Add ACL ICMP test (#2) (#465)

ansible/roles/test/files/acstests/acltb_test.py

@@ -239,6 +239,38 @@ def runAclTests(self, dst_ip, dst_ip_blocked, src_port, dst_ports):
         tests_passed += (1 if res else 0)
         print "Test #11 %s" % ("PASSED" if res else "FAILED")
 
+	#Creates a ICMP packet
+	pkt0 = simple_icmp_packet(
+                                eth_dst = self.router_mac,
+                                eth_src = self.dataplane.get_mac(0, 0),
+                                ip_src = "10.0.0.1",
+                                ip_dst = dst_ip,
+                                icmp_type=8,
+                                icmp_code=0,
+                                ip_ttl = 64
+                            )
+        #exp_pkt = pkt.deepcopy()
+        exp_pkt0 = simple_icmp_packet(
+                                eth_dst = self.dataplane.get_mac(0, 0),
+                                eth_src = self.router_mac,
+                                ip_src = "10.0.0.1",
+                                ip_dst = dst_ip,
+                                icmp_type=8,
+                                icmp_code=0,
+                                ip_ttl = 63
+                            )
+
+        # Test #12 - Verify IP protocol & source IP match
+        pkt = pkt0.copy()
+        exp_pkt = exp_pkt0.copy()
+        pkt['IP'].src = "10.0.0.2"
+        exp_pkt['IP'].src = "10.0.0.2"
+        pkt['IP'].proto=0x1
+        exp_pkt['IP'].proto=0x1
+        res = self.runSendReceiveTest(pkt, src_port, exp_pkt, dst_ports)
+        tests_passed += (0 if res else 1)
+        print "Test #12 %s" % ("FAILED" if res else "PASSED")							
+
         return tests_passed, self.tests_total
 
     #---------------------------------------------------------------------

ansible/roles/test/tasks/acl/acltb_test_rules.json

@@ -184,6 +184,22 @@
                                         "ethertype": "ETHERTYPE_IPV4"
                                     }
                                 }
+                            },
+                            "13": {
+                                "actions": {
+                                    "config": {
+                                        "forwarding-action": "DROP"
+                                    }
+                                },
+                                "config": {
+                                    "sequence-id": 13
+                                },
+                                "ip": {
+                                    "config": {
+					"protocol":1,
+                                        "source-ip-address": "10.0.0.2/32"
+                                    }
+                                }
                             }
                         }
                     }

ansible/roles/test/tasks/acl/acltb_test_rules_part_2.json

@@ -184,6 +184,22 @@
                                         "ethertype": "ETHERTYPE_IPV4"
                                     }
                                 }
+                            },
+                            "13": {
+                                "actions": {
+                                    "config": {
+                                        "forwarding-action": "DROP"
+                                    }
+                                },
+                                "config": {
+                                    "sequence-id": 13
+                                },
+                                "ip": {
+                                    "config": {
+					"protocol":1,
+                                        "source-ip-address": "10.0.0.2/32"
+                                    }
+                                }
                             }
                         }
                     }