Handle icmp type 0 validation correctly
Change-Id: I83ee7460a6021e9e9b1fb6b708f478ce47b7e36d
This commit is contained in:
parent
1fa605d79b
commit
3f4f651a7f
|
@ -255,6 +255,27 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||
None, section_id, group_id, False,
|
||||
"ALLOW", rules, {rule_id: target_id})
|
||||
|
||||
def test_create_rule_with_illegal_icmp_0_255(self):
|
||||
rule_id = uuidutils.generate_uuid()
|
||||
rule = {'id': rule_id,
|
||||
'ethertype': 'IPv4',
|
||||
'protocol': 'icmp',
|
||||
'direction': 'egress',
|
||||
'port_range_min': 0,
|
||||
'port_range_max': 255,
|
||||
'remote_ip_prefix': None}
|
||||
rules = [rule]
|
||||
section_id = 'section-id'
|
||||
group_id = 'nsgroup-id'
|
||||
target_id = 'dummy'
|
||||
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
||||
return_value="2.4.0"):
|
||||
self.assertRaises(
|
||||
nsxlib_exc.InvalidInput,
|
||||
self.nsxlib.firewall_section.create_section_rules,
|
||||
section_id, group_id, False,
|
||||
"ALLOW", rules, {rule_id: target_id})
|
||||
|
||||
def test_create_with_rules(self):
|
||||
expected_body = {
|
||||
'display_name': 'display-name',
|
||||
|
|
|
@ -567,7 +567,7 @@ def validate_icmp_params(icmp_type, icmp_code, icmp_version=4, strict=False):
|
|||
if icmp_version != 4:
|
||||
# ICMPv6 is currently not supported
|
||||
return
|
||||
if icmp_type:
|
||||
if icmp_type is not None:
|
||||
if (strict and icmp_type not in
|
||||
constants.IPV4_ICMP_STRICT_TYPES):
|
||||
raise nsxlib_exceptions.InvalidInput(
|
||||
|
|
Loading…
Reference in New Issue