From 4fdf5ba70c4ef00d7d91a6917eda5189fcaf430c Mon Sep 17 00:00:00 2001 From: JeGoi <13801368+JeGoi@users.noreply.github.com> Date: Mon, 8 Jul 2024 16:23:46 -0400 Subject: [PATCH] Firewalld Change from restart firewalld service to reload firewalld config hard --- t/venom/lib/reload_firewalld_config_hard.yml | 6 ++++++ t/venom/lib/reload_firewalld_config_soft.yml | 6 ++++++ t/venom/test_suites/common/restart_iptables_service.yml | 8 -------- .../configurator/50_run_configurator_step4.yml | 5 ++--- .../fingerbank_proxy/setup_proxy/teardown/teardown.yml | 8 +++----- .../global_config/25_reload_firewalld_config_hard.yml | 5 +++++ .../global_config/25_restart_iptables_service.yml | 1 - t/venom/test_suites/inline/l2/05_setup_packetfence.yml | 6 ++---- .../inline/l2/teardown/05_deconfigure_packetfence.yml | 6 ++---- .../inline/l3/teardown/05_deconfigure_packetfence.yml | 6 ++---- .../inline_l2_and_radius/15_restart_services.yml | 5 ++--- .../teardown/05_deconfigure_packetfence.yml | 6 ++---- .../security_event_suricata/05_setup_packetfence.yml | 6 ++---- .../teardown/05_deconfigure_packetfence.yml | 6 ++---- .../teardown/96_restart_firewalld.yml | 8 +++----- 15 files changed, 39 insertions(+), 49 deletions(-) create mode 100644 t/venom/lib/reload_firewalld_config_hard.yml create mode 100644 t/venom/lib/reload_firewalld_config_soft.yml delete mode 100644 t/venom/test_suites/common/restart_iptables_service.yml create mode 100644 t/venom/test_suites/global_config/25_reload_firewalld_config_hard.yml delete mode 120000 t/venom/test_suites/global_config/25_restart_iptables_service.yml diff --git a/t/venom/lib/reload_firewalld_config_hard.yml b/t/venom/lib/reload_firewalld_config_hard.yml new file mode 100644 index 00000000000..e718d862213 --- /dev/null +++ b/t/venom/lib/reload_firewalld_config_hard.yml @@ -0,0 +1,6 @@ +name: Reload firewalld config hard +testcases: +- name: reload_firewalld_config_hard + steps: + - type: pfcmd_run_command + command: generatefirewalldconfig hard diff --git a/t/venom/lib/reload_firewalld_config_soft.yml b/t/venom/lib/reload_firewalld_config_soft.yml new file mode 100644 index 00000000000..c231b0551f6 --- /dev/null +++ b/t/venom/lib/reload_firewalld_config_soft.yml @@ -0,0 +1,6 @@ +name: Reload firewalld config soft +testcases: +- name: reload_firewalld_config_soft + steps: + - type: pfcmd_run_command + command: generatefirewalldconfig diff --git a/t/venom/test_suites/common/restart_iptables_service.yml b/t/venom/test_suites/common/restart_iptables_service.yml deleted file mode 100644 index fb58fc44160..00000000000 --- a/t/venom/test_suites/common/restart_iptables_service.yml +++ /dev/null @@ -1,8 +0,0 @@ -name: Restart firewalld -testcases: -# temp, as a workaround -- name: restart_firewalld - steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 diff --git a/t/venom/test_suites/configurator/50_run_configurator_step4.yml b/t/venom/test_suites/configurator/50_run_configurator_step4.yml index 4082666df7e..22bdedce34f 100644 --- a/t/venom/test_suites/configurator/50_run_configurator_step4.yml +++ b/t/venom/test_suites/configurator/50_run_configurator_step4.yml @@ -27,10 +27,9 @@ testcases: - result.statuscode ShouldEqual 200 - result.bodyjson.message ShouldEqual "Updated systemd for pf" -- name: restart_firewalld_service +- name: reload_firewalld_config_hard steps: - - type: systemctl_service_restart - service: 'packetfence-firewalld.service' + - type: reload_firewalld_config_hard - name: restart_haproxy_admin_service steps: diff --git a/t/venom/test_suites/fingerbank_proxy/setup_proxy/teardown/teardown.yml b/t/venom/test_suites/fingerbank_proxy/setup_proxy/teardown/teardown.yml index fff0a5a2c46..6223c40c6b1 100644 --- a/t/venom/test_suites/fingerbank_proxy/setup_proxy/teardown/teardown.yml +++ b/t/venom/test_suites/fingerbank_proxy/setup_proxy/teardown/teardown.yml @@ -23,11 +23,9 @@ testcases: assertions: - result.statuscode ShouldEqual 200 -- name: restart_firewalld +- name: reload_firewalld_config_hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard - name: ping_to_wan_should_work steps: @@ -37,7 +35,7 @@ testcases: - result.code ShouldEqual 0 - name: restart_collector_and_clear_cache - steps: + steps: - type: systemctl_service_restart service: packetfence-fingerbank-collector time_to_sleep: 5 diff --git a/t/venom/test_suites/global_config/25_reload_firewalld_config_hard.yml b/t/venom/test_suites/global_config/25_reload_firewalld_config_hard.yml new file mode 100644 index 00000000000..0a79c9d156f --- /dev/null +++ b/t/venom/test_suites/global_config/25_reload_firewalld_config_hard.yml @@ -0,0 +1,5 @@ +name: Reload firewalld config hard +testcases: +- name: reload_firewalld_config_hard + steps: + - type: reload_firewalld_config_hard diff --git a/t/venom/test_suites/global_config/25_restart_iptables_service.yml b/t/venom/test_suites/global_config/25_restart_iptables_service.yml deleted file mode 120000 index db6b1be9340..00000000000 --- a/t/venom/test_suites/global_config/25_restart_iptables_service.yml +++ /dev/null @@ -1 +0,0 @@ -../common/restart_iptables_service.yml \ No newline at end of file diff --git a/t/venom/test_suites/inline/l2/05_setup_packetfence.yml b/t/venom/test_suites/inline/l2/05_setup_packetfence.yml index 3aafa6fd466..8807564d2b7 100644 --- a/t/venom/test_suites/inline/l2/05_setup_packetfence.yml +++ b/t/venom/test_suites/inline/l2/05_setup_packetfence.yml @@ -239,11 +239,9 @@ testcases: assertions: - result.statuscode ShouldEqual 200 -- name: restart_firewalld +- name: Reload firewalld config hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard - name: restart_pfdns_service steps: diff --git a/t/venom/test_suites/inline/l2/teardown/05_deconfigure_packetfence.yml b/t/venom/test_suites/inline/l2/teardown/05_deconfigure_packetfence.yml index 3eed48c107c..a1d966e33e9 100644 --- a/t/venom/test_suites/inline/l2/teardown/05_deconfigure_packetfence.yml +++ b/t/venom/test_suites/inline/l2/teardown/05_deconfigure_packetfence.yml @@ -69,11 +69,9 @@ testcases: assertions: - result.statuscode ShouldEqual 200 -- name: restart_firewalld +- name: Reload firewalld config hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard - name: restart_pfdns_service steps: diff --git a/t/venom/test_suites/inline/l3/teardown/05_deconfigure_packetfence.yml b/t/venom/test_suites/inline/l3/teardown/05_deconfigure_packetfence.yml index 65c2a5c103d..002165ef7ef 100644 --- a/t/venom/test_suites/inline/l3/teardown/05_deconfigure_packetfence.yml +++ b/t/venom/test_suites/inline/l3/teardown/05_deconfigure_packetfence.yml @@ -81,11 +81,9 @@ testcases: assertions: - result.statuscode ShouldEqual 200 -- name: restart_firewalld +- name: Reload firewalld config hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard - name: restart_pfdns_service steps: diff --git a/t/venom/test_suites/inline_l2_and_radius/15_restart_services.yml b/t/venom/test_suites/inline_l2_and_radius/15_restart_services.yml index 748ccdc1325..b80a1799c52 100644 --- a/t/venom/test_suites/inline_l2_and_radius/15_restart_services.yml +++ b/t/venom/test_suites/inline_l2_and_radius/15_restart_services.yml @@ -1,9 +1,8 @@ name: Restart services testcases: -- name: restart_firewalld +- name: reload_firewalld_config_hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld + - type: reload_firewalld_config_hard - name: restart_pfdns steps: diff --git a/t/venom/test_suites/security_event_random_mac/teardown/05_deconfigure_packetfence.yml b/t/venom/test_suites/security_event_random_mac/teardown/05_deconfigure_packetfence.yml index b8fd1f7f38d..587faf0662d 100644 --- a/t/venom/test_suites/security_event_random_mac/teardown/05_deconfigure_packetfence.yml +++ b/t/venom/test_suites/security_event_random_mac/teardown/05_deconfigure_packetfence.yml @@ -76,11 +76,9 @@ testcases: url: 'config/security_event/{{.security_event_random_mac.event.id}}' body: '{"id":"{{.security_event_random_mac.event.id}}","enabled":"N","quiet":true}' -- name: restart_firewalld +- name: reload_config_firewalld_hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard - name: restart_pfdns_service steps: diff --git a/t/venom/test_suites/security_event_suricata/05_setup_packetfence.yml b/t/venom/test_suites/security_event_suricata/05_setup_packetfence.yml index 8c7e4abcc80..bf2dd6fac59 100644 --- a/t/venom/test_suites/security_event_suricata/05_setup_packetfence.yml +++ b/t/venom/test_suites/security_event_suricata/05_setup_packetfence.yml @@ -239,11 +239,9 @@ testcases: assertions: - result.statuscode ShouldEqual 200 -- name: restart_firewalld +- name: Reload firewalld config hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard - name: restart_pfdns_service steps: diff --git a/t/venom/test_suites/security_event_suricata/teardown/05_deconfigure_packetfence.yml b/t/venom/test_suites/security_event_suricata/teardown/05_deconfigure_packetfence.yml index 3eed48c107c..d7ce0aea936 100644 --- a/t/venom/test_suites/security_event_suricata/teardown/05_deconfigure_packetfence.yml +++ b/t/venom/test_suites/security_event_suricata/teardown/05_deconfigure_packetfence.yml @@ -69,11 +69,9 @@ testcases: assertions: - result.statuscode ShouldEqual 200 -- name: restart_firewalld +- name: reload_firewalld_config_hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard - name: restart_pfdns_service steps: diff --git a/t/venom/test_suites/wired_dot1x_eap_peap_firewall_sso_radius/teardown/96_restart_firewalld.yml b/t/venom/test_suites/wired_dot1x_eap_peap_firewall_sso_radius/teardown/96_restart_firewalld.yml index fb58fc44160..904933f82c8 100644 --- a/t/venom/test_suites/wired_dot1x_eap_peap_firewall_sso_radius/teardown/96_restart_firewalld.yml +++ b/t/venom/test_suites/wired_dot1x_eap_peap_firewall_sso_radius/teardown/96_restart_firewalld.yml @@ -1,8 +1,6 @@ -name: Restart firewalld +name: Reload firewalld config hard testcases: # temp, as a workaround -- name: restart_firewalld +- name: reload_firewalld_config_hard steps: - - type: systemctl_service_restart - service: packetfence-firewalld - time_to_sleep: 10 + - type: reload_firewalld_config_hard