prpl/prplos
2
0
Fork 0
mirror of https://gitlab.com/prpl-foundation/prplos/prplos.git synced 2025-12-20 00:56:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
f78b369cf0401b370e96511cea4ba1f790a9bf79
prplos/.gitlab/tests/cram/turris-omnia/acceleration-plan-components/010-firewall-dmz.t
Petr Štetiar f78b369cf0 ci: copy over files from prplOS v1.5 release 
In order to have QA in place.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-07-11 06:00:11 +00:00

36 lines
1.2 KiB
Perl
Raw Blame History

Create R alias:
$ alias R="${CRAM_REMOTE_COMMAND:-}"
Add DMZ host:
$ printf "\
> ubus-cli Firewall.X_Prpl_DMZ+{Alias='test'}
> ubus-cli Firewall.X_Prpl_DMZ.test.SourceInterface=eth2
> ubus-cli Firewall.X_Prpl_DMZ.test.DestinationIPAddress=192.168.1.186
> ubus-cli Firewall.X_Prpl_DMZ.test.Enable=1
> " > /tmp/cram
$ script --command "ssh -t root@$TARGET_LAN_IP '$(cat /tmp/cram)'" > /dev/null; sleep 1
Check that correct firewall rules were created:
$ R "iptables -t nat -L POSTROUTING_DMZ | grep 186 | sort"
SNAT all -- prplOS.lan 192.168.1.186 to:10.0.0.2
$ R "iptables -t nat -L PREROUTING_DMZ | grep 186 | sort"
DNAT all -- anywhere 10.0.0.2 to:192.168.1.186
$ R "iptables -L FORWARD_DMZ | grep 186 | sort"
ACCEPT all -- 192.168.1.186 anywhere
ACCEPT all -- anywhere 192.168.1.186
Remove DMZ host:
$ script --command "ssh -t root@$TARGET_LAN_IP ubus-cli Firewall.X_Prpl_DMZ.test-" > /dev/null; sleep 1
Check that firewall rules are gone:
$ R "iptables -t nat -L POSTROUTING_DMZ | grep 186 | sort"
$ R "iptables -t nat -L PREROUTING_DMZ | grep 186 | sort"
$ R "iptables -L FORWARD_DMZ | grep 186 | sort"
Reference in New Issue View Git Blame Copy Permalink