Adding nwfilter with parameters

Add nwfilter with parameters with update-device and check the rules in host. Also add check point for delete network filter, we should not only check the xml, but also ensure the rules are deleted. Signed-off-by: N yalzhang <yalzhang@redhat.com>

Adding nwfilter with parameters
Add nwfilter with parameters with update-device and check the rules in host. Also add check point for delete network filter, we should not only check the xml, but also ensure the rules are deleted. Signed-off-by: N yalzhang <yalzhang@redhat.com>
992ff20e · yalzhang · 58424429 · 992ff20e · 992ff20e
Showing with 13 addition and 0 deletion

libvirt/tests/cfg/virtual_network/iface_update.cfg libvirt/tests/cfg/virtual_network/iface_update.cfg +4 -0

libvirt/tests/src/virtual_network/iface_update.py libvirt/tests/src/virtual_network/iface_update.py +9 -0

未找到文件。
--- a/libvirt/tests/cfg/virtual_network/iface_update.cfg
+++ b/libvirt/tests/cfg/virtual_network/iface_update.cfg
@@ -26,6 +26,10 @@
                    net_name = "net7"
                - add_filter:
                    new_iface_filter = "clean-traffic"
+                - add_filter_with_paramters:
+                    new_iface_filter = "clean-traffic"
+                    new_iface_filter_parameters = "[{'name': 'IP', 'value': '1.2.3.4'}, {'name': 'MAC', 'value': '52:54:00:7b:35:93'}]"
+                    rules = ["-s 52:54:00:7b:35:93 -j RETURN", "-p IPv4 --ip-src 1.2.3.4 -j RETURN", "-p ARP --arp-mac-src 52:54:00:7b:35:93 -j RETURN", "-p ARP --arp-ip-src 1.2.3.4 -j RETURN"]
                - update_filter:
                    iface_filter = "no-mac-spoofing"
                    new_iface_filter = "clean-traffic"

--- a/libvirt/tests/src/virtual_network/iface_update.py
+++ b/libvirt/tests/src/virtual_network/iface_update.py
 import os
 import re
 import logging
+import time

 from avocado.utils import process

@@ -192,9 +193,17 @@ def run(test, params, env):
                    if rule not in ebtables_outputs:
                        test.fail("Can not find the corresponding rule after update filter with parameters!")
            if del_filter:
+                # if the filter is deleted, it should not exists in the xml and the rules should be deleted as well
                iface_filter_value = iface_aft.find('filterref')
                if iface_filter_value is not None:
                    test.fail("After delete, the filter still exists: %s" % iface_filter_value)
+                ebtables_outputs = process.run("ebtables -t nat -L", shell=True).stdout_text
+                logging.debug("after nwfilter deleted, ebtables rules are %s" % ebtables_outputs)
+                time.sleep(5)
+                entries_num = re.findall(r'entries:\s+(\d)', ebtables_outputs)
+                for i in entries_num:
+                    if i != '0':
+                        test.fail("After delete, the rules are still exists!")
            if new_iface_alias:
                iface_alias_value = iface_aft.find('alias').get('name')
                if iface_alias_value == eval(new_iface_alias)['name']: