diff --git a/core/schains/firewall/rule_controller.py b/core/schains/firewall/rule_controller.py index 2fda28168..51e8920a8 100644 --- a/core/schains/firewall/rule_controller.py +++ b/core/schains/firewall/rule_controller.py @@ -87,7 +87,7 @@ def get_missing(self) -> Dict['str', Any]: return missing def is_configured(self) -> bool: - return all((self.base_port, self.own_ip, self.node_ips)) + return all((self.base_port, self.node_ips)) def configure( self, diff --git a/tests/firewall/rule_controller_test.py b/tests/firewall/rule_controller_test.py index e0aa26a15..d4f04d598 100644 --- a/tests/firewall/rule_controller_test.py +++ b/tests/firewall/rule_controller_test.py @@ -150,6 +150,50 @@ def test_schain_rule_controller_configure(): own_ip = '1.1.1.1' node_ips = ['1.1.1.1', '2.2.2.2', '3.3.3.3', '4.4.4.4'] base_port = 10000 + + src.configure(base_port=base_port) + with pytest.raises(NotInitializedError): + src.public_ports() + + src.configure(base_port=base_port, node_ips=node_ips) + assert list(src.public_ports) == [10003, 10008, 10002, 10007, 10009] + + expected_rules = { + SChainRule(port=10000, first_ip='1.1.1.1', last_ip=None), + SChainRule(port=10000, first_ip='2.2.2.2', last_ip=None), + SChainRule(port=10000, first_ip='3.3.3.3', last_ip=None), + SChainRule(port=10000, first_ip='4.4.4.4', last_ip=None), + SChainRule(port=10001, first_ip='1.1.1.1', last_ip=None), + SChainRule(port=10001, first_ip='2.2.2.2', last_ip=None), + SChainRule(port=10001, first_ip='3.3.3.3', last_ip=None), + SChainRule(port=10001, first_ip='4.4.4.4', last_ip=None), + SChainRule(port=10002, first_ip=None, last_ip=None), + SChainRule(port=10003, first_ip=None, last_ip=None), + SChainRule(port=10004, first_ip='1.1.1.1', last_ip=None), + SChainRule(port=10004, first_ip='2.2.2.2', last_ip=None), + SChainRule(port=10004, first_ip='3.3.3.3', last_ip=None), + SChainRule(port=10004, first_ip='4.4.4.4', last_ip=None), + SChainRule(port=10005, first_ip='1.1.1.1', last_ip=None), + SChainRule(port=10005, first_ip='2.2.2.2', last_ip=None), + SChainRule(port=10005, first_ip='3.3.3.3', last_ip=None), + SChainRule(port=10005, first_ip='4.4.4.4', last_ip=None), + SChainRule(port=10007, first_ip=None, last_ip=None), + SChainRule(port=10008, first_ip=None, last_ip=None), + SChainRule(port=10009, first_ip=None, last_ip=None), + SChainRule(port=10010, first_ip='1.1.1.1', last_ip=None), + SChainRule(port=10010, first_ip='2.2.2.2', last_ip=None), + SChainRule(port=10010, first_ip='3.3.3.3', last_ip=None), + SChainRule(port=10010, first_ip='4.4.4.4', last_ip=None) + } + src.configure(base_port=base_port, node_ips=node_ips) + + assert not src.is_rules_synced() + assert list(src.expected_rules()) == list(sorted(expected_rules)) + src.sync() + assert src.is_rules_synced() + assert list(src.expected_rules()) == list(sorted(expected_rules)) + assert list(src.actual_rules()) == list(sorted(expected_rules)) + expected_rules = { SChainRule(port=10000, first_ip='2.2.2.2', last_ip=None), SChainRule(port=10000, first_ip='3.3.3.3', last_ip=None), @@ -173,6 +217,7 @@ def test_schain_rule_controller_configure(): SChainRule(port=10010, first_ip='4.4.4.4', last_ip=None) } src.configure(base_port=base_port, own_ip=own_ip, node_ips=node_ips) + assert not src.is_rules_synced() assert list(src.expected_rules()) == list(sorted(expected_rules)) src.sync()