diff --git a/vmware_nsxlib/tests/unit/v3/policy/test_resources.py b/vmware_nsxlib/tests/unit/v3/policy/test_resources.py index 997678ef..ef8b288f 100644 --- a/vmware_nsxlib/tests/unit/v3/policy/test_resources.py +++ b/vmware_nsxlib/tests/unit/v3/policy/test_resources.py @@ -3575,6 +3575,7 @@ class TestPolicyTier0NatRule(NsxPolicyLibTestCase): cidr1 = '1.1.1.1/32' cidr2 = '2.2.2.0/24' enabled = True + logging = False with mock.patch.object(self.policy_api, "create_or_update") as api_call: @@ -3587,7 +3588,8 @@ class TestPolicyTier0NatRule(NsxPolicyLibTestCase): source_network=cidr2, firewall_match=firewall_match, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) expected_def = core_defs.Tier0NatRule( tier0_id=tier0_id, nat_rule_id=nat_rule_id, @@ -3599,7 +3601,8 @@ class TestPolicyTier0NatRule(NsxPolicyLibTestCase): source_network=cidr2, firewall_match=firewall_match, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) self.assert_called_with_def(api_call, expected_def) self.assertIsNotNone(result) @@ -3643,6 +3646,7 @@ class TestPolicyTier0NatRule(NsxPolicyLibTestCase): cidr1 = '1.1.1.1/32' cidr2 = '2.2.2.0/24' enabled = True + logging = False with mock.patch.object(self.policy_api, "create_or_update") as api_call: @@ -3655,7 +3659,8 @@ class TestPolicyTier0NatRule(NsxPolicyLibTestCase): firewall_match=firewall_match, source_network=cidr2, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) expected_def = core_defs.Tier0NatRule( tier0_id=tier0_id, @@ -3668,7 +3673,8 @@ class TestPolicyTier0NatRule(NsxPolicyLibTestCase): firewall_match=firewall_match, source_network=cidr2, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) self.assert_called_with_def(api_call, expected_def) @@ -3688,6 +3694,7 @@ class TestPolicyTier1NatRule(NsxPolicyLibTestCase): cidr1 = '1.1.1.1/32' cidr2 = '2.2.2.0/24' enabled = True + logging = True with mock.patch.object(self.policy_api, "create_or_update") as api_call: @@ -3700,7 +3707,8 @@ class TestPolicyTier1NatRule(NsxPolicyLibTestCase): firewall_match=firewall_match, source_network=cidr2, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) expected_def = core_defs.Tier1NatRule( tier1_id=tier1_id, @@ -3713,7 +3721,8 @@ class TestPolicyTier1NatRule(NsxPolicyLibTestCase): firewall_match=firewall_match, source_network=cidr2, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) self.assert_called_with_def(api_call, expected_def) self.assertIsNotNone(result) @@ -3742,6 +3751,7 @@ class TestPolicyTier1NatRule(NsxPolicyLibTestCase): cidr1 = '1.1.1.1/32' cidr2 = '2.2.2.0/24' enabled = True + logging = True with mock.patch.object(self.policy_api, "create_or_update") as api_call: @@ -3754,7 +3764,8 @@ class TestPolicyTier1NatRule(NsxPolicyLibTestCase): firewall_match=firewall_match, source_network=cidr2, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) expected_def = core_defs.Tier1NatRule( tier1_id=tier1_id, @@ -3767,7 +3778,8 @@ class TestPolicyTier1NatRule(NsxPolicyLibTestCase): firewall_match=firewall_match, source_network=cidr2, tenant=TEST_TENANT, - enabled=enabled) + enabled=enabled, + logging=logging) self.assert_called_with_def(api_call, expected_def) diff --git a/vmware_nsxlib/tests/unit/v3/test_resources.py b/vmware_nsxlib/tests/unit/v3/test_resources.py index ae5fe05d..12f972d0 100644 --- a/vmware_nsxlib/tests/unit/v3/test_resources.py +++ b/vmware_nsxlib/tests/unit/v3/test_resources.py @@ -972,7 +972,8 @@ class LogicalRouterTestCase(BaseTestResource): self.assertEqual(test_constants.FAKE_ROUTER_FW_SEC_UUID, section_id) def _test_nat_rule_create(self, nsx_version, add_bypas_arg=True, - action='SNAT', expect_failure=False): + action='SNAT', expect_failure=False, + logging=False): router = self.get_mocked_resource() translated_net = '1.1.1.1' priority = 10 @@ -983,7 +984,8 @@ class LogicalRouterTestCase(BaseTestResource): 'display_name': display_name, 'enabled': True, 'translated_network': translated_net, - 'rule_priority': priority + 'rule_priority': priority, + 'logging': logging } if add_bypas_arg: # Expect nat_pass to be sent to the backend @@ -998,7 +1000,8 @@ class LogicalRouterTestCase(BaseTestResource): translated_network=translated_net, rule_priority=priority, bypass_firewall=False, - display_name=display_name) + display_name=display_name, + logging=logging) except exceptions.InvalidInput as e: if expect_failure: return @@ -1016,6 +1019,10 @@ class LogicalRouterTestCase(BaseTestResource): # Ignoring 'bypass_firewall' with version 1.1 self._test_nat_rule_create('1.1.0', add_bypas_arg=False) + def test_nat_rule_create_with_logging(self): + # enable logging parameter in snat obj + self._test_nat_rule_create('1.1.0', add_bypas_arg=False, logging=True) + def test_nat_rule_create_v2(self): # Sending 'bypass_firewall' with version 1.1 self._test_nat_rule_create('2.0.0') diff --git a/vmware_nsxlib/v3/core_resources.py b/vmware_nsxlib/v3/core_resources.py index ac7c0421..db5a1d56 100644 --- a/vmware_nsxlib/v3/core_resources.py +++ b/vmware_nsxlib/v3/core_resources.py @@ -596,7 +596,7 @@ class NsxLibLogicalRouter(utils.NsxLibApiBase): enabled=True, rule_priority=None, match_ports=None, match_protocol=None, match_resource_type=None, - bypass_firewall=True, + bypass_firewall=True, logging=None, tags=None, display_name=None): self._validate_nat_rule_action(action) @@ -629,6 +629,8 @@ class NsxLibLogicalRouter(utils.NsxLibApiBase): body['tags'] = tags if display_name: body['display_name'] = display_name + if logging is not None: + body['logging'] = logging return self.client.create(resource, body) def change_edge_firewall_status(self, logical_router_id, action): diff --git a/vmware_nsxlib/v3/policy/core_defs.py b/vmware_nsxlib/v3/policy/core_defs.py index 1f691c9f..1f1e68d5 100644 --- a/vmware_nsxlib/v3/policy/core_defs.py +++ b/vmware_nsxlib/v3/policy/core_defs.py @@ -647,7 +647,7 @@ class RouterNatRule(ResourceDef): 'destination_network', 'translated_network', 'firewall_match', - 'log', + 'logging', 'sequence_number', 'enabled']) return body diff --git a/vmware_nsxlib/v3/policy/core_resources.py b/vmware_nsxlib/v3/policy/core_resources.py index 93399c02..15211c81 100644 --- a/vmware_nsxlib/v3/policy/core_resources.py +++ b/vmware_nsxlib/v3/policy/core_resources.py @@ -1693,7 +1693,7 @@ class NsxPolicyTier0NatRuleApi(NsxPolicyResourceBase): firewall_match=constants.NAT_FIREWALL_MATCH_BYPASS, action=IGNORE, sequence_number=IGNORE, - log=IGNORE, + logging=IGNORE, tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT, enabled=IGNORE): @@ -1710,7 +1710,7 @@ class NsxPolicyTier0NatRuleApi(NsxPolicyResourceBase): firewall_match=firewall_match, action=action, sequence_number=sequence_number, - log=log, + logging=logging, tags=tags, tenant=tenant, enabled=enabled) @@ -1745,7 +1745,7 @@ class NsxPolicyTier0NatRuleApi(NsxPolicyResourceBase): firewall_match=IGNORE, action=IGNORE, sequence_number=IGNORE, - log=IGNORE, + logging=IGNORE, tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT, enabled=IGNORE): @@ -1760,7 +1760,7 @@ class NsxPolicyTier0NatRuleApi(NsxPolicyResourceBase): firewall_match=firewall_match, action=action, sequence_number=sequence_number, - log=log, + logging=logging, tags=tags, tenant=tenant, enabled=enabled) @@ -1783,7 +1783,7 @@ class NsxPolicyTier1NatRuleApi(NsxPolicyResourceBase): firewall_match=constants.NAT_FIREWALL_MATCH_BYPASS, action=IGNORE, sequence_number=IGNORE, - log=IGNORE, + logging=IGNORE, tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT, enabled=IGNORE): @@ -1800,7 +1800,7 @@ class NsxPolicyTier1NatRuleApi(NsxPolicyResourceBase): firewall_match=firewall_match, action=action, sequence_number=sequence_number, - log=log, + logging=logging, tags=tags, tenant=tenant, enabled=enabled) @@ -1835,7 +1835,7 @@ class NsxPolicyTier1NatRuleApi(NsxPolicyResourceBase): firewall_match=IGNORE, action=IGNORE, sequence_number=IGNORE, - log=IGNORE, + logging=IGNORE, tags=IGNORE, tenant=constants.POLICY_INFRA_TENANT, enabled=IGNORE): @@ -1850,7 +1850,7 @@ class NsxPolicyTier1NatRuleApi(NsxPolicyResourceBase): firewall_match=firewall_match, action=action, sequence_number=sequence_number, - log=log, + logging=logging, tags=tags, tenant=tenant, enabled=enabled)