Merge #1 Adds tests according to the CI
This commit is contained in:
commit
b39b90d0a4
36
tests/sanity-tests/Makefile
Normal file
36
tests/sanity-tests/Makefile
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
# SPDX-License-Identifier: LGPL-2.1+
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
#
|
||||||
|
# Makefile of /CoreOS/ipset
|
||||||
|
# Description: Test if ipset working ok
|
||||||
|
# Author: Susant Sahani<susant@redhat.com>
|
||||||
|
#
|
||||||
|
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
export TEST=/CoreOS/ipset
|
||||||
|
export TESTVERSION=1.0
|
||||||
|
BUILT_FILES=
|
||||||
|
FILES=$(METADATA) runtest.sh Makefile
|
||||||
|
.PHONY: all install download clean
|
||||||
|
run: $(FILES) build
|
||||||
|
./runtest.sh
|
||||||
|
build: $(BUILT_FILES)
|
||||||
|
test -x runtest.sh || chmod a+x runtest.sh
|
||||||
|
clean:
|
||||||
|
rm -f *~ $(BUILT_FILES)
|
||||||
|
include /usr/share/rhts/lib/rhts-make.include
|
||||||
|
$(METADATA): Makefile
|
||||||
|
@echo "Owner: Susant Sahani<susant@redhat.com>" > $(METADATA)
|
||||||
|
@echo "Name: $(TEST)" >> $(METADATA)
|
||||||
|
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
|
||||||
|
@echo "Path: $(TEST_DIR)" >> $(METADATA)
|
||||||
|
@echo "Description: Test ipset sanity" >> $(METADATA)
|
||||||
|
@echo "Type: Sanity" >> $(METADATA)
|
||||||
|
@echo "TestTime: 5m" >> $(METADATA)
|
||||||
|
@echo "RunFor: ipset " >> $(METADATA)
|
||||||
|
@echo "Requires: ipset iperf3 python3 systemd python3-pyroute2 iptables" >> $(METADATA)
|
||||||
|
@echo "Priority: Normal" >> $(METADATA)
|
||||||
|
@echo "License: GPLv2" >> $(METADATA)
|
||||||
|
@echo "Confidential: no" >> $(METADATA)
|
||||||
|
@echo "Destructive: no" >> $(METADATA)
|
||||||
|
@echo "Releases: -Fedora 29" >> $(METADATA)
|
||||||
|
rhts-lint $(METADATA)
|
10
tests/sanity-tests/iperf3d.service
Normal file
10
tests/sanity-tests/iperf3d.service
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=iperf3d tests for ipset
|
||||||
|
After=multi-user.target network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
