From 32c63c69054c3128678b68d5c65edd17dac151e4 Mon Sep 17 00:00:00 2001 From: Bob van der Linden Date: Sat, 15 Sep 2018 15:09:05 +0200 Subject: [PATCH] tests: upnp: init test for upnp using miniupnpd / miniupnpc --- nixos/release.nix | 1 + nixos/tests/upnp.nix | 94 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+) create mode 100644 nixos/tests/upnp.nix diff --git a/nixos/release.nix b/nixos/release.nix index 0fd8d694641f..79112df5a256 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -247,6 +247,7 @@ in rec { tests.acme = callTest tests/acme.nix {}; tests.avahi = callTest tests/avahi.nix {}; tests.beegfs = callTest tests/beegfs.nix {}; + tests.upnp = callTest tests/upnp.nix {}; tests.bittorrent = callTest tests/bittorrent.nix {}; tests.bind = callTest tests/bind.nix {}; #tests.blivet = callTest tests/blivet.nix {}; # broken since 2017-07024 diff --git a/nixos/tests/upnp.nix b/nixos/tests/upnp.nix new file mode 100644 index 000000000000..3f2dd13fb560 --- /dev/null +++ b/nixos/tests/upnp.nix @@ -0,0 +1,94 @@ +# This tests whether UPnP port mappings can be created using Miniupnpd +# and Miniupnpc. +# It runs a Miniupnpd service on one machine, and verifies +# a client can indeed create a port mapping using Miniupnpc. If +# this succeeds an external client will try to connect to the port +# mapping. + +import ./make-test.nix ({ pkgs, ... }: + +let + internalRouterAddress = "192.168.3.1"; + internalClient1Address = "192.168.3.2"; + externalRouterAddress = "80.100.100.1"; + externalClient2Address = "80.100.100.2"; +in +{ + name = "upnp"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ bobvanderlinden ]; + }; + + nodes = + { + router = + { pkgs, nodes, ... }: + { virtualisation.vlans = [ 1 2 ]; + networking.nat.enable = true; + networking.nat.internalInterfaces = [ "eth2" ]; + networking.nat.externalInterface = "eth1"; + networking.firewall.enable = true; + networking.firewall.trustedInterfaces = [ "eth2" ]; + networking.interfaces.eth1.ipv4.addresses = [ + { address = externalRouterAddress; prefixLength = 24; } + ]; + networking.interfaces.eth2.ipv4.addresses = [ + { address = internalRouterAddress; prefixLength = 24; } + ]; + services.miniupnpd = { + enable = true; + externalInterface = "eth1"; + internalIPs = [ "eth2" ]; + appendConfig = '' + ext_ip=${externalRouterAddress} + ''; + }; + }; + + client1 = + { pkgs, nodes, ... }: + { environment.systemPackages = [ pkgs.miniupnpc pkgs.netcat ]; + virtualisation.vlans = [ 2 ]; + networking.defaultGateway = internalRouterAddress; + networking.interfaces.eth1.ipv4.addresses = [ + { address = internalClient1Address; prefixLength = 24; } + ]; + networking.firewall.enable = false; + + services.httpd.enable = true; + services.httpd.listen = [{ ip = "*"; port = 9000; }]; + services.httpd.adminAddr = "foo@example.org"; + services.httpd.documentRoot = "/tmp"; + }; + + client2 = + { pkgs, ... }: + { environment.systemPackages = [ pkgs.miniupnpc ]; + virtualisation.vlans = [ 1 ]; + networking.interfaces.eth1.ipv4.addresses = [ + { address = externalClient2Address; prefixLength = 24; } + ]; + networking.firewall.enable = false; + }; + }; + + testScript = + { nodes, ... }: + '' + startAll; + + # Wait for network and miniupnpd. + $router->waitForUnit("network-online.target"); + # $router->waitForUnit("nat"); + $router->waitForUnit("firewall.service"); + $router->waitForUnit("miniupnpd"); + + $client1->waitForUnit("network-online.target"); + + $client1->succeed("upnpc -a ${internalClient1Address} 9000 9000 TCP"); + + $client1->waitForUnit("httpd"); + $client2->waitUntilSucceeds("curl http://${externalRouterAddress}:9000/"); + ''; + +})