# OVN_NBCTL_TEST_START
m4_define([OVN_NBCTL_TEST_START],
[dnl Create ovn-nb database.
+ AT_KEYWORDS([ovn])
AT_CHECK([ovsdb-tool create ovn-nb.db $abs_top_srcdir/ovn/ovn-nb.ovsschema])
dnl Start ovsdb-server.
AT_CHECK([ovsdb-server --detach --no-chdir --pidfile --log-file --remote=punix:$OVS_RUNDIR/db.sock ovn-nb.db], [0], [], [stderr])
- ON_EXIT_UNQUOTED([kill `cat ovsdb-server.pid`])
+ on_exit "kill `cat ovsdb-server.pid`"
AT_CHECK([[sed < stderr '
/vlog|INFO|opened log file/d
/ovsdb_server|INFO|ovsdb-server (Open vSwitch)/d']])
# OVN_NBCTL_TEST_STOP
m4_define([OVN_NBCTL_TEST_STOP],
- [AT_CHECK([check_logs $1])
+ [# removes all 'Broken pipe' warning logs from ovsdb-server.log. this is in
+ # that *ctl command (e.g. ovn-nbctl) exits right after committing the change
+ # to database. however, in reaction, some daemon (e.g. ovn-controller-vtep)
+ # may immediately update the database. this later update may cause database
+ # sending update back to *ctl command if *ctl has not proceeded to exit yet.
+ # and if *ctl command exits before database calling send, the send from
+ # database will fail with 'Broken pipe' error.
+ AT_CHECK([check_logs "$1
+/Broken pipe/d"])
AT_CHECK([ovs-appctl -t ovsdb-server exit])])
dnl ---------------------------------------------------------------------
-AT_SETUP([ovn-nbctl - macs])
+AT_SETUP([ovn-nbctl - addresses])
OVN_NBCTL_TEST_START
AT_CHECK([ovn-nbctl lswitch-add ls0])
AT_CHECK([ovn-nbctl lport-add ls0 lp0])
-AT_CHECK([ovn-nbctl lport-get-macs lp0], [0], [dnl
+AT_CHECK([ovn-nbctl lport-get-addresses lp0], [0], [dnl
])
-AT_CHECK([ovn-nbctl lport-set-macs lp0 00:11:22:33:44:55 unknown])
-AT_CHECK([ovn-nbctl lport-get-macs lp0], [0], [dnl
+AT_CHECK([ovn-nbctl lport-set-addresses lp0 00:11:22:33:44:55 unknown])
+AT_CHECK([ovn-nbctl lport-get-addresses lp0], [0], [dnl
00:11:22:33:44:55
unknown
])
-AT_CHECK([ovn-nbctl lport-set-macs lp0])
-AT_CHECK([ovn-nbctl lport-get-macs lp0], [0], [dnl
+AT_CHECK([ovn-nbctl lport-set-addresses lp0])
+AT_CHECK([ovn-nbctl lport-get-addresses lp0], [0], [dnl
])
OVN_NBCTL_TEST_STOP
AT_CHECK([ovn-nbctl lswitch-add ls0])
AT_CHECK([ovn-nbctl lport-add ls0 lp0])
-AT_CHECK([ovn-nbctl lport-get-macs lp0], [0], [dnl
+AT_CHECK([ovn-nbctl lport-get-addresses lp0], [0], [dnl
])
AT_CHECK([ovn-nbctl lport-set-port-security lp0 aa:bb:cc:dd:ee:ff 00:11:22:33:44:55])
OVN_NBCTL_TEST_STOP
AT_CLEANUP
+
+dnl ---------------------------------------------------------------------
+
+AT_SETUP([ovn-nbctl - ACLs])
+OVN_NBCTL_TEST_START
+
+AT_CHECK([ovn-nbctl lswitch-add ls0])
+AT_CHECK([ovn-nbctl --log acl-add ls0 from-lport 600 udp drop])
+AT_CHECK([ovn-nbctl --log acl-add ls0 to-lport 500 udp drop])
+AT_CHECK([ovn-nbctl acl-add ls0 from-lport 400 tcp drop])
+AT_CHECK([ovn-nbctl acl-add ls0 to-lport 300 tcp drop])
+AT_CHECK([ovn-nbctl acl-add ls0 from-lport 200 ip drop])
+AT_CHECK([ovn-nbctl acl-add ls0 to-lport 100 ip drop])
+
+AT_CHECK([ovn-nbctl acl-list ls0], [0], [dnl
+from-lport 600 (udp) drop log
+from-lport 400 (tcp) drop
+from-lport 200 (ip) drop
+ to-lport 500 (udp) drop log
+ to-lport 300 (tcp) drop
+ to-lport 100 (ip) drop
+])
+
+dnl Delete in one direction.
+AT_CHECK([ovn-nbctl acl-del ls0 to-lport])
+AT_CHECK([ovn-nbctl acl-list ls0], [0], [dnl
+from-lport 600 (udp) drop log
+from-lport 400 (tcp) drop
+from-lport 200 (ip) drop
+])
+
+dnl Delete all ACLs.
+AT_CHECK([ovn-nbctl acl-del ls0])
+AT_CHECK([ovn-nbctl acl-list ls0], [0], [dnl
+])
+
+AT_CHECK([ovn-nbctl acl-add ls0 from-lport 600 udp drop])
+AT_CHECK([ovn-nbctl acl-add ls0 from-lport 400 tcp drop])
+AT_CHECK([ovn-nbctl acl-add ls0 from-lport 200 ip drop])
+
+dnl Delete a single flow.
+AT_CHECK([ovn-nbctl acl-del ls0 from-lport 400 tcp])
+AT_CHECK([ovn-nbctl acl-list ls0], [0], [dnl
+from-lport 600 (udp) drop
+from-lport 200 (ip) drop
+])
+
+OVN_NBCTL_TEST_STOP
+AT_CLEANUP