ExecStart=/usr/bin/iperf3 -s -d --bind 192.168.225.32 --port 55555 -V
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
228
tests/sanity-tests/ipset-tests.py
Executable file
228
tests/sanity-tests/ipset-tests.py
Executable file
@ -0,0 +1,228 @@
|
|||||||
|
#!/usr/bin/env python3
|
||||||
|
# SPDX-License-Identifier: LGPL-2.1+
|
||||||
|
# ~~~
|
||||||
|
# Description: Tests for ipset
|
||||||
|
#
|
||||||
|
# Author: Susant Sahani <susant@redhat.com>
|
||||||
|
# Copyright (c) 2018 Red Hat, Inc.
|
||||||
|
# ~~~
|
||||||
|
|
||||||
|
import errno
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
import time
|
||||||
|
import unittest
|
||||||
|
import subprocess
|
||||||
|
import signal
|
||||||
|
import shutil
|
||||||
|
import socket
|
||||||
|
from pyroute2 import IPRoute
|
||||||
|
|
||||||
|
def setUpModule():
|
||||||
|
|
||||||
|
if shutil.which('ipset') is None:
|
||||||
|
raise OSError(errno.ENOENT, 'ipset not found')
|
||||||
|
|
||||||
|
if shutil.which('iperf3') is None:
|
||||||
|
raise OSError(errno.ENOENT, 'iperf3 not found')
|
||||||
|
|
||||||
|
def tearDownModule():
|
||||||
|
pass
|
||||||
|
|
||||||
|
class GenericUtilities():
|
||||||
|
|
||||||
|
def SetupVethInterface(self):
|
||||||
|
|
||||||
|
ip = IPRoute()
|
||||||
|
|
||||||
|
ip.link('add', ifname='veth-test', peer='veth-peer', kind='veth')
|
||||||
|
idx_veth_test = ip.link_lookup(ifname='veth-test')[0]
|
||||||
|
idx_veth_peer = ip.link_lookup(ifname='veth-peer')[0]
|
||||||
|
|
||||||
|
ip.link('set', index=idx_veth_test, address='02:01:02:03:04:08')
|
||||||
|
ip.link('set', index=idx_veth_peer, address='02:01:02:03:04:09')
|
||||||
|
|
||||||
|
ip.addr('add', index=idx_veth_test, address='192.168.225.32', mask=24)
|
||||||
|
ip.addr('add', index=idx_veth_peer, address='192.168.225.33', mask=24)
|
||||||
|
|
||||||
|
ip.link('set', index=idx_veth_test, state='up')
|
||||||
|
ip.link('set', index=idx_veth_peer, state='up')
|
||||||
|
|
||||||
|
ip.close()
|
||||||
|
|
||||||
|
def TearDownVethInterface(self):
|
||||||
|
|
||||||
|
ip = IPRoute()
|
||||||
|
ip.link('del', index=ip.link_lookup(ifname='veth-test')[0])
|
||||||
|
ip.close()
|
||||||
|
|
||||||
|
def AddAddress(self, interface, address):
|
||||||
|
ip = IPRoute()
|
||||||
|
|
||||||
|
idx_veth_peer = ip.link_lookup(ifname=interface)[0]
|
||||||
|
ip.close()
|
||||||
|
|
||||||
|
def IPSetAdd(self, hashset, address):
|
||||||
|
subprocess.check_output(['ipset', 'add', hashset, address])
|
||||||
|
|
||||||
|
def IPSetRemove(self, hashset, address):
|
||||||
|
subprocess.check_output(['ipset', 'del', hashset, address])
|
||||||
|
|
||||||
|
def IPSetCreateHashSet(self, hashset, hashtype):
|
||||||
|
subprocess.check_output(['ipset', 'create', hashset, hashtype])
|
||||||
|
|
||||||
|
def IPSetDestroyHashSet(self, hashset):
|
||||||
|
subprocess.check_output(['ipset', 'destroy', hashset])
|
||||||
|
|
||||||
|
class IpsetTests(unittest.TestCase, GenericUtilities):
|
||||||
|
|
||||||
|
def setUp(self):
|
||||||
|
self.SetupVethInterface()
|
||||||
|
|
||||||
|
def tearDown(self):
|
||||||
|
self.TearDownVethInterface()
|
||||||
|
|
||||||
|
def test_ipset_bitmap_ip_netfilter(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testnetiperf', 'hash:ip')
|
||||||
|
|
||||||
|
self.IPSetAdd('testnetiperf', '192.168.225.32')
|
||||||
|
self.IPSetAdd('testnetiperf', '192.168.225.33')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testnetiperf','192.168.225.32'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testnetiperf','192.168.225.33'])
|
||||||
|
|
||||||
|
subprocess.check_output(['systemctl', 'start', 'iperf3d.service'])
|
||||||
|
time.sleep(5)
|
||||||
|
|
||||||
|
r = subprocess.call("iperf3" + " -c 192.168.225.32 -p 55555 --connect-timeout 5", shell=True)
|
||||||
|
self.assertEqual(r, 0)
|
||||||
|
|
