address ::1 set firewall group ipv6-address-group LOCAL-v6 address fdec:2503:89d6:59b3::1 set firewall group ipv6-address-group LOCAL-v6 description 'This group has the hosts address lists of this machine' diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg index 6c248d2b..3ad6ec97 100644 --- a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg +++ b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config.cfg @@ -14,3 +14,8 @@ set firewall name EGRESS default-action 'reject' set firewall ipv6-name EGRESS default-action 'reject' set firewall ipv6-name EGRESS rule 20 set firewall ipv6-name EGRESS rule 20 icmpv6 type 'echo-request' +set firewall name MULTIPLE-RULE default-action 'drop' +set firewall name MULTIPLE-RULE rule 1 action 'accept' +set firewall name MULTIPLE-RULE rule 1 protocol 'all' +set firewall name MULTIPLE-RULE rule 2 action 'drop' +set firewall name MULTIPLE-RULE rule 2 protocol 'all'
\ No newline at end of file diff --git a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config_v14.cfg b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config_v14.cfg index e82e3903..7f63dd78 100644 --- a/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config_v14.cfg +++ b/tests/unit/modules/network/vyos/fixtures/vyos_firewall_rules_config_v14.cfg @@ -32,3 +32,8 @@ set firewall ipv4 name IF-TEST rule 10 inbound-interface name 'eth0' set firewall ipv4 name IF-TEST rule 10 outbound-interface group 'the-ethers' set firewall ipv4 name IF-TEST rule 10 icmp type-name 'echo-request' set firewall ipv4 name IF-TEST rule 10 state 'related' +set firewall ipv4 name MULTIPLE-RULE default-action 'drop' +set firewall ipv4 name MULTIPLE-RULE rule 1 action 'accept' +set firewall ipv4 name MULTIPLE-RULE rule 1 protocol 'all' +set firewall ipv4 name MULTIPLE-RULE rule 2 action 'drop' +set firewall ipv4 name MULTIPLE-RULE rule 2 protocol 'all'
\ No newline at end of file diff --git a/tests/unit/modules/network/vyos/test_vyos_firewall_global.py b/tests/unit/modules/network/vyos/test_vyos_firewall_global.py index 481cc1dd..db67ab2c 100644 --- a/tests/unit/modules/network/vyos/test_vyos_firewall_global.py +++ b/tests/unit/modules/network/vyos/test_vyos_firewall_global.py @@ -269,6 +269,12 @@ class TestVyosFirewallGlobalModule(TestVyosModule): ], ), dict( + afi="ipv4", + name="DELETE-HOSTS", + description="The (single) last address from this group will be deleted in the tests", + # No members here + ), + dict( afi="ipv6", name="LOCAL-v6", description="This group has the hosts address lists of this machine", @@ -309,6 +315,7 @@ class TestVyosFirewallGlobalModule(TestVyosModule): "delete firewall send-redirects", "delete firewall group address-group RND-HOSTS address 192.0.2.3", "delete firewall group address-group RND-HOSTS address 192.0.2.5", + "delete firewall group address-group DELETE-HOSTS address", "set firewall group address-group RND-HOSTS address 192.0.2.7", "set firewall group address-group RND-HOSTS address 192.0.2.9", "delete firewall group network-group RND description", @@ -376,6 +383,7 @@ class TestVyosFirewallGlobalModule(TestVyosModule): ), ) commands = [ + "delete firewall group address-group DELETE-HOSTS", "delete firewall group address-group RND-HOSTS address 192.0.2.3", "delete firewall group address-group RND-HOSTS address 192.0.2.5", "delete firewall ipv6-src-route", @@ -412,6 +420,14 @@ class TestVyosFirewallGlobalModule(TestVyosModule): ], ), dict( + afi="ipv4", + name="DELETE-HOSTS", + description="The (single) last address from this group will be deleted in the tests", + members=[ + dict(address='1.2.3.4'), + ] + ), + dict( afi="ipv6", name="LOCAL-v6", description="This group has the hosts address lists of this machine", diff --git a/tests/unit/modules/network/vyos/test_vyos_firewall_global14.py b/tests/unit/modules/network/vyos/test_vyos_firewall_global14.py index aae4aa83..0b85e62d 100644 --- a/tests/unit/modules/network/vyos/test_vyos_firewall_global14.py +++ b/tests/unit/modules/network/vyos/test_vyos_firewall_global14.py @@ -272,6 +272,12 @@ class TestVyosFirewallRulesModule14(TestVyosModule): ], ), dict( + afi="ipv4", + name="DELETE-HOSTS", + description="The (single) last address from this group will be deleted in the tests", + # No members here + ), + dict( afi="ipv6", name="LOCAL-v6", description="This group has the hosts address lists of this machine", @@ -310,6 +316,7 @@ class TestVyosFirewallRulesModule14(TestVyosModule): commands = [ "delete firewall group address-group RND-HOSTS address 192.0.2.3", "delete firewall group address-group RND-HOSTS address 192.0.2.5", + "delete firewall group address-group DELETE-HOSTS address", "delete firewall global-options all-ping", "delete firewall global-options state-policy related", "delete firewall global-options ipv6-src-route", @@ -350,6 +357,14 @@ class TestVyosFirewallRulesModule14(TestVyosModule): ], ), dict( + afi="ipv4", + name="DELETE-HOSTS", + description="The (single) last address from this group will be deleted in the tests", + members=[ + dict(address='1.2.3.4'), + ] + ), + dict( afi="ipv6", name="LOCAL-v6", description="This group has the hosts address lists of this machine", @@ -451,6 +466,7 @@ class TestVyosFirewallRulesModule14(TestVyosModule): "delete firewall global-options send-redirects", "set firewall global-options state-policy related action 'drop'", "delete firewall global-options state-policy related log-level", + "delete firewall group address-group DELETE-HOSTS", "set firewall global-options state-policy invalid action 'reject'", "set firewall group address-group RND-HOSTS address 192.0.2.7", "set firewall group address-group RND-HOSTS address 192.0.2.9", diff --git a/tests/unit/modules/network/vyos/test_vyos_firewall_rules13.py b/tests/unit/modules/network/vyos/test_vyos_firewall_rules13.py index 101f389e..9a25198f 100644 --- a/tests/unit/modules/network/vyos/test_vyos_firewall_rules13.py +++ b/tests/unit/modules/network/vyos/test_vyos_firewall_rules13.py @@ -1057,6 +1057,17 @@ class TestVyosFirewallRulesModule13(TestVyosModule): ), ], ), + dict( + name="MULTIPLE-RULE", + default_action="drop", + rules=[ + dict( + number="1", + action="accept", + protocol="all", + ), + ], + ), ], ), dict( @@ -1083,6 +1094,11 @@ class TestVyosFirewallRulesModule13(TestVyosModule): "delete firewall ipv6-name EGRESS", "delete firewall name V4-INGRESS", "delete firewall name EGRESS", + "delete firewall name MULTIPLE-RULE", + "set firewall name MULTIPLE-RULE default-action 'drop'", + "set firewall name MULTIPLE-RULE rule 1", + "set firewall name MULTIPLE-RULE rule 1 action 'accept'", + "set firewall name MULTIPLE-RULE rule 1 protocol 'all'", "set firewall name V4-IN default-action 'accept'", "set firewall name V4-IN description 'This is IPv4 INGRESS rule set'", "set firewall name V4-IN enable-default-log", @@ -1159,6 +1175,7 @@ class TestVyosFirewallRulesModule13(TestVyosModule): "delete firewall ipv6-name EGRESS", "delete firewall name V4-INGRESS", "delete firewall name EGRESS", + "delete firewall name MULTIPLE-RULE", "set firewall name V4-INGRESS rule 101", "set firewall name V4-INGRESS description 'This is IPv4 INGRESS rule set'", "set firewall name V4-INGRESS default-action 'accept'", @@ -1204,6 +1221,22 @@ class TestVyosFirewallRulesModule13(TestVyosModule): name="EGRESS", default_action="reject", ), + dict( + name="MULTIPLE-RULE", + default_action="drop", + rules=[ + dict( + number="1", + action="accept", + protocol="all", + ), + dict( + number="2", + action="drop", + protocol="all", + ), + ], + ), ], ), dict( diff --git a/tests/unit/modules/network/vyos/test_vyos_firewall_rules14.py b/tests/unit/modules/network/vyos/test_vyos_firewall_rules14.py index 547b8f45..64884282 100644 --- a/tests/unit/modules/network/vyos/test_vyos_firewall_rules14.py +++ b/tests/unit/modules/network/vyos/test_vyos_firewall_rules14.py @@ -1418,6 +1418,17 @@ class TestVyosFirewallRulesModule14(TestVyosModule): ), ], ), + dict( + name="MULTIPLE-RULE", + default_action="drop", + rules=[ + dict( + number="1", + action="accept", + protocol="all", + ), + ], + ), ], ), dict( @@ -1444,11 +1455,16 @@ class TestVyosFirewallRulesModule14(TestVyosModule): "delete firewall ipv6 name EGRESS", "delete firewall ipv4 name V4-INGRESS", "delete firewall ipv4 name EGRESS", + "delete firewall ipv4 name MULTIPLE-RULE", "delete firewall ipv4 input filter", "delete firewall ipv4 output filter", "delete firewall ipv6 input filter", "delete firewall ipv6 output filter", "delete firewall ipv4 name IF-TEST", + "set firewall ipv4 name MULTIPLE-RULE default-action 'drop'", + "set firewall ipv4 name MULTIPLE-RULE rule 1", + "set firewall ipv4 name MULTIPLE-RULE rule 1 action 'accept'", + "set firewall ipv4 name MULTIPLE-RULE rule 1 protocol 'all'", "set firewall ipv4 name V4-IN default-action 'accept'", "set firewall ipv4 name V4-IN description 'This is IPv4 INGRESS rule set'", "set firewall ipv4 name V4-IN default-log", @@ -1530,6 +1546,7 @@ class TestVyosFirewallRulesModule14(TestVyosModule): "delete firewall ipv6 input filter", "delete firewall ipv6 output filter", "delete firewall ipv4 name IF-TEST", + "delete firewall ipv4 name MULTIPLE-RULE", "set firewall ipv4 name V4-INGRESS rule 101", "set firewall ipv4 name V4-INGRESS default-log", "set firewall ipv4 name V4-INGRESS description 'This is IPv4 INGRESS rule set'", @@ -1609,6 +1626,22 @@ class TestVyosFirewallRulesModule14(TestVyosModule): name="EGRESS", default_action="reject", ), + dict( + name="MULTIPLE-RULE", + default_action="drop", + rules=[ + dict( + number="1", + action="accept", + protocol="all", + ), + dict( + number="2", + action="drop", + protocol="all", + ), + ], + ), ], ), dict( diff --git a/tests/unit/modules/utils.py b/tests/unit/modules/utils.py index 6489f13f..e2d17abd 100644 --- a/tests/unit/modules/utils.py +++ b/tests/unit/modules/utils.py @@ -20,6 +20,9 @@ def set_module_args(args): args = json.dumps({"ANSIBLE_MODULE_ARGS": args}) basic._ANSIBLE_ARGS = to_bytes(args) + profile = "legacy" + basic._ANSIBLE_PROFILE = profile + class AnsibleExitJson(Exception): pass |