subject:"\[libvirt\] \[TCK\]\[PATCH\] nwfilter\: Add test cases for vlan and stp filtering"

[libvirt] [TCK][PATCH] nwfilter: Add test cases for vlan and stp filtering

2011-11-21 Thread Stefan Berger

Add test cases for VLAN and (upcoming) STP.

---
 scripts/nwfilter/nwfilterxml2fwallout/stp-test.fwall  |   14 +
 scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall |   15 ++
 scripts/nwfilter/nwfilterxml2xmlin/stp-test.xml   |   26 ++
 scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml  |   45 ++
 4 files changed, 100 insertions(+)

Index: libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall
===
--- /dev/null
+++ libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall
@@ -0,0 +1,15 @@
+#ebtables -t nat -L libvirt-I-vnet0 | grep -v ^Bridge | grep -v ^$
+-p 802_1Q -s aa:bb:cc:dd:ee:ff -d 1:2:3:4:5:6 --vlan-id 291 -j CONTINUE 
+-p 802_1Q -s aa:bb:cc:dd:ee:ff -d 1:2:3:4:5:6 --vlan-id 1234 -j RETURN 
+-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-encap 2054 -j DROP 
+-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-encap 4660 -j ACCEPT 
+#ebtables -t nat -L libvirt-O-vnet0 | grep -v ^Bridge | grep -v ^$
+-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-id 291 -j CONTINUE 
+-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-id 1234 -j RETURN 
+-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff --vlan-id 291 -j DROP 
+-p 802_1Q -s 1:2:3:4:5:6 -d aa:bb:cc:dd:ee:ff -j ACCEPT 
+#ebtables -t nat -L PREROUTING | grep vnet0
+-i vnet0 -j libvirt-I-vnet0
+#ebtables -t nat -L POSTROUTING | grep vnet0
+-o vnet0 -j libvirt-O-vnet0
+
Index: libvirt-tck/scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml
===
--- /dev/null
+++ libvirt-tck/scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml
@@ -0,0 +1,45 @@
+filter name='tck-testcase' chain='root'
+  uuid5c6d49af-b071-6127-b4ec-6f8ed4b55335/uuid
+  rule action='continue' direction='inout'
+ vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+   dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
+   vlanid='0x123'
+ /
+  /rule
+
+  rule action='return' direction='inout'
+ vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+   dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
+   vlanid='1234'
+ /
+  /rule
+
+  rule action='reject' direction='in'
+ vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+   dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
+   vlanid='0x123'
+ /
+  /rule
+
+  rule action='accept' direction='in'
+ vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+   dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
+   vlanid='0x'
+ /
+  /rule
+
+  rule action='drop' direction='out'
+ vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+   dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
+   encap-protocol='arp'
+ /
+  /rule
+
+  rule action='accept' direction='out'
+ vlan srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+   dstmacaddr='aa:bb:cc:dd:ee:ff' dstmacmask='ff:ff:ff:ff:ff:ff'
+   encap-protocol='0x1234'
+ /
+  /rule
+
+/filter
Index: libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/stp-test.fwall
===
--- /dev/null
+++ libvirt-tck/scripts/nwfilter/nwfilterxml2fwallout/stp-test.fwall
@@ -0,0 +1,14 @@
+#ebtables -t nat -L libvirt-I-vnet0 | grep -v ^Bridge | grep -v ^$
+-d BGA -j I-vnet0-stp-xyz
+#ebtables -t nat -L libvirt-O-vnet0 | grep -v ^Bridge | grep -v ^$
+-d BGA -j O-vnet0-stp-xyz
+#ebtables -t nat -L PREROUTING | grep vnet0
+-i vnet0 -j libvirt-I-vnet0
+#ebtables -t nat -L POSTROUTING | grep vnet0
+-o vnet0 -j libvirt-O-vnet0
+#ebtables -t nat -L I-vnet0-stp-xyz | grep -v ^Bridge | grep -v ^$
+-s 1:2:3:4:5:6 -d BGA --stp-root-prio 4660:9029  --stp-root-addr 6:5:4:3:2:1 
--stp-root-cost 287454020:573785173  -j RETURN 
+#ebtables -t nat -L O-vnet0-stp-xyz | grep -v ^Bridge | grep -v ^$
+-s 1:2:3:4:5:6 -d BGA --stp-type 18 --stp-flags 68 -j CONTINUE 
+-s 1:2:3:4:5:6 -d BGA --stp-sender-prio 4660  --stp-sender-addr 6:5:4:3:2:1 
--stp-port 123:234  --stp-msg-age 5544:  --stp-max-age :  
--stp-hello-time 12345:12346  --stp-forward-delay 54321:65432  -j DROP 
+
Index: libvirt-tck/scripts/nwfilter/nwfilterxml2xmlin/stp-test.xml
===
--- /dev/null
+++ libvirt-tck/scripts/nwfilter/nwfilterxml2xmlin/stp-test.xml
@@ -0,0 +1,26 @@
+filter name='tck-testcase' chain='stp-xyz'
+  uuid5c6d49af-b071-6127-b4ec-6f8ed4b55335/uuid
+  rule action='continue' direction='in'
+ stp srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+  type='0x12' flags='0x44'/
+  /rule
+
+  rule action='return' direction='out'
+ stp srcmacaddr='1:2:3:4:5:6' srcmacmask='ff:ff:ff:ff:ff:ff'
+  root-priority='0x1234' root-priority-hi='0x2345'
+  root-address=6:5:4:3:2:1

Re: [libvirt] [TCK][PATCH] nwfilter: Add test cases for vlan and stp filtering

2011-11-21 Thread Daniel P. Berrange

On Mon, Nov 21, 2011 at 07:43:49AM -0500, Stefan Berger wrote:
 Add test cases for VLAN and (upcoming) STP.
 
 ---
  scripts/nwfilter/nwfilterxml2fwallout/stp-test.fwall  |   14 +
  scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall |   15 ++
  scripts/nwfilter/nwfilterxml2xmlin/stp-test.xml   |   26 ++
  scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml  |   45 
 ++
  4 files changed, 100 insertions(+)


ACK

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [TCK][PATCH] nwfilter: Add test cases for vlan and stp filtering

Re: [libvirt] [TCK][PATCH] nwfilter: Add test cases for vlan and stp filtering

2 matches

Site Navigation

Mail list logo

Footer information