diff options
| author | Todd Willey <todd@ansolabs.com> | 2011-06-25 02:30:47 +0000 |
|---|---|---|
| committer | Tarmac <> | 2011-06-25 02:30:47 +0000 |
| commit | 4db84dc78ae6660dbced7e9382ae5c441a135908 (patch) | |
| tree | 64c242a2d4ca45772e3a010d2e99f939564eb06e /nova/tests | |
| parent | e6f3ce3541d3ce380c00dda3b878a652fc31f2fc (diff) | |
| parent | 51d93c5b1722bef9783cd7572c1464a084ece0aa (diff) | |
Add api methods to delete provider firewall rules.
Diffstat (limited to 'nova/tests')
| -rw-r--r-- | nova/tests/test_adminapi.py | 22 | ||||
| -rw-r--r-- | nova/tests/test_libvirt.py | 7 |
2 files changed, 29 insertions, 0 deletions
diff --git a/nova/tests/test_adminapi.py b/nova/tests/test_adminapi.py index 7ecaf1c09..ce826fd5b 100644 --- a/nova/tests/test_adminapi.py +++ b/nova/tests/test_adminapi.py @@ -85,5 +85,27 @@ class AdminApiTestCase(test.TestCase): def test_block_external_ips(self): """Make sure provider firewall rules are created.""" result = self.api.block_external_addresses(self.context, '1.1.1.1/32') + self.api.remove_external_address_block(self.context, '1.1.1.1/32') self.assertEqual('OK', result['status']) self.assertEqual('Added 3 rules', result['message']) + + def test_list_blocked_ips(self): + """Make sure we can see the external blocks that exist.""" + self.api.block_external_addresses(self.context, '1.1.1.2/32') + result = self.api.describe_external_address_blocks(self.context) + num = len(db.provider_fw_rule_get_all(self.context)) + self.api.remove_external_address_block(self.context, '1.1.1.2/32') + # we only list IP, not tcp/udp/icmp rules + self.assertEqual(num / 3, len(result['externalIpBlockInfo'])) + + def test_remove_ip_block(self): + """Remove ip blocks.""" + result = self.api.block_external_addresses(self.context, '1.1.1.3/32') + self.assertEqual('OK', result['status']) + num0 = len(db.provider_fw_rule_get_all(self.context)) + result = self.api.remove_external_address_block(self.context, + '1.1.1.3/32') + self.assertEqual('OK', result['status']) + self.assertEqual('Deleted 3 rules', result['message']) + num1 = len(db.provider_fw_rule_get_all(self.context)) + self.assert_(num1 < num0) diff --git a/nova/tests/test_libvirt.py b/nova/tests/test_libvirt.py index ee94d3c17..d12e21063 100644 --- a/nova/tests/test_libvirt.py +++ b/nova/tests/test_libvirt.py @@ -1115,6 +1115,13 @@ class IptablesFirewallTestCase(test.TestCase): provjump_rules.append(rule) self.assertEqual(1, len(provjump_rules)) + # remove a rule from the db, cast to compute to refresh rule + db.provider_fw_rule_destroy(admin_ctxt, provider_fw1['id']) + self.fw.refresh_provider_fw_rules() + rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules + if rule.chain == 'provider'] + self.assertEqual(1, len(rules)) + class NWFilterTestCase(test.TestCase): def setUp(self): |