rpms / firewalld

Clone
Source Code
GIT

Blame SOURCES/RHEL-only-0001-tests-firewall-cmd-fix-rich-rule-priority-test.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   21c891623aedfc93c402340bdbb20138c7b6dcba
  2.   SOURCES
  3.   RHEL-only-0001-tests-firewall-cmd-fix-rich-rule-priority-test.patch
Blob History Raw
21c891 
From 7321922c6682eba8d54dfcb2f41be52b36527608 Mon Sep 17 00:00:00 2001
21c891 
From: Eric Garver <e@erig.me>
21c891 
Date: Thu, 13 Dec 2018 15:03:37 -0500
21c891 
Subject: [PATCH] tests/firewall-cmd: fix rich rule priority test
21c891
21c891 
Since we enabled cockpit by default, we need to adjusts these tests.
21c891 
---
21c891 
 src/tests/firewall-cmd.at | 14 +++++++++++++-
21c891 
 1 file changed, 13 insertions(+), 1 deletion(-)
21c891
21c891 
diff --git a/src/tests/firewall-cmd.at b/src/tests/firewall-cmd.at
21c891 
index baef4d6dc7ef..87e0eea4150e 100644
21c891 
--- a/src/tests/firewall-cmd.at
21c891 
+++ b/src/tests/firewall-cmd.at
21c891 
@@ -956,6 +956,7 @@ FWD_START_TEST([rich rules priority])
21c891 
         chain filter_IN_public_allow {
21c891 
         tcp dport 22 ct state new,untracked accept
21c891 
         ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept
21c891 
+		tcp dport 9090 ct state new,untracked accept
21c891 
         tcp dport 1122 ct state new,untracked accept
21c891 
         tcp dport 3333 ct state new,untracked accept
21c891 
         tcp dport 4444 ct state new,untracked accept
21c891 
@@ -971,6 +972,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     ])
21c891 
     IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
         ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1122 ctstate NEW,UNTRACKED
21c891 
         ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3333 ctstate NEW,UNTRACKED
21c891 
         ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:4444 ctstate NEW,UNTRACKED
21c891 
@@ -985,6 +987,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
         ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
         ACCEPT tcp ::/0 ::/0 tcp dpt:1122 ctstate NEW,UNTRACKED
21c891 
         ACCEPT tcp ::/0 ::/0 tcp dpt:3333 ctstate NEW,UNTRACKED
21c891 
         ACCEPT tcp ::/0 ::/0 tcp dpt:4444 ctstate NEW,UNTRACKED
21c891 
@@ -1057,6 +1060,7 @@ FWD_START_TEST([rich rules priority])
21c891 
         chain filter_IN_public_allow {
21c891 
         tcp dport 22 ct state new,untracked accept
21c891 
         ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept
21c891 
+        tcp dport 9090 ct state new,untracked accept
21c891 
         ct state new,untracked mark 0x00000064 accept
21c891 
         ct state new,untracked mark 0x00000068 accept
21c891 
         }
21c891 
@@ -1173,6 +1177,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     ])
21c891 
     IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
         ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate NEW,UNTRACKED mark match 0x64
21c891 
     ])
21c891 
     IPTABLES_LIST_RULES([filter], [FWDI_public_pre], 0, [dnl
21c891 
@@ -1215,6 +1220,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
         ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
         ACCEPT all ::/0 ::/0 ctstate NEW,UNTRACKED mark match 0x68
21c891 
     ])
21c891 
     IP6TABLES_LIST_RULES([filter], [FWDI_public_pre], 0, [dnl
21c891 
@@ -1268,6 +1274,7 @@ FWD_START_TEST([rich rules priority])
21c891 
         chain filter_IN_public_allow {
21c891 
         tcp dport 22 ct state new,untracked accept
21c891 
         ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept
21c891 
+        tcp dport 9090 ct state new,untracked accept
21c891 
         icmp type echo-request accept
21c891 
         icmpv6 type echo-request accept
21c891 
         }
21c891 
@@ -1308,6 +1315,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     ])
21c891 
     IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
         ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
21c891 
     ])
21c891 
     IPTABLES_LIST_RULES([filter], [FWDI_public_pre], 0, [dnl
21c891 
@@ -1330,6 +1338,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
         ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
         ACCEPT icmpv6 ::/0 ::/0 ipv6-icmptype 128
21c891 
     ])
21c891 
     IP6TABLES_LIST_RULES([filter], [FWDI_public_pre], 0, [dnl
21c891 
@@ -1387,6 +1396,7 @@ FWD_START_TEST([rich rules priority])
21c891 
         chain filter_IN_public_allow {
21c891 
         tcp dport 22 ct state new,untracked accept
21c891 
         ip6 daddr fe80::/64 udp dport 546 ct state new,untracked accept
21c891 
+        tcp dport 9090 ct state new,untracked accept
21c891 
         }
21c891 
         }
21c891 
     ])
21c891 
@@ -1424,6 +1434,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     ])
21c891 
     IPTABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
     ])
21c891 
     IPTABLES_LIST_RULES([filter], [IN_public_deny], 0, [dnl
21c891 
     ])
21c891 
@@ -1444,6 +1455,7 @@ FWD_START_TEST([rich rules priority])
21c891 
     IP6TABLES_LIST_RULES([filter], [IN_public_allow], 0, [dnl
21c891 
         ACCEPT tcp ::/0 ::/0 tcp dpt:22 ctstate NEW,UNTRACKED
21c891 
         ACCEPT udp ::/0 fe80::/64 udp dpt:546 ctstate NEW,UNTRACKED
21c891 
+        ACCEPT tcp ::/0 ::/0 tcp dpt:9090 ctstate NEW,UNTRACKED
21c891 
     ])
21c891 
     IP6TABLES_LIST_RULES([filter], [IN_public_deny], 0, [dnl
21c891 
     ])
21c891 
@@ -1469,7 +1481,7 @@ FWD_START_TEST([rich rules priority])
21c891 
         icmp-block-inversion: no
21c891 
         interfaces:
21c891 
         sources:
21c891 
-        services: dhcpv6-client ssh
21c891 
+        services: cockpit dhcpv6-client ssh
21c891 
         ports:
21c891 
         protocols:
21c891 
         masquerade: no
21c891 
--
21c891 
2.18.0
21c891

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation