diff options
| author | Robin Gloster <mail@glob.in> | 2018-10-30 22:26:43 +0100 |
|---|---|---|
| committer | xeji <36407913+xeji@users.noreply.github.com> | 2018-10-30 22:26:43 +0100 |
| commit | 4c8a198f12ed3131615e725c59349b04b8ed18a3 (patch) | |
| tree | 36a63ddbe5baed01614220c5919934b3e6bd8f11 | |
| parent | f8ef8bf469464391fdf1cd041287fd32d8a210ac (diff) | |
| download | nixpkgs-4c8a198f12ed3131615e725c59349b04b8ed18a3.tar nixpkgs-4c8a198f12ed3131615e725c59349b04b8ed18a3.tar.gz nixpkgs-4c8a198f12ed3131615e725c59349b04b8ed18a3.tar.bz2 nixpkgs-4c8a198f12ed3131615e725c59349b04b8ed18a3.tar.lz nixpkgs-4c8a198f12ed3131615e725c59349b04b8ed18a3.tar.xz nixpkgs-4c8a198f12ed3131615e725c59349b04b8ed18a3.tar.zst nixpkgs-4c8a198f12ed3131615e725c59349b04b8ed18a3.zip | |
tests/docs: remove remnants of old allowPing default (#49198)
This has been defaulting to true since 16.03, we don't need this code anymore, also the note in the documentation has been obsolete for quite a while.
| -rw-r--r-- | nixos/doc/manual/configuration/firewall.xml | 9 | ||||
| -rw-r--r-- | nixos/tests/ceph.nix | 7 | ||||
| -rw-r--r-- | nixos/tests/cjdns.nix | 3 | ||||
| -rw-r--r-- | nixos/tests/containers-bridge.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/containers-extra_veth.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/containers-ipv4.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/containers-ipv6.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/containers-portforward.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/containers-restart_networking.nix | 1 | ||||
| -rw-r--r-- | nixos/tests/nat.nix | 2 | ||||
| -rw-r--r-- | nixos/tests/networking.nix | 9 | ||||
| -rw-r--r-- | nixos/tests/quagga.nix | 1 |
12 files changed, 3 insertions, 34 deletions
diff --git a/nixos/doc/manual/configuration/firewall.xml b/nixos/doc/manual/configuration/firewall.xml index b66adcedce6..47a19ac82c0 100644 --- a/nixos/doc/manual/configuration/firewall.xml +++ b/nixos/doc/manual/configuration/firewall.xml @@ -34,13 +34,4 @@ Similarly, UDP port ranges can be opened through <xref linkend="opt-networking.firewall.allowedUDPPortRanges"/>. </para> - - <para> - Also of interest is -<programlisting> -<xref linkend="opt-networking.firewall.allowPing"/> = true; -</programlisting> - to allow the machine to respond to ping requests. (ICMPv6 pings are always - allowed.) - </para> </section> diff --git a/nixos/tests/ceph.nix b/nixos/tests/ceph.nix index dd45f0157b0..7408029c460 100644 --- a/nixos/tests/ceph.nix +++ b/nixos/tests/ceph.nix @@ -10,9 +10,8 @@ import ./make-test.nix ({pkgs, ...}: rec { emptyDiskImages = [ 20480 20480 ]; vlans = [ 1 ]; }; - + networking = { - firewall.allowPing = true; useDHCP = false; interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } @@ -54,7 +53,7 @@ import ./make-test.nix ({pkgs, ...}: rec { }; }; }; - + testScript = { ... }: '' startAll; @@ -83,7 +82,7 @@ import ./make-test.nix ({pkgs, ...