Fixed linex.net.iptables tests

Signed-off-by: pierantoniomerlino <[email protected]>
eclipse-kura · Oct 11, 2023 · 16cdf13 · 16cdf13
1 parent bb00c85
commit 16cdf13
Show file tree

Hide file tree

Showing 4 changed files with 130 additions and 135 deletions.
diff --git a/...ra.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/AbstractLinuxFirewall.java b/...ra.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/AbstractLinuxFirewall.java
@@ -66,6 +66,13 @@ protected void setExecutorService(CommandExecutorService executorService) {
 
     protected abstract String getIpForwardFileName();
 
+    /*
+     * Add a Local rule to the firewall.
+     * 
+     * @deprecated since 1.2. Use {@link addLocalRules(List<LocalRule>
+     * newLocalRules)}
+     */
+    @Deprecated
     @SuppressWarnings("checkstyle:parameterNumber")
     public void addLocalRule(int port, String protocol, String permittedNetwork, String permittedNetworkPrefix,
             String permittedInterfaceName, String unpermittedInterfaceName, String permittedMAC, String sourcePortRange)
@@ -117,6 +124,13 @@ public void addLocalRules(List<LocalRule> newLocalRules) throws KuraException {
         }
     }
 
+    /*
+     * Add a Port Forward rule to the firewall.
+     * 
+     * @deprecated since 1.2. Use {@link addPortForwardRules(List<PortForwardRule>
+     * newPortForwardRules)}
+     */
+    @Deprecated
     @SuppressWarnings("checkstyle:parameterNumber")
     public void addPortForwardRule(String inboundIface, String outboundIface, String address, String protocol,
             int inPort, int outPort, boolean masquerade, String permittedNetwork, String permittedNetworkPrefix,
@@ -157,15 +171,12 @@ public void addPortForwardRules(List<PortForwardRule> newPortForwardRules) throw
         }
     }
 
-    /**
-     * Adds automatic NAT rule
-     *
-     * @param sourceInterface
-     * @param destinationInterface
-     * @param masquerade
-     * @param type
-     * @throws KuraException
+    /*
+     * Add a Nat rule to the firewall.
+     * 
+     * @deprecated since 1.2. Use {@link aaddNatRules(List<NATRule> newNatRules))}
      */
+    @Deprecated
     public void addNatRule(String sourceInterface, String destinationInterface, boolean masquerade, RuleType type)
             throws KuraException {
         if (sourceInterface == null || sourceInterface.isEmpty()) {
@@ -182,18 +193,12 @@ public void addNatRule(String sourceInterface, String destinationInterface, bool
         addAutoNatRules(natRuleList);
     }
 
-    /**
-     * Adds NAT Rule
-     *
-     * @param sourceInterface
-     * @param destinationInterface
-     * @param protocol
-     * @param source
-     * @param destination
-     * @param masquerade
-     * @param type
-     * @throws KuraException
+    /*
+     * Add a Nat Forward rule to the firewall.
+     * 
+     * @deprecated since 1.2. Use {@link addNatRules(List<NATRule> newNatRules)}
      */
+    @Deprecated
     public void addNatRule(String sourceInterface, String destinationInterface, String protocol, String source,
             String destination, boolean masquerade, RuleType type) throws KuraException {
 
@@ -282,6 +287,14 @@ public void deleteAutoNatRule(NATRule rule) throws KuraException {
         update();
     }
 
