Proxmox/pve-firewall
5
0
Fork 0
mirror of git://git.proxmox.com/git/pve-firewall.git synced 2025-02-02 13:47:16 +03:00
Code Releases Activity
619 Commits 6 Branches 0 Tags
Commit Graph

52 Commits

Author SHA1 Message Date
Wolfgang Bumiller
4a071299a3 test: add test for implicitly allowed container IP 2016-03-03 09:42:46 +01:00
Dietmar Maurer
e038c48552 adopt regresion tests for lxc containers 
Removed OpenVZ venet code.
 2015-08-12 11:59:18 +02:00
Dietmar Maurer
a306a176c4 add regression tests for ipfilter 2014-06-12 08:32:11 +02:00
Dietmar Maurer
66f33d78ed fwtester: add more network (net1, net2) to vm100 to test ipfilter 2014-06-12 08:30:33 +02:00
Dietmar Maurer
085fd492bf return empty ruleset if firewall disabled in cluster.fw 2014-06-04 07:24:34 +02:00
Dietmar Maurer
3782185622 another regression test 2014-05-30 11:28:24 +02:00
Dietmar Maurer
6af480d46d add test for long ipset names 2014-05-28 10:45:27 +02:00
Dietmar Maurer
1521df52e4 do not print trace when debug is not set 2014-05-27 11:31:09 +02:00
Dietmar Maurer
9b284533ff add test for aliases inside vm firewall configuration 2014-05-27 07:57:16 +02:00
Dietmar Maurer
4912485180 fwtester.pl: add warnings to trace 2014-05-27 06:58:13 +02:00
Dietmar Maurer
e0a38def09 fix comment 2014-05-26 12:58:58 +02:00
Dietmar Maurer
d4cda423ca improve error handling 
We now show syntax errors from firewall files with:

 # pve-firewall status

But we do not log such errors to syslog, because that would result
in same warning on each update (10 seconds).
 2014-05-23 11:32:33 +02:00
Dietmar Maurer
a51bd5484f add new test case to show serious bug 2014-05-21 09:35:23 +02:00
Dietmar Maurer
5b15e12404 add another test case 2014-05-21 09:01:55 +02:00
Dietmar Maurer
93d96f83f9 fix for test case test/test-errors1 2014-05-21 08:56:52 +02:00
Dietmar Maurer
c4c477f3d2 add test case to show serious bug 2014-05-21 08:39:33 +02:00
Dietmar Maurer
525778d783 rename cluster_network to local_network, introduce local_network alias 
So that the user can overwrite it.
 2014-05-21 07:43:50 +02:00
Dietmar Maurer
d4cae1d697 add tests for management ipset 2014-05-21 06:48:23 +02:00
Dietmar Maurer
eb399cef48 Introduce new management ipset 
The uses can setup a 'management' IPSet to make sure he has access to the GUI
from those IPs.
 2014-05-21 06:41:10 +02:00
Dietmar Maurer
63e8c70ed0 move test code to FirewallSimulator.pm 2014-05-20 09:46:35 +02:00
Dietmar Maurer
4a9ce6d362 add tests for corosync multicast addrtype rules 2014-05-20 08:24:31 +02:00
Dietmar Maurer
0394065673 do not enable VM firewall by default 
Else we get different behavior with empty vs. non-existinf <VMID>.fw
 2014-05-20 07:52:46 +02:00
Dietmar Maurer
318d0f92f0 add tests for default rules 2014-05-20 07:38:25 +02:00
Dietmar Maurer
ee06b00944 fwtester: set cluster network to 172.16.1.0/24, host_ip to 172.16.1.2 
So that we can add test for default rules
 2014-05-20 07:36:44 +02:00
Dietmar Maurer
832cd14cde fix regression test for previous commits 2014-05-20 06:33:33 +02:00
Dietmar Maurer
93be433387 allow API/SSH/SPICE/VNC traffic on local cluster network by default 2014-05-19 14:18:40 +02:00
Dietmar Maurer
dba740a9c7 change rule format: use named parameters 2014-05-19 07:53:00 +02:00
Dietmar Maurer
eb4ffe5404 add ipset regression tests 2014-05-15 12:53:48 +02:00
Dietmar Maurer
292e0ad9c2 fwtester: implement ipset testing 2014-05-15 12:45:08 +02:00
Dietmar Maurer
bef067035f add tests for unconfigured firewall (empty files) 2014-05-15 11:49:37 +02:00
Dietmar Maurer
97db66b2de add group tests for container 2014-05-15 11:15:29 +02:00
Dietmar Maurer
f8b12fffb8 fix security groups for VMs 
And add resgression tests for those fixes.
 2014-05-15 11:01:35 +02:00
Dietmar Maurer
9e980dd50c add security group tests 2014-05-15 10:27:35 +02:00
Dietmar Maurer
1352eaa1ec fwtester: add ability to run tests on several zones 2014-05-15 10:22:20 +02:00
Dietmar Maurer
680d56eeb0 fwtester: improve rule_match 
Use Net::IP to test source/dest.
 2014-05-15 08:57:01 +02:00
Dietmar Maurer
db990d66c7 fwtester: set firewall=1 for test VM interfaces 2014-05-15 06:52:23 +02:00
Dietmar Maurer
47ece390a9 fwtester: simplify code with ne bport zone 2014-05-15 06:37:37 +02:00
Dietmar Maurer
49e9d9a5db improve error messages 2014-05-15 06:05:20 +02:00
Dietmar Maurer
c0c871d858 fwtester: add new zone 'nfwm' to simulate a non-firewalled VM 2014-05-14 17:34:27 +02:00
Dietmar Maurer
6a84e461a3 fwtester: do not count ENTER/LEAVE 2014-05-14 17:02:55 +02:00
Dietmar Maurer
bee67bf132 add README for fwtester.pl 2014-05-14 15:32:55 +02:00
Dietmar Maurer
e73072a7c7 add tests for host interface match 2014-05-14 14:48:21 +02:00
Dietmar Maurer
e4e5fcaf20 fwtester: support dev regex with -i and -o 2014-05-14 14:12:48 +02:00
Dietmar Maurer
eb5faed9e3 fwtester: fix emulation - correctly set phydev_in 2014-05-14 13:55:59 +02:00
Dietmar Maurer
111cce513d fwtester: add counters for debugging 2014-05-14 13:44:02 +02:00
Dietmar Maurer
8215a0dafb fwtester: do not set packet default values 2014-05-14 13:20:53 +02:00
Dietmar Maurer
ec2e28f6d0 fwtester: implement some useful command line option 2014-05-14 12:14:32 +02:00
Dietmar Maurer
31dc73f1fd fwtester: implement new 'outside' zone 
To simulate traffic from/to outside world (vmbr0/eth0)
 2014-05-14 11:38:49 +02:00
Dietmar Maurer
d1486f380e fwtester: improve kernel simulation 2014-05-14 10:58:50 +02:00
Alexandre Derumier
d1b41c08fe rename link+ to fwln+ 
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
 2014-05-14 07:19:44 +02:00