dan/liminix
1
0
Fork 5
Code

check firewall zones in pppoe test

Browse Source
This commit is contained in:
Daniel Barlow 2025-02-25 23:32:05 +00:00
parent 024c018262
commit f4dc001b71
2 changed files with 29 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
tests/pppoe/configuration.nix
View File

@ -15,6 +15,7 @@ rec {
../../modules/ppp ../../modules/ppp
../../modules/dnsmasq ../../modules/dnsmasq
../../modules/network ../../modules/network
../../modules/firewall
]; ];
services.pppoe = svc.pppoe.build { services.pppoe = svc.pppoe.build {
@ -23,6 +24,13 @@ rec {
password = "NotReallyTheSecret"; password = "NotReallyTheSecret";
}; };
services.firewall = svc.firewall.build {
zones = {
wan = [ services.pppoe ];
lan = [ services.lan4 ];
};
};
services.defaultroute4 = svc.network.route.build { services.defaultroute4 = svc.network.route.build {
via = "$(output ${services.pppoe} address)"; via = "$(output ${services.pppoe} address)";
target = "default"; target = "default";
@ -39,5 +47,5 @@ rec {
domain = "fake.liminix.org"; domain = "fake.liminix.org";
}; };
defaultProfile.packages = [ pkgs.hello ]; defaultProfile.packages = with pkgs; [ nftables hello ];
} }

23
tests/pppoe/getaddress.expect
View File

@ -1,18 +1,35 @@
set timeout 60 set timeout 60
spawn socat unix-connect:vm/console - spawn socat unix-connect:vm/console -
expect "s6-linux-init"
send "\r\n" send "\r\n"
expect "#" expect "#"
send "PS1=\$(echo 'I1JFQURZIyA=' | base64 -d); stty -echo\n"
expect "#READY#"
set FINISHED 0 set FINISHED 0
set EXIT "1" set EXIT "1"
while { $FINISHED < 10 } { while { $FINISHED < 10 } {
send "ip address show dev ppp0 | grep ppp0\r\n" send "ip address show dev ppp0 | grep ppp0\n"
expect { expect {
"192.168.100.1" { set FINISHED 20; set EXIT 0; } "192.168.100.1" { set FINISHED 20; set EXIT 0; }
"can't find device" { send_user "waiting ..." ; send "\r\n"; sleep 3 } "can't find device" { send_user "waiting ..." ; sleep 3 }
"DOWN" { send_user "waiting ..." ; send "\r\n"; sleep 3 } "DOWN" { send_user "waiting ..." ; sleep 3 }
} }
set FINISHED [ expr $FINISHED + 1 ] set FINISHED [ expr $FINISHED + 1 ]
} }
send "nft list set ip table-ip wan || touch /non/existent\n"
expect {
"ppp0" { puts "ppp0 found " }
"{ }" { puts "missing ifname"; exit 1 }
"No such file or directory" { exit 1 }
}
expect "#READY#"
send "nft list set ip table-ip lan || touch /non/existent\n"
expect {
"lan" { puts "lan found" }
"{ }" { puts "missing ifname"; exit 1 }
"No such file or directory" { exit 1 }
}
expect "#READY#"
exit $EXIT exit $EXIT