tests: update interface dump mock data

Reorder and extend ubus interface dump mock. Ensure that the lan interface has two IPv4 and IPv6 addresses each to cover address selection logic in various fw4 parts. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
author: Jo-Philipp Wich 2022-01-27 14:55:38 +0000
committer: Jo-Philipp Wich 2022-01-27 15:22:11 +0000
commit: ca88fcdfd1d3adfff965a2547e9c417a2950df24 (patch)
tree: 599a6eea583ba678366ef2fd1a8ca7d1bf2712be
parent: fff9779978e0a1aec64cb5b2642272024e12905b (diff)
download: firewall4-ca88fcdfd1d3adfff965a2547e9c417a2950df24.tar.gz
2 files changed, 216 insertions, 36 deletions
diff --git a/tests/01_configuration/01_ruleset b/tests/01_configuration/01_ruleset
index da33cce..1b006d8 100644
--- a/tests/01_configuration/01_ruleset
+++ b/tests/01_configuration/01_ruleset
@@ -26,7 +26,7 @@ table inet fw4 {
 
 	flowtable ft {
 		hook ingress priority 0;
-		devices = { "br-lan", "wan" };
+		devices = { "br-lan", "eth1" };
 		flags offload;
 	}
 
@@ -40,9 +40,9 @@ table inet fw4 {
 	#
 
 	define lan_devices = { "br-lan" }
-	define lan_subnets = { 192.168.26.0/24, fd63:e2f:f706::/60 }
-	define wan_devices = { "wan" }
-	define wan_subnets = { 10.11.12.0/24 }
+	define lan_subnets = { 10.0.0.0/24, 192.168.26.0/24, 2001:db8:1000::/60, fd63:e2f:f706::/60 }
+	define wan_devices = { "eth1" }
+	define wan_subnets = { 10.11.12.0/24, 2001:db8:54:321::/64 }
 
 	#
 	# User includes
@@ -63,7 +63,7 @@ table inet fw4 {
 		ct state established,related accept comment "!fw4: Allow inbound established and related flows"
 		tcp flags & (fin | syn | rst | ack) == syn jump syn_flood comment "!fw4: Rate limit TCP syn packets"
 		iifname "br-lan" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic"
-		iifname "wan" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
+		iifname "eth1" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic"
 	}
 
 	chain forward {
@@ -72,7 +72,7 @@ table inet fw4 {
 		meta l4proto { tcp, udp } flow offload @ft;
 		ct state established,related accept comment "!fw4: Allow forwarded established and related flows"
 		iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic"
-		iifname "wan" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
+		iifname "eth1" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic"
 		jump handle_reject
 	}
 
@@ -84,7 +84,7 @@ table inet fw4 {
 		ct state established,related accept comment "!fw4: Allow outbound established and related flows"
 		meta l4proto tcp counter comment "!fw4: Test-Deprecated-Rule-Option"
 		oifname "br-lan" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic"
-		oifname "wan" jump output_wan comment "!fw4: Handle wan IPv4/IPv6 output traffic"
+		oifname "eth1" jump output_wan comment "!fw4: Handle wan IPv4/IPv6 output traffic"
 	}
 
 	chain handle_reject {
@@ -142,15 +142,15 @@ table inet fw4 {
 	}
 
 	chain accept_to_wan {
-		oifname "wan" counter accept comment "!fw4: accept wan IPv4/IPv6 traffic"
+		oifname "eth1" counter accept comment "!fw4: accept wan IPv4/IPv6 traffic"
 	}
 
 	chain reject_from_wan {
-		iifname "wan" counter jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
+		iifname "eth1" counter jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
 	}
 
 	chain reject_to_wan {
-		oifname "wan" counter jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
+		oifname "eth1" counter jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic"
 	}
 
 
@@ -164,7 +164,7 @@ table inet fw4 {
 
 	chain srcnat {
 		type nat hook postrouting priority srcnat; policy accept;
-		oifname "wan" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
+		oifname "eth1" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic"
 	}
 