}: rec { # Can't check ceph status until a mon is up $aio->succeed("ceph -s | grep 'mon: 1 daemons'"); - + # Start the ceph-mgr daemon, it has no deps and hardly any setup $aio->mustSucceed( "ceph auth get-or-create mgr.aio mon 'allow profile mgr' osd 'allow *' mds 'allow *' > /var/lib/ceph/mgr/ceph-aio/keyring", diff --git a/nixos/tests/cjdns.nix b/nixos/tests/cjdns.nix index ab5f8e0bcf3..e03bb988254 100644 --- a/nixos/tests/cjdns.nix +++ b/nixos/tests/cjdns.nix @@ -13,9 +13,6 @@ let # CJDNS output is incompatible with the XML log. systemd.services.cjdns.serviceConfig.StandardOutput = "null"; - #networking.firewall.enable = true; - networking.firewall.allowPing = true; - #networking.firewall.rejectPackets = true; }; in diff --git a/nixos/tests/containers-bridge.nix b/nixos/tests/containers-bridge.nix index bd8bd5dee9c..777cf9a7e7f 100644 --- a/nixos/tests/containers-bridge.nix +++ b/nixos/tests/containers-bridge.nix @@ -42,7 +42,6 @@ import ./make-test.nix ({ pkgs, ...} : { { services.httpd.enable = true; services.httpd.adminAddr = "foo@example.org"; networking.firewall.allowedTCPPorts = [ 80 ]; - networking.firewall.allowPing = true; }; }; diff --git a/nixos/tests/containers-extra_veth.nix b/nixos/tests/containers-extra_veth.nix index 8f874b3585d..b4c48afe48b 100644 --- a/nixos/tests/containers-extra_veth.nix +++ b/nixos/tests/containers-extra_veth.nix @@ -43,7 +43,6 @@ import ./make-test.nix ({ pkgs, ...} : { config = { networking.firewall.allowedTCPPorts = [ 80 ]; - networking.firewall.allowPing = true; }; }; diff --git a/nixos/tests/containers-ipv4.nix b/nixos/tests/containers-ipv4.nix index 4affe3d9d56..5f83a33b107 100644 --- a/nixos/tests/containers-ipv4.nix +++ b/nixos/tests/containers-ipv4.nix @@ -20,7 +20,6 @@ import ./make-test.nix ({ pkgs, ...} : { { services.httpd.enable = true; services.httpd.adminAddr = "foo@example.org"; networking.firewall.allowedTCPPorts = [ 80 ]; - networking.firewall.allowPing = true; system.stateVersion = "18.03"; }; }; diff --git a/nixos/tests/containers-ipv6.nix b/nixos/tests/containers-ipv6.nix index 7db389a18e7..5866e51b731 100644 --- a/nixos/tests/containers-ipv6.nix +++ b/nixos/tests/containers-ipv6.nix @@ -25,7 +25,6 @@ import ./make-test.nix ({ pkgs, ...} : { { services.httpd.enable = true; services.httpd.adminAddr = "foo@example.org"; networking.firewall.allowedTCPPorts = [ 80 ]; - networking.firewall.allowPing = true; }; }; diff --git a/nixos/tests/containers-portforward.nix b/nixos/tests/containers-portforward.nix index be83f82445e..d2dda926fc0 100644 --- a/nixos/tests/containers-portforward.nix +++ b/nixos/tests/containers-portforward.nix @@ -28,7 +28,6 @@ import ./make-test.nix ({ pkgs, ...} : { { services.httpd.enable = true; services.httpd.adminAddr = "foo@example.org"; networking.firewall.allowedTCPPorts = [ 80 ]; - networking.firewall.allowPing = true; }; }; diff --git a/nixos/tests/containers-restart_networking.nix b/nixos/tests/containers-restart_networking.nix index aeb0a6e68e2..0fb3b591e9f 100644 --- a/nixos/tests/containers-restart_networking.nix +++ b/nixos/tests/containers-restart_networking.nix @@ -10,7 +10,6 @@ let hostBridge = "br0"; config = { networking.firewall.enable = false; - networking.firewall.allowPing = true; networking.interfaces.eth0.ipv4.addresses = [ { address = "192.168.1.122"; prefixLength = 24; } ]; diff --git a/nixos/tests/nat.nix b/nixos/tests/nat.nix index 9c280fe8b5b..04b4f0f045f 100644 --- a/nixos/tests/nat.nix +++ b/nixos/tests/nat.nix @@ -11,7 +11,6 @@ import ./make-test.nix ({ pkgs, lib, withFirewall, withConntrackHelpers ? false, lib.mkMerge [ { virtualisation.vlans = [ 2 1 ]; networking.firewall.enable = withFirewall; - networking.firewall.allowPing = true; networking.nat.internalIPs = [ "192.168.1.0/24" ]; networking.nat.externalInterface = "eth1"; } @@ -33,7 +32,6 @@ import ./make-test.nix ({ pkgs, lib, withFirewall, withConntrackHelpers ? false, { pkgs, nodes, ... }: lib.mkMerge [ { virtualisation.vlans = [ 1 ]; - networking.firewall.allowPing = true; networking.defaultGateway = (pkgs.lib.head nodes.router.config.networking.interfaces.eth2.ipv4.addresses).address; } diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix index 87a8c4c0e19..d1d4fd41dda 100644 --- a/nixos/tests/networking.nix +++ b/nixos/tests/networking.nix @@ -17,7 +17,6 @@ let networking = { useDHCP = false; useNetworkd = networkd; - firewall.allowPing = true; firewall.checkReversePath = true; firewall.allowedUDPPorts = [ 547 ]; interfaces = mkOverride 0 (listToAttrs (flip map vlanIfs (n: @@ -86,7 +85,6 @@ let virtualisation.vlans = [ 1 2 ]; networking = { useNetworkd = networkd; - firewall.allowPing = true; useDHCP = false; defaultGateway = "192.168.1.1"; interfaces.eth1.ipv4.addresses = mkOverride 0 [ @@ -139,7 +137,6 @@ let virtualisation.vlans = [ 1 2 ]; networking = { useNetworkd = networkd; - firewall.allowPing = true; useDHCP = true; interfaces.eth1 = { ipv4.addresses = mkOverride 0 [ ]; @@ -194,7 +191,6 @@ let virtualisation.vlans = [ 1 2 ]; networking = { useNetworkd = networkd; - firewall.allowPing = true; useDHCP = false; interfaces.eth1 = { ipv4.addresses = mkOverride 0 [ ]; @@ -234,7 +230,6 @@ let virtualisation.vlans = [ 1 2 ]; networking = { useNetworkd = networkd; - firewall.allowPing = true; useDHCP = false; bonds.bond = { interfaces = [ "eth1" "eth2" ]; @@ -271,7 +266,6 @@ let virtualisation.vlans = [ vlan ]; networking = { useNetworkd = networkd; - firewall.allowPing = true; useDHCP = false; interfaces.eth1.ipv4.addresses = mkOverride 0 [ { inherit address; prefixLength = 24; } ]; @@ -285,7 +279,6 @@ let virtualisation.vlans = [ 1 2 ]; networking = { useNetworkd = networkd; - firewall.allowPing = true; useDHCP = false; bridges.bridge.interfaces = [ "eth1" "eth2" ]; interfaces.eth1.ipv4.addresses = mkOverride 0 [ ]; @@ -329,7 +322,6 @@ let # reverse path filtering rules for the macvlan interface seem # to be incorrect, causing the test to fail. Disable temporarily. firewall.checkReversePath = false; - firewall.allowPing = true; useDHCP = true; macvlans.macvlan.interface = "eth1"; interfaces.eth1.ipv4.addresses = mkOverride 0 [ ]; @@ -415,7 +407,6 @@ let #virtualisation.vlans = [ 1 ]; networking = { useNetworkd = networkd; - firewall.allowPing = true; useDHCP = false; vlans.vlan = { id = 1; diff --git a/nixos/tests/quagga.nix b/nixos/tests/quagga.nix index 0ff14a21584..6aee7ea57f0 100644 --- a/nixos/tests/quagga.nix +++ b/nixos/tests/quagga.nix @@ -66,7 +66,6 @@ import ./make-test.nix ({ pkgs, ... }: virtualisation.vlans = [ 3 ]; networking.defaultGateway = ifAddr nodes.router2 "eth1"; networking.firewall.allowedTCPPorts = [ 80 ]; - networking.firewall.allowPing = true; services.httpd.enable = true; services.httpd.adminAddr = "foo@example.com"; }; |