From 16cdf13dc3a6bc16344cd6d53cbf25ad8add0386 Mon Sep 17 00:00:00 2001 From: pierantoniomerlino Date: Wed, 11 Oct 2023 16:43:24 +0200 Subject: [PATCH] Fixed linex.net.iptables tests Signed-off-by: pierantoniomerlino --- .../net/iptables/AbstractLinuxFirewall.java | 51 +++--- .../kura/linux/net/iptables/LocalRule.java | 67 +++----- .../net/iptables/IpTablesConfigTest.java | 2 +- .../linux/net/iptables/LinuxFirewallTest.java | 145 ++++++++++-------- 4 files changed, 130 insertions(+), 135 deletions(-) diff --git a/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/AbstractLinuxFirewall.java b/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/AbstractLinuxFirewall.java index 0e9026ff79b..9570e6037c8 100644 --- a/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/AbstractLinuxFirewall.java +++ b/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/AbstractLinuxFirewall.java @@ -66,6 +66,13 @@ protected void setExecutorService(CommandExecutorService executorService) { protected abstract String getIpForwardFileName(); + /* + * Add a Local rule to the firewall. + * + * @deprecated since 1.2. Use {@link addLocalRules(List + * newLocalRules)} + */ + @Deprecated @SuppressWarnings("checkstyle:parameterNumber") public void addLocalRule(int port, String protocol, String permittedNetwork, String permittedNetworkPrefix, String permittedInterfaceName, String unpermittedInterfaceName, String permittedMAC, String sourcePortRange) @@ -117,6 +124,13 @@ public void addLocalRules(List newLocalRules) throws KuraException { } } + /* + * Add a Port Forward rule to the firewall. + * + * @deprecated since 1.2. Use {@link addPortForwardRules(List + * newPortForwardRules)} + */ + @Deprecated @SuppressWarnings("checkstyle:parameterNumber") public void addPortForwardRule(String inboundIface, String outboundIface, String address, String protocol, int inPort, int outPort, boolean masquerade, String permittedNetwork, String permittedNetworkPrefix, @@ -157,15 +171,12 @@ public void addPortForwardRules(List newPortForwardRules) throw } } - /** - * Adds automatic NAT rule - * - * @param sourceInterface - * @param destinationInterface - * @param masquerade - * @param type - * @throws KuraException + /* + * Add a Nat rule to the firewall. + * + * @deprecated since 1.2. Use {@link aaddNatRules(List newNatRules))} */ + @Deprecated public void addNatRule(String sourceInterface, String destinationInterface, boolean masquerade, RuleType type) throws KuraException { if (sourceInterface == null || sourceInterface.isEmpty()) { @@ -182,18 +193,12 @@ public void addNatRule(String sourceInterface, String destinationInterface, bool addAutoNatRules(natRuleList); } - /** - * Adds NAT Rule - * - * @param sourceInterface - * @param destinationInterface - * @param protocol - * @param source - * @param destination - * @param masquerade - * @param type - * @throws KuraException + /* + * Add a Nat Forward rule to the firewall. + * + * @deprecated since 1.2. Use {@link addNatRules(List newNatRules)} */ + @Deprecated public void addNatRule(String sourceInterface, String destinationInterface, String protocol, String source, String destination, boolean masquerade, RuleType type) throws KuraException { @@ -282,6 +287,14 @@ public void deleteAutoNatRule(NATRule rule) throws KuraException { update(); } + public void deleteNatRule(NATRule rule) throws KuraException { + if (this.natRules == null) { + return; + } + this.natRules.remove(rule); + update(); + } + public void deleteAllLocalRules() throws KuraException { this.localRules.clear(); update(); diff --git a/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/LocalRule.java b/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/LocalRule.java index ab7da496dde..12d346e9b62 100644 --- a/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/LocalRule.java +++ b/kura/org.eclipse.kura.linux.net/src/main/java/org/eclipse/kura/linux/net/iptables/LocalRule.java @@ -407,61 +407,34 @@ public String getPermittedMAC() { */ @Override public String toString() { - String interfaceString = null; + StringBuilder localRuleSB = new StringBuilder(A_INPUT_KURA_P).append(this.protocol); + + this.permittedNetworkString.ifPresent(permittedNetwork -> { + localRuleSB.append(" -s ").append(permittedNetwork); + }); + if (this.permittedInterfaceName.isPresent()) { - interfaceString = new StringBuilder().append(" -i ").append(this.permittedInterfaceName.get()).toString(); + localRuleSB.append(" -i ").append(this.permittedInterfaceName.get()).toString(); } else if (this.unpermittedInterfaceName.isPresent()) { - interfaceString = new StringBuilder().append(" ! -i ").append(this.unpermittedInterfaceName.get()) - .toString(); + localRuleSB.append(" ! -i ").append(this.unpermittedInterfaceName.get()).toString(); } + this.permittedMAC.ifPresent(permittedMAC -> { + localRuleSB.append(M_MAC_MAC_SOURCE).append(permittedMAC); + }); + + this.sourcePortRange.ifPresent(sourcePortRange -> { + localRuleSB.append(SPORT).append(sourcePortRange); + }); + if (this.port != -1) { - return getLocalRuleWithPort(interfaceString); + localRuleSB.append(DPORT).append(this.port); } else { - return getLocalRuleWithoutPort(interfaceString); + localRuleSB.append(DPORT).append(this.portRange.get()); } - } - private String getLocalRuleWithPort(String interfaceString) { - String localRuleString = ""; - if (!this.permittedMAC.isPresent() && !this.sourcePortRange.isPresent()) { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + DPORT + this.port + J_ACCEPT; - } else if (!this.permittedMAC.isPresent()) { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + SPORT + this.sourcePortRange.get() + DPORT - + this.port + J_ACCEPT; - } else if (!this.sourcePortRange.isPresent()) { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get() - + DPORT + this.port + J_ACCEPT; - } else { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get() - + SPORT + this.sourcePortRange.get() + DPORT + this.port + J_ACCEPT; - } - return localRuleString; - } - - private String getLocalRuleWithoutPort(String interfaceString) { - String localRuleString = ""; - if (!this.permittedMAC.isPresent() && !this.sourcePortRange.isPresent()) { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + DPORT + this.portRange.get() + J_ACCEPT; - } else if (!this.permittedMAC.isPresent()) { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + SPORT + this.sourcePortRange.get() + DPORT - + this.portRange.get() + J_ACCEPT; - } else if (!this.sourcePortRange.isPresent()) { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get() - + DPORT + this.portRange.get() + J_ACCEPT; - } else { - localRuleString = A_INPUT_KURA_P + this.protocol + " -s " + this.permittedNetworkString.get() - + (interfaceString != null ? interfaceString : "") + M_MAC_MAC_SOURCE + this.permittedMAC.get() - + SPORT + this.sourcePortRange.get() + DPORT + this.portRange.get() + J_ACCEPT; - } - return localRuleString; + localRuleSB.append(J_ACCEPT); + return localRuleSB.toString(); } private boolean isPortRangeValid(String range) { diff --git a/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/IpTablesConfigTest.java b/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/IpTablesConfigTest.java index b0c6aba014c..f6408faf34c 100644 --- a/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/IpTablesConfigTest.java +++ b/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/IpTablesConfigTest.java @@ -110,7 +110,7 @@ public void saveKuraChainsTest() throws KuraException, IOException { Set portForwardRules = new LinkedHashSet<>(); PortForwardRule portForwardRule = new PortForwardRule().inboundIface("eth0").outboundIface("eth1") - .address("172.16.0.1").protocol("tcp").inPort(3040).outPort(4050).masquerade(true) + .address("172.16.0.1").addressMask(32).protocol("tcp").inPort(3040).outPort(4050).masquerade(true) .permittedNetwork("172.16.0.100").permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66") .sourcePortRange("10100:10200"); portForwardRules.add(portForwardRule); diff --git a/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/LinuxFirewallTest.java b/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/LinuxFirewallTest.java index acbabf1e46d..1e41f6fe52b 100644 --- a/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/LinuxFirewallTest.java +++ b/kura/test/org.eclipse.kura.linux.net.test/src/test/java/org/eclipse/kura/linux/net/iptables/LinuxFirewallTest.java @@ -18,6 +18,7 @@ import java.net.UnknownHostException; import java.util.ArrayList; +import java.util.Arrays; import java.util.List; import