diff options
author | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2014-01-20 10:14:05 +0100 |
---|---|---|
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2014-01-20 10:14:05 +0100 |
commit | 6419018e6809924d56d764ba195cbce4c57776f2 (patch) | |
tree | 36e7820ae3a11ca432452e2c3ac37c14db6e7f5d /openbsc | |
parent | 415cd2eebb5313f044612385e09d8b8af9cfe674 (diff) |
nat: Make the access-list deny cause configurable
Add two optional arguments to the imsi-deny rule
for the reject cause and verify that it is saved
out.
Diffstat (limited to 'openbsc')
-rw-r--r-- | openbsc/src/osmo-bsc_nat/bsc_nat_vty.c | 16 | ||||
-rw-r--r-- | openbsc/tests/vty_test_runner.py | 38 |
2 files changed, 50 insertions, 4 deletions
diff --git a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c index 8dea34e64..261a194c3 100644 --- a/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c +++ b/openbsc/src/osmo-bsc_nat/bsc_nat_vty.c @@ -78,8 +78,10 @@ static void write_acc_lst(struct vty *vty, struct bsc_nat_acc_lst *lst) vty_out(vty, " access-list %s imsi-allow %s%s", lst->name, entry->imsi_allow, VTY_NEWLINE); if (entry->imsi_deny) - vty_out(vty, " access-list %s imsi-deny %s%s", - lst->name, entry->imsi_deny, VTY_NEWLINE); + vty_out(vty, " access-list %s imsi-deny %s %d %d%s", + lst->name, entry->imsi_deny, + entry->cm_reject_cause, entry->lu_reject_cause, + VTY_NEWLINE); } } @@ -870,11 +872,13 @@ DEFUN(cfg_lst_imsi_allow, DEFUN(cfg_lst_imsi_deny, cfg_lst_imsi_deny_cmd, - "access-list NAME imsi-deny [REGEXP]", + "access-list NAME imsi-deny [REGEXP] (<0-256>) (<0-256>)", "Access list commands\n" "Name of the access list\n" "Add denied IMSI to the list\n" - "Regexp for IMSIs\n") + "Regexp for IMSIs\n" + "CM Service Reject reason\n" + "LU Reject reason\n") { struct bsc_nat_acc_lst *acc; struct bsc_nat_acc_lst_entry *entry; @@ -889,6 +893,10 @@ DEFUN(cfg_lst_imsi_deny, if (gsm_parse_reg(acc, &entry->imsi_deny_re, &entry->imsi_deny, argc - 1, &argv[1]) != 0) return CMD_WARNING; + if (argc >= 3) + entry->cm_reject_cause = atoi(argv[2]); + if (argc >= 4) + entry->lu_reject_cause = atoi(argv[3]); return CMD_SUCCESS; } diff --git a/openbsc/tests/vty_test_runner.py b/openbsc/tests/vty_test_runner.py index 74f0fd21a..092f5ae6f 100644 --- a/openbsc/tests/vty_test_runner.py +++ b/openbsc/tests/vty_test_runner.py @@ -512,6 +512,44 @@ class TestVTYNAT(TestVTYGenericBSC): res = self.vty.verify("show ussd-connection", ['The USSD side channel provider is not connected and not authorized.']) self.assertTrue(res) + def testAccessList(self): + """ + Verify that the imsi-deny can have a reject cause or no reject cause + """ + self.vty.enable() + self.vty.command("configure terminal") + self.vty.command("nat") + + # Old default + self.vty.command("access-list test-default imsi-deny ^123[0-9]*$") + res = self.vty.command("show running-config").split("\r\n") + asserted = False + for line in res: + if line.startswith(" access-list"): + self.assertEqual(line, " access-list test-default imsi-deny ^123[0-9]*$ 11 11") + asserted = True + self.assert_(asserted) + + # Check the optional CM Service Reject Cause + self.vty.command("access-list test-cm-deny imsi-deny ^123[0-9]*$ 42").split("\r\n") + res = self.vty.command("show running-config").split("\r\n") + asserted = False + for line in res: + if line.startswith(" access-list test-cm"): + self.assertEqual(line, " access-list test-cm-deny imsi-deny ^123[0-9]*$ 42 11") + asserted = True + self.assert_(asserted) + + # Check the optional LU Reject Cause + self.vty.command("access-list test-lu-deny imsi-deny ^123[0-9]*$ 23 42").split("\r\n") + res = self.vty.command("show running-config").split("\r\n") + asserted = False + for line in res: + if line.startswith(" access-list test-lu"): + self.assertEqual(line, " access-list test-lu-deny imsi-deny ^123[0-9]*$ 23 42") + asserted = True + self.assert_(asserted) + class TestVTYGbproxy(TestVTYGenericBSC): def vty_command(self): |