]> git.proxmox.com Git - pve-firewall.git/blob - test/test-basic1/tests
projects / pve-firewall.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bump version to 4.2-3
[pve-firewall.git] / test / test-basic1 / tests
1 { from => 'ct200', to => 'host', dport => 22, action => 'ACCEPT' }
2 { from => 'ct200', to => 'host', dport => 23, action => 'DROP' }
3
4 { from => 'vm100', to => 'host', dport => 22, action => 'ACCEPT' }
5
6 { from => 'host' , to => 'ct200', dport => 80, action => 'DROP' }
7 { from => 'host' , to => 'ct200', dport => 22, action => 'ACCEPT' }
8
9 { from => 'host' , to => 'vm100', dport => 80, action => 'DROP' }
10
11 { from => 'ct200' , to => 'vm100', dport => 80, action => 'DROP' }
12
13 { from => 'vm100' , to => 'ct200', dport => 22, action => 'ACCEPT' }
14
15 { from => 'vm101', to => 'vm100', dport => 22, action => 'DROP' }
16 { from => 'vm101', to => 'vm100', dport => 443, action => 'ACCEPT', id => 'vm2vm'}
17
18 { from => 'ct201', to => 'ct200', dport => 22, action => 'ACCEPT' }
19 { from => 'ct201', to => 'ct200', dport => 23, action => 'DROP' }
20
21 { from => 'vm110', to => 'vm100', dport => 22, action => 'DROP' }
22 { from => 'vm110', to => 'vm100', dport => 443, action => 'ACCEPT' }
23
24 { from => 'vm110', to => 'vm100', dport => 0, proto => 'icmp', action => 'ACCEPT' }
25 { from => 'vm110', to => 'vm100', dport => 'host-unreachable', proto => 'icmp', action => 'ACCEPT' }
26 { from => 'vm110', to => 'vm100', dport => 255, proto => 'icmpv6', action => 'DROP' }
27
28 { from => 'outside', to => 'ct200', dport => 22, action => 'ACCEPT' }
29 { from => 'outside', to => 'ct200', dport => 23, action => 'DROP' }
30 { from => 'outside', to => 'vm100', dport => 22, action => 'DROP' }
31 { from => 'outside', to => 'vm100', dport => 443, action => 'ACCEPT' }
32 { from => 'outside', to => 'host', dport => 22, action => 'ACCEPT' }
33 { from => 'outside', to => 'host', dport => 23, action => 'DROP' }
34
35 { from => 'host' , to => 'outside', dport => 80, action => 'ACCEPT'}
36 { from => 'host' , to => 'outside', dport => 81, action => 'REJECT' }
37 { from => 'vm100' , to => 'outside', dport => 80, action => 'ACCEPT' }
38 { from => 'vm100' , to => 'outside', dport => 81, action => 'REJECT' }
39 { from => 'ct200' , to => 'outside', dport => 80, action => 'ACCEPT' }
40 { from => 'ct200' , to => 'outside', dport => 81, action => 'REJECT' }
41
42 { from => 'outside', to => 'host', dport => 100, action => 'REJECT' }
43 { from => 'outside', to => 'host', dport => 101, action => 'DROP' }
44
45 { from => 'nfvm', to => 'host', dport => 22, action => 'ACCEPT' }
46 { from => 'nfvm', to => 'host', dport => 80, action => 'DROP' }
47 { from => 'nfvm', to => 'outside', dport => 22, action => 'ACCEPT' }
48 { from => 'nfvm', to => 'outside', dport => 80, action => 'ACCEPT' }
49 { from => 'nfvm', to => 'vm100', dport => 443, action => 'ACCEPT', id => 'nfw2vm'}
50 { from => 'nfvm', to => 'vm100', dport => 80, action => 'DROP' }
51 { from => 'nfvm', to => 'ct200', dport => 22, action => 'ACCEPT' }
52 { from => 'nfvm', to => 'ct200', dport => 80, action => 'DROP' }
53
54 { from => 'ct200', to => 'nfvm', dport => 80, action => 'ACCEPT' }
55 { from => 'vm100', to => 'nfvm', dport => 80, action => 'ACCEPT' }
56 { from => 'outside', to => 'nfvm', dport => 80, action => 'ACCEPT' }
57 { from => 'host', to => 'nfvm', dport => 80, action => 'ACCEPT' }
58
59 { from => 'vmbr0/eth0', to => 'host', dport => 22, action => 'ACCEPT' }
60 { from => 'host' , to => 'vmbr0/eth0', dport => 22, action => 'ACCEPT' }
Firewall test scripts