+    public void deleteNatRule(NATRule rule) throws KuraException {
+        if (this.natRules == null) {
+            return;
+        }
+        this.natRules.remove(rule);
+        update();
+    }
+
     public void deleteAllLocalRules() throws KuraException {
         this.localRules.clear();
         update();

diff --git a/...g.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/LocalRule.java b/...g.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/LocalRule.java
@@ -407,61 +407,34 @@ public String getPermittedMAC() {
      */
     @Override
     public String toString() {
-        String interfaceString = null;
+        StringBuilder localRuleSB = new StringBuilder(A_INPUT_KURA_P).append(this.protocol);
+
+        this.permittedNetworkString.ifPresent(permittedNetwork -> {
+            localRuleSB.append(" -s ").append(permittedNetwork);
+        });
+
         if (this.permittedInterfaceName.isPresent()) {
-            interfaceString = new StringBuilder().append(" -i ").append(this.permittedInterfaceName.get()).toString();
+            localRuleSB.append(" -i ").append(this.permittedInterfaceName.get()).toString();
         } else if (this.unpermittedInterfaceName.isPresent()) {
-            interfaceString = new StringBuilder().append(" ! -i ").append(this.unpermittedInterfaceName.get())
-                    .toString();
+            localRuleSB.append(" ! -i ").append(this.unpermittedInterfaceName.get()).toString();
         }
 
+        this.permittedMAC.ifPresent(permittedMAC -> {
+            localRuleSB.append(M_MAC_MAC_SOURCE).append(permittedMAC);
+        });
+
+        this.sourcePortRange.ifPresent(sourcePortRange -> {
+            localRuleSB.append(SPORT).append(sourcePortRange);
+        });
+
         if (this.port != -1) {
-            return getLocalRuleWithPort(interfaceString);
+            localRuleSB.append(DPORT).append(this.port);
         } else {
-            return getLocalRuleWithoutPort(interfaceString);
+            localRuleSB.append(DPORT).append(this.portRange.get());
         }
-    }
 
-    private String getLocalRuleWithPort(String interfaceString) {
-        String localRuleString = "";
-        if (!this.permittedMAC.isPresent() && !this.sourcePortRange.isPresent()) {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + DPORT + this.port + J_ACCEPT;
-        } else if (!this.permittedMAC.isPresent()) {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + SPORT + this.sourcePortRange.get() + DPORT
-                    + this.port + J_ACCEPT;
-        } else if (!this.sourcePortRange.isPresent()) {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get()
-                    + DPORT + this.port + J_ACCEPT;
-        } else {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get()
-                    + SPORT + this.sourcePortRange.get() + DPORT + this.port + J_ACCEPT;
-        }
-        return localRuleString;
-    }
-
-    private String getLocalRuleWithoutPort(String interfaceString) {
-        String localRuleString = "";
-        if (!this.permittedMAC.isPresent() && !this.sourcePortRange.isPresent()) {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + DPORT + this.portRange.get() + J_ACCEPT;
-        } else if (!this.permittedMAC.isPresent()) {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + SPORT + this.sourcePortRange.get() + DPORT
-                    + this.portRange.get() + J_ACCEPT;
-        } else if (!this.sourcePortRange.isPresent()) {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get()
-                    + DPORT + this.portRange.get() + J_ACCEPT;
-        } else {
-            localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get()
-                    + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get()
-                    + SPORT + this.sourcePortRange.get() + DPORT + this.portRange.get() + J_ACCEPT;
-        }
-        return localRuleString;
+        localRuleSB.append(J_ACCEPT);
+        return localRuleSB.toString();
     }
 
     private boolean isPortRangeValid(String range) {

diff --git a/....linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/IpTablesConfigTest.java b/....linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/IpTablesConfigTest.java
@@ -110,7 +110,7 @@ public void saveKuraChainsTest() throws KuraException, IOException {
 
         Set<PortForwardRule> portForwardRules = new LinkedHashSet<>();
         PortForwardRule portForwardRule = new PortForwardRule().inboundIface("eth0").outboundIface("eth1")
-                .address("172.16.0.1").protocol("tcp").inPort(3040).outPort(4050).masquerade(true)
+                .address("172.16.0.1").addressMask(32).protocol("tcp").inPort(3040).outPort(4050).masquerade(true)
                 .permittedNetwork("172.16.0.100").permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66")
                 .sourcePortRange("10100:10200");
         portForwardRules.add(portForwardRule);