for rule in rules:
remote_ip = rule['remote_ip_prefix']
- dir = '-i ' + ext_dev
if rule['direction'] == 'egress':
- dir = '-o ' + ext_dev
+ dir_opt = '-o %s -s %s' % (ext_dev, remote_ip)
+ else:
+ dir_opt = '-i %s -d %s' % (ext_dev, remote_ip)
if rule['excluded']:
- ipt_rule = dir + ' -d ' + remote_ip + ' -j RETURN'
- im.ipv4['filter'].add_rule(rules_chain, ipt_rule, wrap=False,
- top=True)
+ ipt_rule = '%s -j RETURN' % dir_opt
+ im.ipv4['filter'].add_rule(rules_chain, ipt_rule,
+ wrap=False, top=True)
else:
- ipt_rule = dir + ' -d ' + remote_ip + ' -j ' + label_chain
+ ipt_rule = '%s -j %s' % (dir_opt, label_chain)
im.ipv4['filter'].add_rule(rules_chain, ipt_rule,
wrap=False, top=False)
self.v4filter_inst.assert_has_calls(calls)
+ def test_process_metering_label_rules(self):
+ routers = [{'_metering_labels': [
+ {'id': 'c5df2fe5-c600-4a2a-b2f4-c0fb6df73c83',
+ 'rules': [{
+ 'direction': 'ingress',
+ 'excluded': False,
+ 'id': '7f1a261f-2489-4ed1-870c-a62754501379',
+ 'metering_label_id': 'c5df2fe5-c600-4a2a-b2f4-c0fb6df73c83',
+ 'remote_ip_prefix': '10.0.0.0/24'}]}],
+ 'admin_state_up': True,
+ 'gw_port_id': '6d411f48-ecc7-45e0-9ece-3b5bdb54fcee',
+ 'id': '473ec392-1711-44e3-b008-3251ccfc5099',
+ 'name': 'router1',
+ 'status': 'ACTIVE',
+ 'tenant_id': '6c5f5d2a1fa2441e88e35422926f48e8'},
+ {'_metering_labels': [
+ {'id': 'eeef45da-c600-4a2a-b2f4-c0fb6df73c83',
+ 'rules': [{
+ 'direction': 'egress',
+ 'excluded': False,
+ 'id': 'fa2441e8-2489-4ed1-870c-a62754501379',
+ 'metering_label_id': 'eeef45da-c600-4a2a-b2f4-c0fb6df73c83',
+ 'remote_ip_prefix': '20.0.0.0/24'}]}],
+ 'admin_state_up': True,
+ 'gw_port_id': '7d411f48-ecc7-45e0-9ece-3b5bdb54fcee',
+ 'id': '373ec392-1711-44e3-b008-3251ccfc5099',
+ 'name': 'router2',
+ 'status': 'ACTIVE',
+ 'tenant_id': '6c5f5d2a1fa2441e88e35422926f48e8'}]
+ self.metering.add_metering_label(None, routers)
+
+ calls = [mock.call.add_chain('neutron-meter-l-c5df2fe5-c60',
+ wrap=False),
+ mock.call.add_chain('neutron-meter-r-c5df2fe5-c60',
+ wrap=False),
+ mock.call.add_rule('neutron-meter-FORWARD', '-j '
+ 'neutron-meter-r-c5df2fe5-c60',
+ wrap=False),
+ mock.call.add_rule('neutron-meter-l-c5df2fe5-c60',
+ '',
+ wrap=False),
+ mock.call.add_rule('neutron-meter-r-c5df2fe5-c60',
+ '-i qg-6d411f48-ec -d 10.0.0.0/24'
+ ' -j neutron-meter-l-c5df2fe5-c60',
+ wrap=False, top=False),
+ mock.call.add_chain('neutron-meter-l-eeef45da-c60',
+ wrap=False),
+ mock.call.add_chain('neutron-meter-r-eeef45da-c60',
+ wrap=False),
+ mock.call.add_rule('neutron-meter-FORWARD', '-j '
+ 'neutron-meter-r-eeef45da-c60',
+ wrap=False),
+ mock.call.add_rule('neutron-meter-l-eeef45da-c60',
+ '',
+ wrap=False),
+ mock.call.add_rule('neutron-meter-r-eeef45da-c60',
+ '-o qg-7d411f48-ec -s 20.0.0.0/24'
+ ' -j neutron-meter-l-eeef45da-c60',
+ wrap=False, top=False)]
+
+ self.v4filter_inst.assert_has_calls(calls)
+
def test_add_metering_label_with_rules(self):
routers = [{'_metering_labels': [
{'id': 'c5df2fe5-c600-4a2a-b2f4-c0fb6df73c83',
mock.call.empty_chain('neutron-meter-r-c5df2fe5-c60',
wrap=False),
mock.call.add_rule('neutron-meter-r-c5df2fe5-c60',
- '-o qg-6d411f48-ec -d 10.0.0.0/24'
+ '-o qg-6d411f48-ec -s 10.0.0.0/24'
' -j RETURN',
wrap=False, top=True),
mock.call.add_rule('neutron-meter-r-c5df2fe5-c60',
Code Review / openstack-build / neutron-build.git / commitdiff