commit 41e70fda91009caf533ab0e9bae312a432a578e7
author Ahmed El-Hassany <ahassany@indiana.edu> Wed Jul 02 14:59:36 2014 -0700
committer Ahmed El-Hassany <a.hassany@gmail.com> Wed Aug 20 11:46:33 2014 -0700
tree 6c38887ff23f9e4858580de8c086b00c901c796b
parent 80e896a6d6a9c46ed978050ae1e2ff8a98c81dc1

Add a controller command to block traffic to other machines

This helps with partitioning control plane tests.

TestON/drivers/common/cli/onosclidriver.py

diff --git a/TestON/drivers/common/cli/onosclidriver.py b/TestON/drivers/common/cli/onosclidriver.py
index db01cc2..51d1e8c 100644
--- a/TestON/drivers/common/cli/onosclidriver.py
+++ b/TestON/drivers/common/cli/onosclidriver.py
@@ -1569,3 +1569,61 @@
             main.log.info(":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::")
             main.cleanup()
             main.exit()
+
+    def block_peer(self, ip_address):
+        '''
+        Block traffic to the destination IP address.
+        '''
+        try:
+            for chain in ['INPUT', 'OUTPUT']:
+                check_block_cmd = "sudo iptables -L %s -n | grep \"DROP.*%s\"" % (chain, ip_address)
+                add_block_cmd = "sudo iptables -I %s 1 -s %s -j DROP" % (chain, ip_address)
+                response1 = self.execute(cmd=check_block_cmd,prompt="\$",timeout=10)
+                if ip_address in response1:
+                    main.log.error("Already blocked: %s" % response1)
+                    return main.TRUE
+                response2 = self.execute(cmd=add_block_cmd,prompt="\$",timeout=10)
+                main.log.info("add_block_cmd: %s" % response2)
+                return main.TRUE
+        except pexpect.EOF:
+            main.log.error(self.name + ": EOF exception found")
+            main.log.error(self.name + ":     " + self.handle.before)
+            main.cleanup()
+            main.exit()
+        except:
+            main.log.info(self.name + ":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::")
+            main.log.error( traceback.print_exc() )
+            main.log.info(":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::")
+            main.cleanup()
+            main.exit()
+
+    def unblock_peer(self, ip_address):
+        '''
+        Unblock traffic to the destination IP address.
+        '''
+        try:
+            for chain in ['INPUT', 'OUTPUT']:
+                # To make sure all rules are deleted in case there were multiple
+                # installed in the iptables
+                max_iterations = 10
+                for i in range(max_iterations):
+                    check_block_cmd = "sudo iptables -L %s -n | grep \"DROP.*%s\"" % (chain, ip_address)
+                    remove_block_cmd = "sudo iptables -D %s -s %s -j DROP" % (chain, ip_address)
+                    response1 = self.execute(cmd=check_block_cmd,prompt="\$",timeout=10)
+                    if ip_address not in response1:
+                        main.log.warn("Already unblocked: %s" % response1)
+                        return main.TRUE
+                    response2 = self.execute(cmd=remove_block_cmd,prompt="\$",timeout=10)
+                    main.log.info("remove_block_cmd: %s" % response2)
+                return main.TRUE
+        except pexpect.EOF:
+            main.log.error(self.name + ": EOF exception found")
+            main.log.error(self.name + ":     " + self.handle.before)
+            main.cleanup()
+            main.exit()
+        except:
+            main.log.info(self.name + ":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::")
+            main.log.error( traceback.print_exc() )
+            main.log.info(":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::")
+            main.cleanup()
+            main.exit()