2018-09-15 14:09:05 +01:00
|
|
|
# This tests whether UPnP port mappings can be created using Miniupnpd
|
|
|
|
# and Miniupnpc.
|
|
|
|
# It runs a Miniupnpd service on one machine, and verifies
|
|
|
|
# a client can indeed create a port mapping using Miniupnpc. If
|
|
|
|
# this succeeds an external client will try to connect to the port
|
|
|
|
# mapping.
|
|
|
|
|
2023-06-21 18:08:31 +01:00
|
|
|
import ./make-test-python.nix (
|
|
|
|
{ pkgs, useNftables, ... }:
|
2018-09-15 14:09:05 +01:00
|
|
|
|
|
|
|
let
|
|
|
|
internalRouterAddress = "192.168.3.1";
|
|
|
|
internalClient1Address = "192.168.3.2";
|
|
|
|
externalRouterAddress = "80.100.100.1";
|
|
|
|
externalClient2Address = "80.100.100.2";
|
|
|
|
in
|
|
|
|
{
|
|
|
|
name = "upnp";
|
2021-01-10 19:08:30 +00:00
|
|
|
meta = with pkgs.lib.maintainers; {
|
2018-09-15 14:09:05 +01:00
|
|
|
maintainers = [ bobvanderlinden ];
|
|
|
|
};
|
|
|
|
|
|
|
|
nodes = {
|
|
|
|
router =
|
|
|
|
{ pkgs, nodes, ... }:
|
|
|
|
{
|
|
|
|
virtualisation.vlans = [
|
|
|
|
1
|
|
|
|
2
|
|
|
|
];
|
|
|
|
networking.nat.enable = true;
|
|
|
|
networking.nat.internalInterfaces = [ "eth2" ];
|
|
|
|
networking.nat.externalInterface = "eth1";
|
2023-06-21 18:08:31 +01:00
|
|
|
networking.nftables.enable = useNftables;
|
2018-09-15 14:09:05 +01:00
|
|
|
networking.firewall.enable = true;
|
|
|
|
networking.firewall.trustedInterfaces = [ "eth2" ];
|
|
|
|
networking.interfaces.eth1.ipv4.addresses = [
|
|
|
|
{
|
|
|
|
address = externalRouterAddress;
|
|
|
|
prefixLength = 24;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
networking.interfaces.eth2.ipv4.addresses = [
|
|
|
|
{
|
|
|
|
address = internalRouterAddress;
|
|
|
|
prefixLength = 24;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
services.miniupnpd = {
|
|
|
|
enable = true;
|
|
|
|
externalInterface = "eth1";
|
|
|
|
internalIPs = [ "eth2" ];
|
|
|
|
appendConfig = ''
|
|
|
|
ext_ip=${externalRouterAddress}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
client1 =
|
|
|
|
{ pkgs, nodes, ... }:
|
2022-10-29 20:10:28 +01:00
|
|
|
{
|
|
|
|
environment.systemPackages = [
|
|
|
|
pkgs.miniupnpc
|
|
|
|
pkgs.netcat
|
|
|
|
];
|
2018-09-15 14:09:05 +01:00
|
|
|
virtualisation.vlans = [ 2 ];
|
|
|
|
networking.defaultGateway = internalRouterAddress;
|
|
|
|
networking.interfaces.eth1.ipv4.addresses = [
|
|
|
|
{
|
|
|
|
address = internalClient1Address;
|
|
|
|
prefixLength = 24;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
networking.firewall.enable = false;
|
|
|
|
|
|
|
|
services.httpd.enable = true;
|
2019-11-04 21:24:55 +00:00
|
|
|
services.httpd.virtualHosts.localhost = {
|
|
|
|
listen = [
|
|
|
|
{
|
|
|
|
ip = "*";
|
|
|
|
port = 9000;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
adminAddr = "foo@example.org";
|
|
|
|
documentRoot = "/tmp";
|
|
|
|
};
|
2018-09-15 14:09:05 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
client2 =
|
|
|
|
{ pkgs, ... }:
|
2022-10-29 20:10:28 +01:00
|
|
|
{
|
|
|
|
environment.systemPackages = [ pkgs.miniupnpc ];
|
2018-09-15 14:09:05 +01:00
|
|
|
virtualisation.vlans = [ 1 ];
|
|
|
|
networking.interfaces.eth1.ipv4.addresses = [
|
|
|
|
{
|
|
|
|
address = externalClient2Address;
|
|
|
|
prefixLength = 24;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
networking.firewall.enable = false;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
testScript =
|
|
|
|
{ nodes, ... }:
|
|
|
|
''
|
2019-11-06 06:54:45 +00:00
|
|
|
start_all()
|
2018-09-15 14:09:05 +01:00
|
|
|
|
|
|
|
# Wait for network and miniupnpd.
|
2023-10-03 09:01:59 +01:00
|
|
|
router.systemctl("start network-online.target")
|
2019-11-06 06:54:45 +00:00
|
|
|
router.wait_for_unit("network-online.target")
|
|
|
|
# $router.wait_for_unit("nat")
|
2023-06-21 18:08:31 +01:00
|
|
|
router.wait_for_unit("${if useNftables then "nftables" else "firewall"}.service")
|
2019-11-06 06:54:45 +00:00
|
|
|
router.wait_for_unit("miniupnpd")
|
2018-09-15 14:09:05 +01:00
|
|
|
|
2023-10-03 09:01:59 +01:00
|
|
|
client1.systemctl("start network-online.target")
|
2019-11-06 06:54:45 +00:00
|
|
|
client1.wait_for_unit("network-online.target")
|
2018-09-15 14:09:05 +01:00
|
|
|
|
2019-11-06 06:54:45 +00:00
|
|
|
client1.succeed("upnpc -a ${internalClient1Address} 9000 9000 TCP")
|
2018-09-15 14:09:05 +01:00
|
|
|
|
2019-11-06 06:54:45 +00:00
|
|
|
client1.wait_for_unit("httpd")
|
2020-09-16 07:07:45 +01:00
|
|
|
client2.wait_until_succeeds("curl -f http://${externalRouterAddress}:9000/")
|
2018-09-15 14:09:05 +01:00
|
|
|
'';
|
|
|
|
|
|
|
|
}
|
|
|
|
)
|