 	chain srcnat_wan {
@@ -271,8 +271,8 @@ table inet fw4 {
 
 	chain mangle_forward {
 		type filter hook forward priority mangle; policy accept;
-		iifname "wan" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing"
-		oifname "wan" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing"
+		iifname "eth1" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing"
+		oifname "eth1" tcp flags syn tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing"
 	}
 }
 -- End --
diff --git a/tests/mocks/ubus/network.interface~dump.json b/tests/mocks/ubus/network.interface~dump.json
index 25d3415..4f6f4eb 100644
--- a/tests/mocks/ubus/network.interface~dump.json
+++ b/tests/mocks/ubus/network.interface~dump.json
@@ -1,6 +1,74 @@
 {
 	"interface": [
 		{
+			"interface": "loopback",
+			"up": true,
+			"pending": false,
+			"available": true,
+			"autostart": true,
+			"dynamic": false,
+			"uptime": 89939,
+			"l3_device": "lo",
+			"proto": "static",
+			"device": "lo",
+			"updated": [
+				"addresses"
+			],
+			"metric": 0,
+			"dns_metric": 0,
+			"delegation": true,
+			"ipv4-address": [
+				{
+					"address": "127.0.0.1",
+					"mask": 8
+				}
+			],
+			"ipv6-address": [
+
+			],
+			"ipv6-prefix": [
+
+			],
+			"ipv6-prefix-assignment": [
+
+			],
+			"route": [
+
+			],
+			"dns-server": [
+
+			],
+			"dns-search": [
+
+			],
+			"neighbors": [
+
+			],
+			"inactive": {
+				"ipv4-address": [
+
+				],
+				"ipv6-address": [
+
+				],
+				"route": [
+
+				],
+				"dns-server": [
+
+				],
+				"dns-search": [
+
+				],
+				"neighbors": [
+
+				]
+			},
+			"data": {
+
+			}
+		},
+		{
 			"interface": "lan",
 			"up": true,
 			"pending": false,
@@ -19,6 +87,10 @@
 			"delegation": true,
 			"ipv4-address": [
 				{
+					"address": "10.0.0.1",
+					"mask": 24
+				},
+				{
 					"address": "192.168.26.1",
 					"mask": 24
 				}
@@ -31,10 +103,18 @@
 			],
 			"ipv6-prefix-assignment": [
 				{
-					"address": "fd63:e2f:f706::",
+					"address": "2001:db8:1000:1::",
 					"mask": 60,
 					"local-address": {
-						"address": "fd63:e2f:f706::1",
+						"address": "2001:db8:1000:1::1",
+						"mask": 60
+					}
+				},
+				{
+					"address": "fd63:e2f:f706:1::",
+					"mask": 60,
+					"local-address": {
+						"address": "fd63:e2f:f706:1::1",
 						"mask": 60
 					}
 				}
@@ -76,16 +156,16 @@
 			}
 		},
 		{
-			"interface": "loopback",
+			"interface": "guest",
 			"up": true,
 			"pending": false,
 			"available": true,
 			"autostart": true,
 			"dynamic": false,
-			"uptime": 89939,
-			"l3_device": "lo",
+			"uptime": 89940,
+			"l3_device": "br-guest",
 			"proto": "static",
-			"device": "lo",
+			"device": "br-guest",
 			"updated": [
 				"addresses"
 			],
@@ -94,8 +174,12 @@
 			"delegation": true,
 			"ipv4-address": [
 				{
-					"address": "127.0.0.1",
-					"mask": 8
+					"address": "10.1.0.1",
+					"mask": 24
+				},
+				{
+					"address": "192.168.27.1",
+					"mask": 24
 				}
 			],
 			"ipv6-address": [
@@ -105,7 +189,22 @@
 
 			],
 			"ipv6-prefix-assignment": [
-
+				{
+					"address": "2001:db8:1000:2::",
+					"mask": 60,
+					"local-address": {
+						"address": "2001:db8:1000:2::1",
+						"mask": 60
+					}
+				},
+				{
+					"address": "fd63:e2f:f706:2::",
+					"mask": 60,
+					"local-address": {
+						"address": "fd63:e2f:f706:2::1",
+						"mask": 60
+					}
+				}
 			],
 			"route": [
 
@@ -144,19 +243,6 @@
 			}
 		},
 		{
-			"interface": "wan6",
-			"up": false,
-			"pending": true,
-			"available": true,
-			"autostart": true,
-			"dynamic": false,
-			"proto": "dhcpv6",
-			"device": "wan",
-			"data": {
-
-			}
-		},
-		{
 			"interface": "wan",
 			"up": true,
 			"pending": false,
@@ -164,7 +250,7 @@
 			"autostart": true,
 			"dynamic": false,
 			"uptime": 35968,
-			"l3_device": "wan",
+			"l3_device": "eth1",
 			"proto": "dhcp",
 			"device": "wan",
 			"metric": 0,
@@ -226,6 +312,100 @@
 				"hostname": "OpenWrt",
 				"leasetime": 43200
 			}
+		},
+		{
+			"interface": "wan6",
+			"up": true,
+			"pending": false,
+			"available": true,
+			"autostart": true,
+			"dynamic": false,
+			"uptime": 16264,
+			"l3_device": "eth1",
+			"proto": "6in4",
+			"updated": [
+				"addresses",
+				"routes",
+				"prefixes"
+			],
+			"metric": 0,
+			"dns_metric": 0,
+			"delegation": true,
+			"ipv4-address": [
+
+			],
+			"ipv6-address": [
+				{
+					"address": "2001:db8:54:321::2",
+					"mask": 64
+				}
+			],
+			"ipv6-prefix": [
+				{
+					"address": "2001:db8:1000::",
+					"mask": 48,
+					"class": "wan6",
+					"assigned": {
+						"lan": {
+							"address": "2001:db8:1000:1::",
+							"mask": 60
+						},
+						"guest": {
+							"address": "2001:db8:1000:2::",
+							"mask": 60
+						}
+					}
+				}
+			],
+			"ipv6-prefix-assignment": [
+
+			],
+			"route": [
+				{
+					"target": "::",
+					"mask": 0,
+					"nexthop": "::",
+					"source": "2001:db8:1000::/48"
+				},
+				{
+					"target": "::",
+					"mask": 0,
+					"nexthop": "::",
+					"source": "2001:db8:54:321::2/64"
+				}
+			],
+			"dns-server": [
+
+			],
+			"dns-search": [
+
+			],
+			"neighbors": [
+
+			],
+			"inactive": {
+				"ipv4-address": [
+
+				],
+				"ipv6-address": [
+
+				],
+				"route": [
+
+				],
+				"dns-server": [
+
+				],
+				"dns-search": [
+
+				],
+				"neighbors": [
+
+				]
+			},
+			"data": {
+
+			}
 		}
 	]
 }
author	Jo-Philipp Wich	2022-01-27 14:55:38 +0000
committer	Jo-Philipp Wich	2022-01-27 15:22:11 +0000
commit	ca88fcdfd1d3adfff965a2547e9c417a2950df24 (patch)
tree	599a6eea583ba678366ef2fd1a8ca7d1bf2712be
parent	fff9779978e0a1aec64cb5b2642272024e12905b (diff)
download	firewall4-ca88fcdfd1d3adfff965a2547e9c417a2950df24.tar.gz