Merge pull request #7292 from inverse-inc/feature/security-event-rand…

…om-mac

[Venom] Security test random mac and other async fixes

t/venom/scenarios/inline/playbooks/run_tests.yml

@@ -13,6 +13,8 @@
       - inline/l2/teardown
       - security_event_suricata
       - security_event_suricata/teardown
+      - security_event_random_mac
+      - security_event_random_mac/teardown
 
   tasks:
     - name: Run Venom testsuites

t/venom/test_suites/common/restart_iptables_service.yml

@@ -1,17 +1,6 @@
 name: Restart iptables service
 testcases:
-- name: get_login_token
-  steps:
-  - type: get_login_token
-
 - name: restart_iptables_service
   steps:
-  - type: http
-    method: POST
-    url: '{{.pfserver_webadmin_url}}/api/v1/service/iptables/restart'
-    ignore_verify_ssl: true
-    headers:
-      "Authorization": "{{.get_login_token.result.token}}"
-      "Content-Type": "application/json"
-    assertions:
-      - result.statuscode ShouldEqual 200
+  - type: pf_api_service_restart_async
+    service: 'iptables'

t/venom/test_suites/common/restart_pfcron_service.yml

@@ -1,17 +1,6 @@
 name: Restart pfcron service
 testcases:
-- name: get_login_token
-  steps:
-  - type: get_login_token
-
 - name: restart_pfcron_service
   steps:
-  - type: http
-    method: POST
-    url: '{{.pfserver_webadmin_url}}/api/v1/service/pfcron/restart'
-    ignore_verify_ssl: true
-    headers:
-      "Authorization": "{{.get_login_token.result.token}}"
-      "Content-Type": "application/json"
-    assertions:
-      - result.statuscode ShouldEqual 200
+  - type: pf_api_service_restart_async 
+    service: 'pfcron'

t/venom/test_suites/common/restart_pfdhcp_service.yml

@@ -1,17 +1,6 @@
 name: Restart pfdhcp service
 testcases:
-- name: get_login_token
-  steps:
-  - type: get_login_token
-
 - name: restart_pfdhcp_service
   steps:
-  - type: http
-    method: POST
-    url: '{{.pfserver_webadmin_url}}/api/v1/service/pfdhcp/restart'
-    ignore_verify_ssl: true
-    headers:
-      "Authorization": "{{.get_login_token.result.token}}"
-      "Content-Type": "application/json"
-    assertions:
-      - result.statuscode ShouldEqual 200
+  - type: pf_api_service_restart_async
+    service: 'pfdhcp'

t/venom/test_suites/common/restart_pfdhcplistener_service.yml

@@ -1,17 +1,6 @@
 name: Restart pfdhcplistener service
 testcases:
-- name: get_login_token
-  steps:
-  - type: get_login_token
-
 - name: restart_pfdhcplistener_service
   steps:
-  - type: http
-    method: POST
-    url: '{{.pfserver_webadmin_url}}/api/v1/service/pfdhcplistener/restart'
-    ignore_verify_ssl: true
-    headers:
-      "Authorization": "{{.get_login_token.result.token}}"
-      "Content-Type": "application/json"
-    assertions:
-      - result.statuscode ShouldEqual 200
+  - type: pf_api_service_restart_async
+    service: 'pfdhcplistener'

t/venom/test_suites/common/restart_pfdns_service.yml

@@ -1,17 +1,6 @@
 name: Restart pfdns service
 testcases:
-- name: get_login_token
-  steps:
-  - type: get_login_token
-
 - name: restart_pfdns_service
   steps:
-  - type: http
-    method: POST
-    url: '{{.pfserver_webadmin_url}}/api/v1/service/pfdns/restart'
-    ignore_verify_ssl: true
-    headers:
-      "Authorization": "{{.get_login_token.result.token}}"
-      "Content-Type": "application/json"
-    assertions:
-      - result.statuscode ShouldEqual 200
+  - type: pf_api_service_restart_async
+    service: 'pfdns'

t/venom/test_suites/common/restart_radius_services.yml

@@ -1,27 +1,10 @@
 name: Restart RADIUS services
 testcases:
-- name: get_login_token
-  steps:
-  - type: get_login_token
-
 - name: restart_radius_services
   steps:
-  - type: http
-    method: POST
-    url: '{{.pfserver_webadmin_url}}/api/v1/service/radiusd-auth/restart'
-    ignore_verify_ssl: true
-    headers:
-      "Authorization": "{{.get_login_token.result.token}}"
-      "Content-Type": "application/json"
-    assertions:
-      - result.statuscode ShouldEqual 200
+  - type: pf_api_service_restart_async
+    service: 'radiusd-auth'
 
   - type: http
-    method: POST
-    url: '{{.pfserver_webadmin_url}}/api/v1/service/pfacct/restart'
-    ignore_verify_ssl: true
-    headers:
-      "Authorization": "{{.get_login_token.result.token}}"
-      "Content-Type": "application/json"
-    assertions:
-      - result.statuscode ShouldEqual 200
+    method: pf_api_service_restart_async
+    service: 'pfacct'

t/venom/test_suites/security_event_random_mac/00_setup_network.yml

@@ -0,0 +1,52 @@
+name: Setup inlinel2 network
+testcases:
+
+  - name: create_two_virtual_ethernet_interfaces
+    steps:
+    - type: exec
+      script: ip link add bridgeinlinel2 type veth peer name inlinel2
+
+  - name: create_tap_interface
+    steps:
+      - type: exec
+        script: ip tuntap add blok-tap1 mode tap
+
+  - name: set_blok-tap1_up
+    steps:
+      - type: exec
+        script: ip link set blok-tap1 up
+
+  - name: create_bridge
+    steps:
+    - type: exec
+      script: ip link add blok-br1 type bridge
+
+  - name: set_bridge_up
+    steps:
+    - type: exec
+      script: ip link set blok-br1 up
+
+  - name: set_blok-vpeer0_up
+    steps:
+    - type: exec
+      script:  ip link set inlinel2 up
+
+  - name: set_bridgeinlinel2_up
+    steps:
+    - type: exec
+      script:  ip link set bridgeinlinel2 up
+
+  - name: add_ip_to_inlinel2_interface
+    steps:
+    - type: exec
+      script: 'ip addr add {{.security_event_random_mac.pf_portal}}/24 dev inlinel2'
+
+  - name: add_bridgeinlinel2_in_the_blok-br1_bridge
+    steps:
+    - type: exec
+      script: ip link set bridgeinlinel2 master blok-br1
+
+  - name: add_blok-tap1_in_the_blok-br1_bridge
+    steps:
+    - type: exec
+      script: ip link set blok-tap1 master blok-br1