org.eclipse.kura.KuraException; @@ -35,8 +36,11 @@ public void addLocalRuleTest() throws KuraException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addLocalRule(5400, "tcp", null, null, "eth0", null, "00:11:22:33:44:55:66", "10100:10200"); - } catch (KuraIOException e) { + LocalRule localRule = new LocalRule(5400, "tcp", + new NetworkPair(IP4Address.getDefaultAddress(), (short) 0), "eth0", null, + "00:11:22:33:44:55:66", "10100:10200"); + linuxFirewall.addLocalRules(Arrays.asList(localRule)); + } catch (KuraIOException | UnknownHostException e) { // do nothing... } @@ -53,8 +57,11 @@ public void addLocalRuleSourceSinglePortTest() throws KuraException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addLocalRule(5400, "tcp", null, null, "eth0", null, "00:11:22:33:44:55:66", "10100"); - } catch (KuraIOException e) { + LocalRule localRule = new LocalRule(5400, "tcp", + new NetworkPair(IP4Address.getDefaultAddress(), (short) 0), "eth0", null, + "00:11:22:33:44:55:66", "10100"); + linuxFirewall.addLocalRules(Arrays.asList(localRule)); + } catch (KuraIOException | UnknownHostException e) { // do nothing... } @@ -102,8 +109,11 @@ public void addPortForwardSourceRangeTest() throws KuraException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addPortForwardRule("eth0", "eth1", "172.16.0.1", "tcp", 3040, 4050, true, "172.16.0.100", - "32", "00:11:22:33:44:55:66", "10100:10200"); + PortForwardRule portForwardingRule = new PortForwardRule(); + portForwardingRule.inboundIface("eth0").outboundIface("eth1").address("172.16.0.1").addressMask(32) + .protocol("tcp").inPort(3040).outPort(4050).masquerade(true).permittedNetwork("172.16.0.100") + .permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66").sourcePortRange("10100:10200"); + linuxFirewall.addPortForwardRules(Arrays.asList(portForwardingRule)); } catch (KuraIOException e) { // do nothing... } @@ -123,8 +133,11 @@ public void addPortForwardSourceSinglePortTest() throws KuraException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addPortForwardRule("eth0", "eth1", "172.16.0.1", "tcp", 3040, 4050, true, "172.16.0.100", - "32", "00:11:22:33:44:55:66", "10100"); + PortForwardRule portForwardingRule = new PortForwardRule(); + portForwardingRule.inboundIface("eth0").outboundIface("eth1").address("172.16.0.1").addressMask(32) + .protocol("tcp").inPort(3040).outPort(4050).masquerade(true).permittedNetwork("172.16.0.100") + .permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66").sourcePortRange("10100"); + linuxFirewall.addPortForwardRules(Arrays.asList(portForwardingRule)); } catch (KuraIOException e) { // do nothing... } @@ -146,11 +159,11 @@ public void addPortForwardRulesTest() throws KuraException { List rules = new ArrayList<>(); try { PortForwardRule portForwardRule = new PortForwardRule().inboundIface("eth0").outboundIface("eth1") - .address("172.16.0.1").protocol("tcp").inPort(3040).outPort(4050).masquerade(true) + .address("172.16.0.1").addressMask(32).protocol("tcp").inPort(3040).outPort(4050).masquerade(true) .permittedNetwork("172.16.0.100").permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66") .sourcePortRange("10100:10200"); PortForwardRule portForwardRule2 = new PortForwardRule().inboundIface("eth0").outboundIface("eth1") - .address("172.16.0.1").protocol("tcp").inPort(3040).outPort(4050).masquerade(true) + .address("172.16.0.1").addressMask(32).protocol("tcp").inPort(3040).outPort(4050).masquerade(true) .permittedNetwork("172.16.0.100").permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66") .sourcePortRange("10100"); rules.add(portForwardRule); @@ -183,7 +196,8 @@ public void addAutoNatRuleTest() throws KuraException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addNatRule("eth0", "eth1", true, RuleType.GENERIC); + NATRule natRule = new NATRule("eth0", "eth1", null, null, null, true, RuleType.GENERIC); + linuxFirewall.addAutoNatRules(Arrays.asList(natRule)); } catch (KuraIOException e) { // do nothing... } @@ -195,128 +209,115 @@ public void addAutoNatRuleTest() throws KuraException { } @Test - public void addAutoNatRulesTest() throws KuraException { + public void addNatRuleTest() throws KuraException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); - List rules = new ArrayList<>(); try { - rules.add(new NATRule("eth0", "eth1", true, RuleType.GENERIC)); - linuxFirewall.addAutoNatRules(rules); + NATRule natRule = new NATRule("eth0", "eth1", "tcp", "172.16.0.1/32", "172.16.0.2/32", true, + RuleType.IP_FORWARDING); + linuxFirewall.addNatRules(Arrays.asList(natRule)); } catch (KuraIOException e) { // do nothing... } - assertTrue(linuxFirewall.getAutoNatRules().stream().anyMatch(rule -> { + assertTrue(linuxFirewall.getNatRules().stream().anyMatch(rule -> { return rule.getSourceInterface().equals("eth0") && rule.getDestinationInterface().equals("eth1") + && rule.getSource().equals("172.16.0.1/32") && rule.getDestination().equals("172.16.0.2/32") && rule.isMasquerade(); })); } @Test - public void addNatRuleTest() throws KuraException { + public void deleteLocalRuleTest() throws KuraException, UnknownHostException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); + LocalRule localRule = new LocalRule(5400, "tcp", + new NetworkPair(IP4Address.getDefaultAddress(), (short) 0), "eth0", null, + "00:11:22:33:44:55:66", "10100:10200"); try { - linuxFirewall.addNatRule("eth0", "eth1", "tcp", "172.16.0.1/32", "172.16.0.2/32", true, - RuleType.IP_FORWARDING); + linuxFirewall.addLocalRules(Arrays.asList(localRule)); } catch (KuraIOException e) { // do nothing... } - assertTrue(linuxFirewall.getNatRules().stream().anyMatch(rule -> { - return rule.getSourceInterface().equals("eth0") && rule.getDestinationInterface().equals("eth1") - && rule.getSource().equals("172.16.0.1/32") && rule.getDestination().equals("172.16.0.2/32") - && rule.isMasquerade(); - })); - } + assertFalse(linuxFirewall.getLocalRules().isEmpty()); + int size = linuxFirewall.getLocalRules().size(); - @Test - public void addNatRulesTest() throws KuraException { - setUpMock(); - LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); - List rules = new ArrayList<>(); try { - rules.add( - new NATRule("eth0", "eth1", "tcp", "172.16.0.1/32", "172.16.0.2/32", true, RuleType.IP_FORWARDING)); - linuxFirewall.addNatRules(rules); + linuxFirewall.deleteLocalRule(localRule); } catch (KuraIOException e) { // do nothing... } - assertTrue(linuxFirewall.getNatRules().stream().anyMatch(rule -> { - return rule.getSourceInterface().equals("eth0") && rule.getDestinationInterface().equals("eth1") - && rule.getSource().equals("172.16.0.1/32") && rule.getDestination().equals("172.16.0.2/32") - && rule.isMasquerade(); - })); + assertEquals(size - 1, linuxFirewall.getLocalRules().size()); } @Test - public void deleteLocalRuleTest() throws KuraException, UnknownHostException { + public void deletePortForwardRuleTest() throws KuraException, UnknownHostException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); + PortForwardRule portForwardingRule = new PortForwardRule(); + portForwardingRule.inboundIface("eth0").outboundIface("eth1").address("172.16.0.1").addressMask(32) + .protocol("tcp").inPort(3040).outPort(4050).masquerade(true).permittedNetwork("172.16.0.100") + .permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66").sourcePortRange("10100:10200"); try { - linuxFirewall.addLocalRule(5400, "tcp", null, null, "eth0", null, "00:11:22:33:44:55:66", "10100:10200"); + linuxFirewall.addPortForwardRules(Arrays.asList(portForwardingRule)); } catch (KuraIOException e) { // do nothing... } - assertFalse(linuxFirewall.getLocalRules().isEmpty()); - int size = linuxFirewall.getLocalRules().size(); + assertFalse(linuxFirewall.getPortForwardRules().isEmpty()); + int size = linuxFirewall.getPortForwardRules().size(); - LocalRule rule = new LocalRule(5400, "tcp", - new NetworkPair<>((IP4Address) IPAddress.parseHostAddress("0.0.0.0"), (short) 0), "eth0", null, - "00:11:22:33:44:55:66", "10100:10200"); try { - linuxFirewall.deleteLocalRule(rule); + linuxFirewall.deletePortForwardRule(portForwardingRule); } catch (KuraIOException e) { // do nothing... } - assertEquals(size - 1, linuxFirewall.getLocalRules().size()); + assertEquals(size - 1, linuxFirewall.getPortForwardRules().size()); } @Test - public void deletePortForwardRuleTest() throws KuraException, UnknownHostException { + public void deleteAutoNatRuleTest() throws KuraException, UnknownHostException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); + NATRule natRule = new