[libvirt] [test-API][PATCH] The patch covers all nwfilter api provided by libvirt.py. It includes define/undefine/list nwfilters and check them via checking ebtables rule. The following new files are added. cases/nwfilter.conf repos/nwfilter/__init__.py repos/nwfilter/nwfilter_check.py * Check the nwfilter via checking ebtales repos/nwfilter/nwfilter_define.py * Define the nwfilter using specified value repos/nwfilter/nwfilter_list.py * List all of the available network filters repos/nwfilter/nwfilter_undefine.py * Undefine the specified nwfilter repos/nwfilter/xmls/nwfilter.xml
hongming
honzhang at redhat.com
Wed Mar 20 01:22:48 UTC 2013
On 03/18/2013 05:53 PM, Osier Yang wrote:
> On 2013年03月18日 14:54, hongming wrote:
>
> Can you shorten the patch subject? And add the sentences in the commit
> log instead?
>
Sorry , Please ignore the patch . I made a mistake when generate patch .
I send another patch with subject - Add nwfilter test cases and conf
>> ---
>> cases/nwfilter.conf | 59 +++++++++++++++++
>> repos/nwfilter/nwfilter_check.py | 120
>> +++++++++++++++++++++++++++++++++++
>> repos/nwfilter/nwfilter_define.py | 54 ++++++++++++++++
>> repos/nwfilter/nwfilter_list.py | 76 ++++++++++++++++++++++
>> repos/nwfilter/nwfilter_undefine.py | 43 +++++++++++++
>> repos/nwfilter/xmls/nwfilter.xml | 3 +
>> 6 files changed, 355 insertions(+), 0 deletions(-)
>> create mode 100644 cases/nwfilter.conf
>> create mode 100644 repos/nwfilter/__init__.py
>> create mode 100644 repos/nwfilter/nwfilter_check.py
>> create mode 100644 repos/nwfilter/nwfilter_define.py
>> create mode 100644 repos/nwfilter/nwfilter_list.py
>> create mode 100644 repos/nwfilter/nwfilter_undefine.py
>> create mode 100644 repos/nwfilter/xmls/nwfilter.xml
>>
>> diff --git a/cases/nwfilter.conf b/cases/nwfilter.conf
>> new file mode 100644
>> index 0000000..b394ee5
>> --- /dev/null
>> +++ b/cases/nwfilter.conf
>> @@ -0,0 +1,59 @@
>> +domain:install_linux_cdrom
>> + guestname
>> + $defaultname
>> + guestos
>> + $defaultos
>> + guestarch
>> + $defaultarch
>> + vcpu
>> + $defaultvcpu
>> + memory
>> + $defaultmem
>> + hddriver
>> + $defaulthd
>> + nicdriver
>> + $defaultnic
>> + imageformat
>> + qcow2
>> + macaddr
>> + 54:52:00:4a:16:30
>> +
>> +nwfilter:nwfilter_list
>> +
>> +# chain -- ipv4, ipv6, arp .etc
>> +# action -- mandatory; drop, accept, return
>> +# direction -- mandatory; must either be in, out or inout
>> +nwfilter:nwfilter_define
>> + nwfiltername
>> + disallow-arp
>> + chain
>> + arp
>> + action
>> + drop
>> + direction
>> + inout
>> +
>> +nwfilter:nwfilter_list
>> +
>> +nwfilter:nwfilter_check
>> + nwfiltername
>> + disallow-arp
>> + guestname
>> + $defaultname
>> +
>> +nwfilter:nwfilter_define
>> + nwfiltername
>> + disallow-ipv6
>> + chain
>> + ipv6
>> + action
>> + drop
>> + direction
>> + in
>> +
>> +nwfilter:nwfilter_undefine
>> + nwfiltername
>> + disallow-ipv6
>> +
>> +nwfilter:nwfilter_list
>> +
>> diff --git a/repos/nwfilter/__init__.py b/repos/nwfilter/__init__.py
>> new file mode 100644
>> index 0000000..e69de29
>> diff --git a/repos/nwfilter/nwfilter_check.py
>> b/repos/nwfilter/nwfilter_check.py
>> new file mode 100644
>> index 0000000..b2c7ece
>> --- /dev/null
>> +++ b/repos/nwfilter/nwfilter_check.py
>> @@ -0,0 +1,120 @@
>> +#!/usr/bin/env python
>> +import time
>> +import xml.dom.minidom
>> +
>> +from libvirt import libvirtError
>> +from utils import utils
>> +from xml.dom import minidom
>> +
>> +from src import sharedmod
>> +
>> +required_params = ('nwfiltername','guestname',)
>> +optional_params = {}
>> +
>> +EBTABLES = "ebtables -t nat -L"
>> +
>> +def get_ebtables():
>> + """ Get the output of ebtables """
>> + (status, output) = utils.exec_cmd(EBTABLES,shell=True)
>> + logger.info("Execute command:" + EBTABLES)
>> + ebtables_list = []
