nat: Make the access-list deny cause configurable
Add two optional arguments to the imsi-deny rule for the reject cause and verify that it is saved out.
This commit is contained in:
parent
802cb5efc2
commit
d8afce9b6d
|
@ -78,8 +78,10 @@ static void write_acc_lst(struct vty *vty, struct bsc_nat_acc_lst *lst)
|
|||
vty_out(vty, " access-list %s imsi-allow %s%s",
|
||||
lst->name, entry->imsi_allow, VTY_NEWLINE);
|
||||
if (entry->imsi_deny)
|
||||
vty_out(vty, " access-list %s imsi-deny %s%s",
|
||||
lst->name, entry->imsi_deny, VTY_NEWLINE);
|
||||
vty_out(vty, " access-list %s imsi-deny %s %d %d%s",
|
||||
lst->name, entry->imsi_deny,
|
||||
entry->cm_reject_cause, entry->lu_reject_cause,
|
||||
VTY_NEWLINE);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -870,11 +872,13 @@ DEFUN(cfg_lst_imsi_allow,
|
|||
|
||||
DEFUN(cfg_lst_imsi_deny,
|
||||
cfg_lst_imsi_deny_cmd,
|
||||
"access-list NAME imsi-deny [REGEXP]",
|
||||
"access-list NAME imsi-deny [REGEXP] (<0-256>) (<0-256>)",
|
||||
"Access list commands\n"
|
||||
"Name of the access list\n"
|
||||
"Add denied IMSI to the list\n"
|
||||
"Regexp for IMSIs\n")
|
||||
"Regexp for IMSIs\n"
|
||||
"CM Service Reject reason\n"
|
||||
"LU Reject reason\n")
|
||||
{
|
||||
struct bsc_nat_acc_lst *acc;
|
||||
struct bsc_nat_acc_lst_entry *entry;
|
||||
|
@ -889,6 +893,10 @@ DEFUN(cfg_lst_imsi_deny,
|
|||
|
||||
if (gsm_parse_reg(acc, &entry->imsi_deny_re, &entry->imsi_deny, argc - 1, &argv[1]) != 0)
|
||||
return CMD_WARNING;
|
||||
if (argc >= 3)
|
||||
entry->cm_reject_cause = atoi(argv[2]);
|
||||
if (argc >= 4)
|
||||
entry->lu_reject_cause = atoi(argv[3]);
|
||||
return CMD_SUCCESS;
|
||||
}
|
||||
|
||||
|
|
|
@ -512,6 +512,44 @@ class TestVTYNAT(TestVTYGenericBSC):
|
|||
res = self.vty.verify("show ussd-connection", ['The USSD side channel provider is not connected and not authorized.'])
|
||||
self.assertTrue(res)
|
||||
|
||||
def testAccessList(self):
|
||||
"""
|
||||
Verify that the imsi-deny can have a reject cause or no reject cause
|
||||
"""
|
||||
self.vty.enable()
|
||||
self.vty.command("configure terminal")
|
||||
self.vty.command("nat")
|
||||
|
||||
# Old default
|
||||
self.vty.command("access-list test-default imsi-deny ^123[0-9]*$")
|
||||
res = self.vty.command("show running-config").split("\r\n")
|
||||
asserted = False
|
||||
for line in res:
|
||||
if line.startswith(" access-list"):
|
||||
self.assertEqual(line, " access-list test-default imsi-deny ^123[0-9]*$ 11 11")
|
||||
asserted = True
|
||||
self.assert_(asserted)
|
||||
|
||||
# Check the optional CM Service Reject Cause
|
||||
self.vty.command("access-list test-cm-deny imsi-deny ^123[0-9]*$ 42").split("\r\n")
|
||||
res = self.vty.command("show running-config").split("\r\n")
|
||||
asserted = False
|
||||
for line in res:
|
||||
if line.startswith(" access-list test-cm"):
|
||||
self.assertEqual(line, " access-list test-cm-deny imsi-deny ^123[0-9]*$ 42 11")
|
||||
asserted = True
|
||||
self.assert_(asserted)
|
||||
|
||||
# Check the optional LU Reject Cause
|
||||
self.vty.command("access-list test-lu-deny imsi-deny ^123[0-9]*$ 23 42").split("\r\n")
|
||||
res = self.vty.command("show running-config").split("\r\n")
|
||||
asserted = False
|
||||
for line in res:
|
||||
if line.startswith(" access-list test-lu"):
|
||||
self.assertEqual(line, " access-list test-lu-deny imsi-deny ^123[0-9]*$ 23 42")
|
||||
asserted = True
|
||||
self.assert_(asserted)
|
||||
|
||||
class TestVTYGbproxy(TestVTYGenericBSC):
|
||||
|
||||
def vty_command(self):
|
||||
|
|
Loading…
Reference in New Issue