From 69fe39c8e402875fd1a6bd55c136f4dd2a5d7bce Mon Sep 17 00:00:00 2001 From: Kevin Carter Date: Thu, 28 May 2020 16:02:35 -0500 Subject: [PATCH] Update scn003 to exercise ExtraFirewallrules capabilities This change will add a couple extra firewall rules to scenario 003 which will ensure we're exercising an optional code path, which provides a functional example of how we can leverage the feature. The scenario test matrix has been updated to indicate "extra firewall" is tested in scn003. Change-Id: I9db8e2acbacb820c3e8b6b2eb7a8a0dbbae4a089 Signed-off-by: Kevin Carter --- README.rst | 2 ++ ci/environments/scenario003-standalone.yaml | 11 +++++++++++ 2 files changed, 13 insertions(+) diff --git a/README.rst b/README.rst index e5d96da725..2f44c7f40f 100644 --- a/README.rst +++ b/README.rst @@ -140,3 +140,5 @@ and should be executed according to the following table: +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | rear | | X | | | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ +| Extra Firewall | | | | X | | | | | | | | ++----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ diff --git a/ci/environments/scenario003-standalone.yaml b/ci/environments/scenario003-standalone.yaml index bc4fcb0be4..29033a2851 100644 --- a/ci/environments/scenario003-standalone.yaml +++ b/ci/environments/scenario003-standalone.yaml @@ -78,3 +78,14 @@ parameter_defaults: rndc_port: 953 rndc_key_file: /etc/rndc.key ContainerCli: podman + ExtraFirewallRules: + '301 allow arbitrary tcp rule': + dport: 12345 + proto: tcp + source: 127.0.0.1 + action: insert + '302 allow arbitrary udp rule': + dport: 12345 + proto: udp + source: 127.0.0.1 + action: append