mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
f948e96299
CLOUDSTACK-8925 - Default allow for Egress rules is not being configured properly in VR iptables rulesThis PR fixes the router default policy for egress. When the default is DENY, the router still allows outgoing connections. The test component/test_routers_network_ops.py was improved to cover that case as well. The results were: Test redundant router internals ... === TestName: test_01_isolate_network_FW_PF_default_routes_egress_true | Status : SUCCESS === ok Test redundant router internals ... === TestName: test_02_isolate_network_FW_PF_default_routes_egress_false | Status : SUCCESS === ok Test redundant router internals ... === TestName: test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true | Status : SUCCESS === ok Test redundant router internals ... === TestName: test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false | Status : SUCCESS === ok ---------------------------------------------------------------------- Ran 4 tests in 3636.656s OK /tmp//MarvinLogs/test_routers_network_ops_QDL429/results.txt (END) * pr/1023: CLOUDSTACK-8925 - Implement the default egress DENY/ALLOW properly CLOUDSTACK-8925 - Improve the default egress tests in order to cover newly entered rules CLOUDSTACK-8925 - Add egress dataset to test_data.py CLOUDSTACK-8925 - Drop the traffic when default egress is set to false Signed-off-by: Remi Bergsma <github@remi.nl>