[pve-devel] [PATCH firewall 3/4] test: add test for implicitly allowed container IP
Wolfgang Bumiller
w.bumiller at proxmox.com
Wed Mar 2 12:59:16 CET 2016
---
test/test-vm-ipfilter2/200.fw | 4 ++++
test/test-vm-ipfilter2/cluster.fw | 7 +++++++
test/test-vm-ipfilter2/tests | 3 +++
3 files changed, 14 insertions(+)
create mode 100644 test/test-vm-ipfilter2/200.fw
create mode 100644 test/test-vm-ipfilter2/cluster.fw
create mode 100644 test/test-vm-ipfilter2/tests
diff --git a/test/test-vm-ipfilter2/200.fw b/test/test-vm-ipfilter2/200.fw
new file mode 100644
index 0000000..cb372f5
--- /dev/null
+++ b/test/test-vm-ipfilter2/200.fw
@@ -0,0 +1,4 @@
+[options]
+
+enable: 1
+ipfilter: 1
diff --git a/test/test-vm-ipfilter2/cluster.fw b/test/test-vm-ipfilter2/cluster.fw
new file mode 100644
index 0000000..6e1f05e
--- /dev/null
+++ b/test/test-vm-ipfilter2/cluster.fw
@@ -0,0 +1,7 @@
+[options]
+
+enable: 1
+
+[rules]
+
+IN ACCEPT -p tcp -dport 80
diff --git a/test/test-vm-ipfilter2/tests b/test/test-vm-ipfilter2/tests
new file mode 100644
index 0000000..d940c17
--- /dev/null
+++ b/test/test-vm-ipfilter2/tests
@@ -0,0 +1,3 @@
+{ from => 'ct200', source => '1.2.3.4', dport => 80, action => 'DROP' }
+{ from => 'ct200', source => '10.0.200.1', dport => 80, action => 'ACCEPT' }
+{ from => 'ct200', source => '10.0.200.2', dport => 80, action => 'DROP' }
--
2.1.4
More information about the pve-devel
mailing list