diff options
author | William A. Kennington III <william@wkennington.com> | 2014-09-18 11:21:35 -0700 |
---|---|---|
committer | William A. Kennington III <william@wkennington.com> | 2014-09-18 11:28:58 -0700 |
commit | b047f2ddec9bb3c0bcbbd2b3e325c729595b3887 (patch) | |
tree | aa45c5407756637e41288b405856729fc752fa8c /nixos/tests/nat.nix | |
parent | ae195727b77c94b44b5efbd1f2d4ae1bfefc9366 (diff) | |
download | nixpkgs-b047f2ddec9bb3c0bcbbd2b3e325c729595b3887.tar nixpkgs-b047f2ddec9bb3c0bcbbd2b3e325c729595b3887.tar.gz nixpkgs-b047f2ddec9bb3c0bcbbd2b3e325c729595b3887.tar.bz2 nixpkgs-b047f2ddec9bb3c0bcbbd2b3e325c729595b3887.tar.lz nixpkgs-b047f2ddec9bb3c0bcbbd2b3e325c729595b3887.tar.xz nixpkgs-b047f2ddec9bb3c0bcbbd2b3e325c729595b3887.tar.zst nixpkgs-b047f2ddec9bb3c0bcbbd2b3e325c729595b3887.zip |
nixos/tests/nat: Modify test to accomodate for firewall consolidation
Diffstat (limited to 'nixos/tests/nat.nix')
-rw-r--r-- | nixos/tests/nat.nix | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/nixos/tests/nat.nix b/nixos/tests/nat.nix index 87ed974edad..36d34c01377 100644 --- a/nixos/tests/nat.nix +++ b/nixos/tests/nat.nix @@ -48,7 +48,7 @@ import ./make-test.nix { $router->succeed("curl --fail http://server/ >&2"); # The client should be also able to connect via the NAT router. - $router->waitForUnit("nat"); + $router->waitForUnit("firewall"); # Nat leverages the firewall service $client->waitForUnit("network.target"); $client->succeed("curl --fail http://server/ >&2"); $client->succeed("ping -c 1 server >&2"); @@ -66,12 +66,13 @@ import ./make-test.nix { $router->succeed("ping -c 1 client >&2"); # If we turn off NAT, the client shouldn't be able to reach the server. - $router->stopJob("nat"); + $router->succeed("iptables -t nat -D PREROUTING -j nixos-nat-pre"); + $router->succeed("iptables -t nat -D POSTROUTING -j nixos-nat-post"); $client->fail("curl --fail --connect-timeout 5 http://server/ >&2"); $client->fail("ping -c 1 server >&2"); # And make sure that restarting the NAT job works. - $router->succeed("systemctl start nat"); + $router->succeed("systemctl reload firewall"); # Nat leverages the firewall service $client->succeed("curl --fail http://server/ >&2"); $client->succeed("ping -c 1 server >&2"); ''; |