100 lines
3.2 KiB
Nix
100 lines
3.2 KiB
Nix
|
# This tests whether UPnP port mappings can be created using Miniupnpd
|
||
|
# and Miniupnpc.
|
||
|
# It runs a Miniupnpd service on one machine, and verifies
|
||
|
# a client can indeed create a port mapping using Miniupnpc. If
|
||
|
# this succeeds an external client will try to connect to the port
|
||
|
# mapping.
|
||
|
|
||
|
import ./make-test-python.nix ({ pkgs, useNftables, ... }:
|
||
|
|
||
|
let
|
||
|
internalRouterAddress = "192.168.3.1";
|
||
|
internalClient1Address = "192.168.3.2";
|
||
|
externalRouterAddress = "80.100.100.1";
|
||
|
externalClient2Address = "80.100.100.2";
|
||
|
in
|
||
|
{
|
||
|
name = "upnp";
|
||
|
meta = with pkgs.lib.maintainers; {
|
||
|
maintainers = [ bobvanderlinden ];
|
||
|
};
|
||
|
|
||
|
nodes =
|
||
|
{
|
||
|
router =
|
||
|
{ pkgs, nodes, ... }:
|
||
|
{ virtualisation.vlans = [ 1 2 ];
|
||
|
networking.nat.enable = true;
|
||
|
networking.nat.internalInterfaces = [ "eth2" ];
|
||
|
networking.nat.externalInterface = "eth1";
|
||
|
networking.nftables.enable = useNftables;
|
||
|
networking.firewall.enable = true;
|
||
|
networking.firewall.trustedInterfaces = [ "eth2" ];
|
||
|
networking.interfaces.eth1.ipv4.addresses = [
|
||
|
{ address = externalRouterAddress; prefixLength = 24; }
|
||
|
];
|
||
|
networking.interfaces.eth2.ipv4.addresses = [
|
||
|
{ address = internalRouterAddress; prefixLength = 24; }
|
||
|
];
|
||
|
services.miniupnpd = {
|
||
|
enable = true;
|
||
|
externalInterface = "eth1";
|
||
|
internalIPs = [ "eth2" ];
|
||
|
appendConfig = ''
|
||
|
ext_ip=${externalRouterAddress}
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
|
||
|
client1 =
|
||
|
{ pkgs, nodes, ... }:
|
||
|
{ environment.systemPackages = [ pkgs.miniupnpc pkgs.netcat ];
|
||
|
virtualisation.vlans = [ 2 ];
|
||
|
networking.defaultGateway = internalRouterAddress;
|
||
|
networking.interfaces.eth1.ipv4.addresses = [
|
||
|
{ address = internalClient1Address; prefixLength = 24; }
|
||
|
];
|
||
|
networking.firewall.enable = false;
|
||
|
|
||
|
services.httpd.enable = true;
|
||
|
services.httpd.virtualHosts.localhost = {
|
||
|
listen = [{ ip = "*"; port = 9000; }];
|
||
|
adminAddr = "foo@example.org";
|
||
|
documentRoot = "/tmp";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
client2 =
|
||
|
{ pkgs, ... }:
|
||
|
{ environment.systemPackages = [ pkgs.miniupnpc ];
|
||
|
virtualisation.vlans = [ 1 ];
|
||
|
networking.interfaces.eth1.ipv4.addresses = [
|
||
|
{ address = externalClient2Address; prefixLength = 24; }
|
||
|
];
|
||
|
networking.firewall.enable = false;
|
||
|
};
|
||
|
};
|
||
|
|
||
|
testScript =
|
||
|
{ nodes, ... }:
|
||
|
''
|
||
|
start_all()
|
||
|
|
||
|
# Wait for network and miniupnpd.
|
||
|
router.systemctl("start network-online.target")
|
||
|
router.wait_for_unit("network-online.target")
|
||
|
# $router.wait_for_unit("nat")
|
||
|
router.wait_for_unit("${if useNftables then "nftables" else "firewall"}.service")
|
||
|
router.wait_for_unit("miniupnpd")
|
||
|
|
||
|
client1.systemctl("start network-online.target")
|
||
|
client1.wait_for_unit("network-online.target")
|
||
|
|
||
|
client1.succeed("upnpc -a ${internalClient1Address} 9000 9000 TCP")
|
||
|
|
||
|
client1.wait_for_unit("httpd")
|
||
|
client2.wait_until_succeeds("curl -f http://${externalRouterAddress}:9000/")
|
||
|
'';
|
||
|
|
||
|
})
|