>> +
>> + if status:
>> + logger.error("Executing " + EBTABLES + " failed")
>> + logger.error(output)
>> + return False
>> + else:
>> + for i in range(len(output)):
>> + ebtables_list.append(output[i])
>> + logger.info("Get the output of ebtables list: %s" \
>> + % ebtables_list)
>> +
>> + return ebtables_list
>> +
>> +def check_ebtables(*args):
>> + """ Check the ebtables """
>> + (nwfiltername,conn)= args
>> + ebtables_list = get_ebtables()
>> +
>> + #Get the filter' attribute value
>> + nwfilter_xml = conn.nwfilterLookupByName(nwfiltername).XMLDesc(0)
>> + nwfilter_parsedxml = minidom.parseString(nwfilter_xml)
>> + chain = nwfilter_parsedxml.getElementsByTagName("filter")[0].\
>> + getAttribute("chain")
>> + rule = nwfilter_parsedxml.getElementsByTagName("rule")[0]
>> + action = rule.getAttribute("action").upper()
>> + direction = rule.getAttribute("direction")
>> + logger.info("The nwfilter chain:%s ,action:%s ,direction:%s " %\
>> + (chain,action,direction) )
>> + in_vnet_chain = "I-vnet0-" + chain
>> + out_vnet_chain = "O-vnet0-" + chain
>> +
>> + if cmp(direction,"inout") == 0 :
>> + if len(ebtables_list) == 21 and in_vnet_chain in
>> ebtables_list[-5]\
>> + and out_vnet_chain in ebtables_list[-2] \
>> + and action in ebtables_list[-1] \
>> + and action in ebtables_list[-4]:
>> + return True
>> + else:
>> + return False
>> + elif cmp(direction,"in") == 0:
>> + if len(ebtables_list) == 14 and out_vnet_chain in
>> ebtables_list[-2]\
>> + and action in ebtables_list[-1]:
>> + return True
>> + else:
>> + return False
>> +
>> + elif cmp(direction,"out") == 0:
>> + if len(ebtables_list) == 14 and in_vnet_chain in
>> ebtables_list[-2] \
>> + and action in ebtables_list[-1]:
>> + return True
>> + else:
>> + return False
>> +
>> +def nwfilter_check(params):
>> + """Check the nwfilter via checking ebtales"""
>> + global logger
>> + logger = params['logger']
>> + nwfiltername = params['nwfiltername']
>> + guestname = params['guestname']
>> + domain_nwfilter_xml = ""
>> +
>> + conn = sharedmod.libvirtobj['conn']
>> + domobj = conn.lookupByName(guestname)
>> +
>> + try:
>> +
>> + #Create the nwfilter's element and append it to domain xml
>> + domxml = domobj.XMLDesc(0)
>> + domain_parsedxml = minidom.parseString(domxml)
>> + domain_ifxml =
>> domain_parsedxml.getElementsByTagName("interface")
>> + filterxml = domain_parsedxml.createElement("filterref")
>> + filterxml.setAttribute("filter", nwfiltername)
>> + domain_ifxml[0].appendChild(filterxml)
>> +
>> + #Destroy the domain and redefine it with nwfilter
>> + domobj.destroy()
>> + time.sleep(5)
>> + domobj.undefine()
>> +
>> + #Define the new domain with the nwfilter
>> + dom_nwfilter = conn.defineXML(domain_parsedxml.toxml())
>> + logger.debug("The xml of new defined domain with nwfilter
>> %s" % \
>> + dom_nwfilter.XMLDesc(0))
>> +
>> + #Start the new defined domain
>> + dom_nwfilter.create()
>> + time.sleep(5)
>> +
>> + if check_ebtables(nwfiltername,conn):
>> + logger.info("Successfully create nwfilter")
>> + return 0
>> + else:
>> + logger.error("Failed to create nwfilter")
>> + return 1
>> +
>> + except libvirtError, e:
>> + logger.error("API error message: %s" % e.message)
>> + return 1
>> +
>> + return 0
>> \ No newline at end of file
>> diff --git a/repos/nwfilter/nwfilter_define.py
>> b/repos/nwfilter/nwfilter_define.py
>> new file mode 100644
>> index 0000000..e20fd2d
>> --- /dev/null
>> +++ b/repos/nwfilter/nwfilter_define.py
>> @@ -0,0 +1,54 @@
>> +#! /usr/bin/env python
>> +
>> +
>> +
>> +from libvirt import libvirtError
>> +from src import sharedmod
>> +
>> +
>> +required_params = ('nwfiltername','chain','action','direction')
>> +optional_params = {'xml' : 'xmls/nwfilter.xml',}
>> +
>> +def nwfilter_define(params):
>> + """ Define network filters."""