||||||
|
r = subprocess.call("iptables" + " -I INPUT -m set --match-set testnetiperf src -j DROP", shell=True)
|
||||||
|
self.assertEqual(r, 0)
|
||||||
|
|
||||||
|
r = subprocess.call("iperf3" + " -c 192.168.225.32 -p 55555 --connect-timeout 5", shell=True)
|
||||||
|
self.assertNotEqual(r, 0)
|
||||||
|
|
||||||
|
subprocess.check_output(['systemctl', 'stop', 'iperf3d.service'])
|
||||||
|
|
||||||
|
subprocess.call("iptables" + " --delete INPUT -m set --match-set testnetiperf src -j DROP" , shell=True)
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testnetiperf')
|
||||||
|
|
||||||
|
def test_ipset_add_bitmap_ip(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testnet', 'hash:ip')
|
||||||
|
|
||||||
|
self.IPSetAdd('testnet', '192.168.11.12')
|
||||||
|
self.IPSetAdd('testnet', '192.168.11.13')
|
||||||
|
self.IPSetAdd('testnet', '192.168.11.14')
|
||||||
|
self.IPSetAdd('testnet', '192.168.11.15')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testnet','192.168.11.12'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testnet','192.168.11.13'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testnet','192.168.11.14'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testnet','192.168.11.15'])
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testnet')
|
||||||
|
|
||||||
|
def test_ipset_delete_bitmap_ip(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testnet', 'hash:ip')
|
||||||
|
|
||||||
|
self.IPSetAdd('testnet', '192.168.11.12')
|
||||||
|
self.IPSetAdd('testnet', '192.168.11.13')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testnet','192.168.11.12'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testnet','192.168.11.13'])
|
||||||
|
|
||||||
|
self.IPSetRemove('testnet', '192.168.11.12')
|
||||||
|
|
||||||
|
r = subprocess.call("ipset" + " test testnet 192.168.11.12", shell=True)
|
||||||
|
self.assertEqual(r, 1)
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testnet')
|
||||||
|
|
||||||
|
def test_ipset_hash_bitmap_mac(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testmac', 'hash:mac')
|
||||||
|
|
||||||
|
self.IPSetAdd('testmac', '02:01:02:03:04:09')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testmac','02:01:02:03:04:09'])
|
||||||
|
|
||||||
|
self.IPSetRemove('testmac', '02:01:02:03:04:09')
|
||||||
|
|
||||||
|
r = subprocess.call("ipset" + " test testmac 02:01:02:03:04:09", shell=True)
|
||||||
|
self.assertEqual(r, 1)
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testmac')
|
||||||
|
|
||||||
|
def test_ipset_hash_bitmap_ipport(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testipport', 'hash:ip,mac')
|
||||||
|
|
||||||
|
self.IPSetAdd('testipport', '1.1.1.1,02:01:02:03:04:09')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testipport','1.1.1.1,02:01:02:03:04:09'])
|
||||||
|
|
||||||
|
self.IPSetRemove('testipport', '1.1.1.1,02:01:02:03:04:09')
|
||||||
|
|
||||||
|
r = subprocess.call("ipset" + " test testipport 1.1.1.1,02:01:02:03:04:09", shell=True)
|
||||||
|
self.assertEqual(r, 1)
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testipport')
|
||||||
|
|
||||||
|
def test_ipset_hash_bitmap_ipport(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testipport', 'hash:ip,port')
|
||||||
|
|
||||||
|
self.IPSetAdd('testipport', '192.168.1.1,udp:53')
|
||||||
|
self.IPSetAdd('testipport', '192.168.1.1,5555')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testipport','192.168.1.1,udp:53'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testipport','192.168.1.1,5555'])
|
||||||
|
|
||||||
|
self.IPSetRemove('testipport', '192.168.1.1,5555')
|
||||||
|
|
||||||
|
r = subprocess.call("ipset" + " test testipport 192.168.1.1,5555", shell=True)
|
||||||
|
self.assertEqual(r, 1)
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testipport')
|
||||||
|
