check firewall zones in pppoe test

tests/pppoe/configuration.nix

@@ -15,6 +15,7 @@ rec {
     ../../modules/ppp
     ../../modules/dnsmasq
     ../../modules/network
+    ../../modules/firewall
   ];
 
   services.pppoe = svc.pppoe.build {
@@ -23,6 +24,13 @@ rec {
     password = "NotReallyTheSecret";
   };
 
+  services.firewall = svc.firewall.build {
+    zones = {
+      wan = [ services.pppoe ];
+      lan = [ services.lan4 ];
+    };
+  };
+
   services.defaultroute4 = svc.network.route.build {
     via = "$(output ${services.pppoe} address)";
     target = "default";
@@ -39,5 +47,5 @@ rec {
     domain = "fake.liminix.org";
   };
 
-  defaultProfile.packages = [ pkgs.hello ];
+  defaultProfile.packages = with pkgs; [ nftables hello ];
 }

tests/pppoe/getaddress.expect

@@ -1,18 +1,35 @@
 set timeout 60
 
 spawn socat unix-connect:vm/console -
+expect "s6-linux-init"
 send "\r\n"
 expect "#"
+send "PS1=\$(echo 'I1JFQURZIyA=' | base64 -d); stty -echo\n"
+expect "#READY#"
 set FINISHED 0
 set EXIT "1" 
 while { $FINISHED < 10 } {
-  send "ip address show dev ppp0 | grep ppp0\r\n"
+  send "ip address show dev ppp0 | grep ppp0\n"
   expect {
     "192.168.100.1" { set FINISHED 20; set EXIT 0; }
-    "can't find device" { send_user "waiting ..." ; send "\r\n"; sleep 3 }
-    "DOWN" { send_user "waiting ..." ; send "\r\n"; sleep 3 }
+    "can't find device" { send_user "waiting ..." ; sleep 3 }
+    "DOWN" { send_user "waiting ..." ; sleep 3 }
   }
   set FINISHED [ expr $FINISHED + 1 ]
 }
+send "nft list set ip table-ip wan || touch /non/existent\n"
+expect {
+  "ppp0" { puts "ppp0 found " }
+  "{ }" { puts "missing ifname"; exit 1 }
+  "No such file or directory" { exit 1 }
+}  
+expect "#READY#"
 
+send "nft list set ip table-ip lan || touch /non/existent\n"
+expect {
+  "lan" { puts "lan found" }
+  "{ }" { puts "missing ifname"; exit 1 }
+  "No such file or directory" { exit 1 }
+}  
+expect "#READY#"
 exit $EXIT