>> + logger = params['logger']
>> + conn = sharedmod.libvirtobj['conn']
>> + xmlstr = params['xml']
>> + nwfiltername = params['nwfiltername']
>> + chain = params['chain']
>> + action = params['action']
>> + direction = params['direction']
>> +
>> +
>> + xmlstr = xmlstr.replace('NWFILTERNAME', nwfiltername)
>> + xmlstr = xmlstr.replace('CHAIN', chain)
>> + xmlstr = xmlstr.replace('ACTION', action)
>> + xmlstr = xmlstr.replace('DIRECTION', direction)
>> + try:
>> + logger.info("nwfiltername:%s chain:%s action:%s
>> direction:%s" % \
>> + (nwfiltername,chain,action,direction))
>> + logger.info("The nwfilter's xml is %s" % xmlstr)
>> +
>> + #Define the nwfilter with given attribute value from
>> nwfilter.conf"""
>> + conn.nwfilterDefineXML(xmlstr)
>> + nwfilterxml =
>> conn.nwfilterLookupByName(nwfiltername).XMLDesc(0)
>> +
>> + if nwfiltername in conn.listNWFilters():
>> + logger.info("The nwfilter list includes the defined
>> nwfilter")
>> + if cmp(xmlstr,nwfilterxml):
>> + logger.info("Successfully define the nwfilter %s" % \
>> + nwfiltername)
>> + return 0
>> + else:
>> + logger.error("Fail to define the nwfilter %s" %
>> nwfiltername)
>> + return 1
>> + else:
>> + logger.error("Failed,nwfilter list doesn't include the
>> defined \
>> + nwfilter")
>> + return 1
>> +
>> + except libvirtError, e:
>> + logger.error("API error message: %s" % e.message)
>> + return 1
>> +
>> + return 0
>> \ No newline at end of file
>> diff --git a/repos/nwfilter/nwfilter_list.py
>> b/repos/nwfilter/nwfilter_list.py
>> new file mode 100644
>> index 0000000..056ee1f
>> --- /dev/null
>> +++ b/repos/nwfilter/nwfilter_list.py
>> @@ -0,0 +1,76 @@
>> +#!/usr/bin/env python
>> +
>> +from libvirt import libvirtError
>> +from utils import utils
>> +
>> +from src import sharedmod
>> +
>> +required_params = ()
>> +optional_params = {}
>> +
>> +NWFILTER_LIST_API_DIR = "ls /etc/libvirt/nwfilter"
>> +
>> +def get_nwfilterlist_dir():
>> + """ Get the nwfilter list from dir """
>> +
>> + (status, output) = utils.exec_cmd(NWFILTER_LIST_API_DIR,shell=True)
>> + logger.info("Execute command:" + NWFILTER_LIST_API_DIR)
>> + nwfilter_list_api_dir = []
>> + if status:
>> + logger.error("Executing " + NWFILTER_LIST_API_DIR + " failed")
>> + logger.error(output)
>> + return False
>> + else:
>> + for i in range(len(output)):
>> + nwfilter_list_api_dir.append(output[i][:-4])
>> + logger.info("Get nwfilters name list under dir: %s" \
>> + % nwfilter_list_api_dir)
>> + return nwfilter_list_api_dir
>> +
>> +def nwfilter_list(params):
>> + """ List all of the available network filters."""
