Handle icmp type 0 validation correctly
Change-Id: I83ee7460a6021e9e9b1fb6b708f478ce47b7e36d
This commit is contained in:
parent
1fa605d79b
commit
3f4f651a7f
|
@ -255,6 +255,27 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
||||||
None, section_id, group_id, False,
|
None, section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
|
|
||||||
|
def test_create_rule_with_illegal_icmp_0_255(self):
|
||||||
|
rule_id = uuidutils.generate_uuid()
|
||||||
|
rule = {'id': rule_id,
|
||||||
|
'ethertype': 'IPv4',
|
||||||
|
'protocol': 'icmp',
|
||||||
|
'direction': 'egress',
|
||||||
|
'port_range_min': 0,
|
||||||
|
'port_range_max': 255,
|
||||||
|
'remote_ip_prefix': None}
|
||||||
|
rules = [rule]
|
||||||
|
section_id = 'section-id'
|
||||||
|
group_id = 'nsgroup-id'
|
||||||
|
target_id = 'dummy'
|
||||||
|
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
||||||
|
return_value="2.4.0"):
|
||||||
|
self.assertRaises(
|
||||||
|
nsxlib_exc.InvalidInput,
|
||||||
|
self.nsxlib.firewall_section.create_section_rules,
|
||||||
|
section_id, group_id, False,
|
||||||
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
|
|
||||||
def test_create_with_rules(self):
|
def test_create_with_rules(self):
|
||||||
expected_body = {
|
expected_body = {
|
||||||
'display_name': 'display-name',
|
'display_name': 'display-name',
|
||||||
|
|
|
@ -567,7 +567,7 @@ def validate_icmp_params(icmp_type, icmp_code, icmp_version=4, strict=False):
|
||||||
if icmp_version != 4:
|
if icmp_version != 4:
|
||||||
# ICMPv6 is currently not supported
|
# ICMPv6 is currently not supported
|
||||||
return
|
return
|
||||||
if icmp_type:
|
if icmp_type is not None:
|
||||||
if (strict and icmp_type not in
|
if (strict and icmp_type not in
|
||||||
constants.IPV4_ICMP_STRICT_TYPES):
|
constants.IPV4_ICMP_STRICT_TYPES):
|
||||||
raise nsxlib_exceptions.InvalidInput(
|
raise nsxlib_exceptions.InvalidInput(
|
||||||
|
|
Loading…
Reference in New Issue