NATRule("eth0", "eth1", null, null, null, true, RuleType.GENERIC); try { - linuxFirewall.addPortForwardRule("eth0", "eth1", "172.16.0.1", "tcp", 3040, 4050, true, "172.16.0.100", - "32", "00:11:22:33:44:55:66", "10100:10200"); + linuxFirewall.addAutoNatRules(Arrays.asList(natRule)); } catch (KuraIOException e) { // do nothing... } - assertFalse(linuxFirewall.getPortForwardRules().isEmpty()); - int size = linuxFirewall.getPortForwardRules().size(); + assertFalse(linuxFirewall.getAutoNatRules().isEmpty()); + int size = linuxFirewall.getAutoNatRules().size(); - PortForwardRule rule = new PortForwardRule().inboundIface("eth0").outboundIface("eth1").address("172.16.0.1") - .protocol("tcp").inPort(3040).outPort(4050).masquerade(true).permittedNetwork("172.16.0.100") - .permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66").sourcePortRange("10100:10200"); try { - linuxFirewall.deletePortForwardRule(rule); + linuxFirewall.deleteAutoNatRule(natRule); } catch (KuraIOException e) { // do nothing... } - assertEquals(size - 1, linuxFirewall.getPortForwardRules().size()); + assertEquals(size - 1, linuxFirewall.getAutoNatRules().size()); } @Test - public void deleteAutoNatRuleTest() throws KuraException, UnknownHostException { + public void deleteNatRuleTest() throws KuraException, UnknownHostException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); + NATRule natRule = new NATRule("eth0", "eth1", "tcp", "172.16.0.1/32", "172.16.0.2/32", true, + RuleType.IP_FORWARDING); try { - linuxFirewall.addNatRule("eth0", "eth1", true, RuleType.GENERIC); + linuxFirewall.addNatRules(Arrays.asList(natRule)); } catch (KuraIOException e) { // do nothing... } - assertFalse(linuxFirewall.getAutoNatRules().isEmpty()); - int size = linuxFirewall.getAutoNatRules().size(); + assertFalse(linuxFirewall.getNatRules().isEmpty()); + int size = linuxFirewall.getNatRules().size(); - NATRule rule = new NATRule("eth0", "eth1", true, RuleType.GENERIC); try { - linuxFirewall.deleteAutoNatRule(rule); + linuxFirewall.deleteNatRule(natRule); } catch (KuraIOException e) { // do nothing... } @@ -329,7 +330,10 @@ public void deleteAllLocalRuleTest() throws KuraException, UnknownHostException setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addLocalRule(5400, "tcp", null, null, "eth0", null, "00:11:22:33:44:55:66", "10100:10200"); + LocalRule localRule = new LocalRule(5400, "tcp", + new NetworkPair(IP4Address.getDefaultAddress(), (short) 0), "eth0", null, + "00:11:22:33:44:55:66", "10100:10200"); + linuxFirewall.addLocalRules(Arrays.asList(localRule)); } catch (KuraIOException e) { // do nothing... } @@ -348,8 +352,11 @@ public void deleteAllPortForwardRuleTest() throws KuraException, UnknownHostExce setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addPortForwardRule("eth0", "eth1", "172.16.0.1", "tcp", 3040, 4050, true, "172.16.0.100", - "32", "00:11:22:33:44:55:66", "10100:10200"); + PortForwardRule portForwardingRule = new PortForwardRule(); + portForwardingRule.inboundIface("eth0").outboundIface("eth1").address("172.16.0.1").addressMask(32) + .protocol("tcp").inPort(3040).outPort(4050).masquerade(true).permittedNetwork("172.16.0.100") + .permittedNetworkMask(32).permittedMAC("00:11:22:33:44:55:66").sourcePortRange("10100:10200"); + linuxFirewall.addPortForwardRules(Arrays.asList(portForwardingRule)); } catch (KuraIOException e) { // do nothing... } @@ -368,7 +375,8 @@ public void deleteAllAutoNatRuleTest() throws KuraException, UnknownHostExceptio setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addNatRule("eth0", "eth1", true, RuleType.GENERIC); + NATRule natRule = new NATRule("eth0", "eth1", null, null, null, true, RuleType.GENERIC); + linuxFirewall.addAutoNatRules(Arrays.asList(natRule)); } catch (KuraIOException e) { // do nothing... } @@ -387,8 +395,9 @@ public void deleteAllNatRuleTest() throws KuraException, UnknownHostException { setUpMock(); LinuxFirewall linuxFirewall = LinuxFirewall.getInstance(executorServiceMock); try { - linuxFirewall.addNatRule("eth0", "eth1", "tcp", "172.16.0.1/32", "172.16.0.2/32", true, + NATRule natRule = new NATRule("eth0", "eth1", "tcp", "172.16.0.1/32", "172.16.0.2/32", true, RuleType.IP_FORWARDING); + linuxFirewall.addNatRules(Arrays.asList(natRule)); } catch (KuraIOException e) { // do nothing... }