>> + global logger
>> + logger = params['logger']
>> + conn = sharedmod.libvirtobj['conn']
>> +
>> + try:
>> + #Get the nwfilter name list from API """
>> + nwfilter_namelist_api = conn.listNWFilters()
>> +
>> + #Get the nwfilter object list
>> + nwfilter_list_api = conn.listAllNWFilters(0)
>> + logger.info("The connection URI %s" % \
>> + nwfilter_list_api[0].connect().getURI())
>> +
>> + #Get the number of nwfilters from API
>> + nwfilter_num = conn.numOfNWFilters()
>> +
>> + nwfilter_list_dir = get_nwfilterlist_dir()
>> + if nwfilter_num == len(nwfilter_list_api) and \
>> + len(nwfilter_list_api) == len(nwfilter_list_dir) and \
>> + cmp(nwfilter_namelist_api,nwfilter_list_dir):
>> + logger.info("The number of available network filters is
>> %s" % \
>> + nwfilter_num)
>> + else:
>> + logger.error("Failed to get the nwfilters list")
>> + return 1
>> +
>> + for nwfilter_item in nwfilter_list_api:
>> + if nwfilter_item.name()in nwfilter_list_dir and \
>> + nwfilter_item.name()in nwfilter_namelist_api:
>> + logger.info("The name is %s" % nwfilter_item.name())
>> + else:
>> + logger.error("Failed to get nwfilter's name.")
>> + return 1
>> + if
>> cmp(str(nwfilter_item.UUID()),nwfilter_item.UUIDString()):
>> + logger.info("The UUID is %s" %
>> nwfilter_item.UUIDString())
>> + else:
>> + logger.error("Failed to get nwfilter's uuid.")
>> + return 1
>> +
>> +
>> + except libvirtError, e:
>> + logger.error("API error message: %s" % e.message)
>> + return 1
>> +
>> + return 0
>> \ No newline at end of file
>> diff --git a/repos/nwfilter/nwfilter_undefine.py
>> b/repos/nwfilter/nwfilter_undefine.py
>> new file mode 100644
>> index 0000000..b9ea332
>> --- /dev/null
>> +++ b/repos/nwfilter/nwfilter_undefine.py
>> @@ -0,0 +1,43 @@
>> +#!/usr/bin/env python
>> +
>> +from libvirt import libvirtError
>> +
>> +from src import sharedmod
>> +
>> +required_params = ('nwfiltername',)
>> +optional_params = {}
>> +
>> +def nwfilter_undefine(params):
>> + """Undefine the specified nwfilter"""
>> + logger = params['logger']
>> + nwfiltername = params['nwfiltername']
>> + conn = sharedmod.libvirtobj['conn']
>> +
>> + try:
>> + nwfilter = conn.nwfilterLookupByName(nwfiltername)
>> + uuidstr = nwfilter.UUIDString()
>> + uuid = nwfilter.UUID()
>> + # Lookup by nwfilter's uuid string
>> + nwfilter_uuidstr = conn.nwfilterLookupByUUIDString(uuidstr)
>> + # Lookup by nwfilter's uuid
>> + nwfilter_uuid = conn.nwfilterLookupByUUID(uuid)
>> +
>> + # Check if the nwfilter lookup by name/uuid/uuidstr is the
>> same one
>> + if cmp(nwfilter,nwfilter_uuidstr) and cmp(nwfilter_uuidstr,\
>> + nwfilter_uuid):
>> + # Undefine the nwfilter
>> + nwfilter.undefine()
>> + # Check if the nwfiler list includes the undefined
>> nwfilter
>> + if nwfiltername not in conn.listNWFilters():
>> + logger.info("Successfully undefine the nwfilter %s"
>> % \
>> + nwfiltername)
>> + return 0
>> + else:
>> + logger.error("Failed to undefine the nwfilter %s" %
>> nwfiltername)
>> + return 1
>> +
>> + except libvirtError, e:
>> + logger.error("API error message: %s" % e.message)
>> + return 1
>> +
>> + return 0
>> diff --git a/repos/nwfilter/xmls/nwfilter.xml
>> b/repos/nwfilter/xmls/nwfilter.xml
>> new file mode 100644
>> index 0000000..6d52d5d
>> --- /dev/null
>> +++ b/repos/nwfilter/xmls/nwfilter.xml
>> @@ -0,0 +1,3 @@
>> +<filter name='NWFILTERNAME' chain='CHAIN'>
>> +<rule action='ACTION' direction='DIRECTION' priority='500'/>
>> +</filter>
>
More information about the libvir-list
mailing list