|
||||||
|
def test_ipset_hash_bitmap_ipportip(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testipportip', 'hash:ip,port,ip')
|
||||||
|
|
||||||
|
self.IPSetAdd('testipportip', '192.168.1.1,80,10.0.0.1')
|
||||||
|
self.IPSetAdd('testipportip', '192.168.1.2,80,10.0.0.2')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testipportip','192.168.1.1,80,10.0.0.1'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testipportip','192.168.1.1,80,10.0.0.1'])
|
||||||
|
|
||||||
|
self.IPSetRemove('testipportip', '192.168.1.1,80,10.0.0.1')
|
||||||
|
|
||||||
|
r = subprocess.call("ipset" + " test testipportip 192.168.1.1,80,10.0.0.1", shell=True)
|
||||||
|
self.assertEqual(r, 1)
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testipportip')
|
||||||
|
|
||||||
|
def test_ipset_hash_bitmap_netiface(self):
|
||||||
|
|
||||||
|
self.IPSetCreateHashSet('testnetiface', 'hash:net,iface')
|
||||||
|
|
||||||
|
self.IPSetAdd('testnetiface', '192.168.0/24,veth-test')
|
||||||
|
self.IPSetAdd('testnetiface', '192.167.0/24,veth-peer')
|
||||||
|
|
||||||
|
subprocess.check_output(['ipset', 'test','testnetiface','192.168.0/24,veth-test'])
|
||||||
|
subprocess.check_output(['ipset', 'test','testnetiface','192.167.0/24,veth-peer'])
|
||||||
|
|
||||||
|
self.IPSetRemove('testnetiface', '192.168.0/24,veth-test')
|
||||||
|
|
||||||
|
r = subprocess.call("ipset" + " test testnetiface 192.168.0/24,veth-test", shell=True)
|
||||||
|
self.assertEqual(r, 1)
|
||||||
|
|
||||||
|
self.IPSetDestroyHashSet('testnetiface')
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout, verbosity=3))
|
50
tests/sanity-tests/runtest.sh
Executable file
50
tests/sanity-tests/runtest.sh
Executable file
@ -0,0 +1,50 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# SPDX-License-Identifier: LGPL-2.1+
|
||||||
|
# ~~~
|
||||||
|
# runtest.sh of ipset
|
||||||
|
# Description: ipset tests.
|
||||||
|
#
|
||||||
|
# Author: Susant Sahani <susant@redhat.com>
|
||||||
|
# Copyright (c) 2018 Red Hat, Inc.
|
||||||
|
# ~~~
|
||||||
|
|
||||||
|
# Include Beaker environment
|
||||||
|
. /usr/share/beakerlib/beakerlib.sh || exit 1
|
||||||
|
|
||||||
|
PACKAGE="ipset"
|
||||||
|
|
||||||
|
SERVICE_UNITDIR="/var/run/systemd/system"
|
||||||
|
|
||||||
|
rlJournalStart
|
||||||
|
rlPhaseStartSetup
|
||||||
|
rlAssertRpm $PACKAGE
|
||||||
|
rlRun "systemctl stop firewalld" 0,5
|
||||||
|
rlRun "setenforce 0" 0,1
|
||||||
|
|
||||||
|
rlRun "[ -e /sys/class/net/veth-test ] && ip link del veth-test" 0,1
|
||||||
|
|
||||||
|
rlRun "cp iperf3d.service $SERVICE_UNITDIR"
|
||||||
|
rlRun "cp ipset-tests.py /usr/bin/"
|
||||||
|
|
||||||
|
rlRun "systemctl daemon-reload"
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartTest
|
||||||
|
rlLog "Starting ipset tests ..."
|
||||||
|
rlRun "/usr/bin/python3 /usr/bin/ipset-tests.py"
|
||||||
|
rlPhaseEnd
|
||||||
|
|
||||||
|
rlPhaseStartCleanup
|
||||||
|
rlRun "rm /usr/bin/ipset-tests.py"
|
||||||
|
rlRun "[ -e /sys/class/net/veth-test ] && ip link del veth-test" 0,1
|
||||||
|
|
||||||
|
rlRun "rm $SERVICE_UNITDIR/iperf3d.service"
|
||||||
|
rlRun "systemctl daemon-reload"
|
||||||
|
|
||||||
|
rlRun "setenforce 1" 0,1
|
||||||
|
rlLog "ipset tests done"
|
||||||
|
rlPhaseEnd
|
||||||
|
rlJournalPrintText
|
||||||
|
rlJournalEnd
|
||||||
|
|
||||||
|
rlGetTestState
|
15
tests/tests.yml
Normal file
15
tests/tests.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
- hosts: localhost
|
||||||
|
roles:
|
||||||
|
- role: standard-test-beakerlib
|
||||||
|
tags:
|
||||||
|
- classic
|
||||||
|
tests:
|
||||||
|
- sanity-tests
|
||||||
|
required_packages:
|
||||||
|
- ipset
|
||||||
|
- iptables
|
||||||
|
- python3
|
||||||
|
- systemd
|
||||||
|
- iproute
|
||||||
|
- iperf3
|
||||||
|
- python3-pyroute2
|
Loading…
Reference in New Issue
Block a user