Container firewall test

[troglobit]

Description

• Minor cleanups
• test: basic firewall container #598
• Proposal for how a test section/group could look

Checklist

Tick relevant boxes, this PR is-a or has-a:

• Bugfix
  • Regression tests
  • ChangeLog updates (for next release)
• Feature
  • YANG model change => revision updated?
  • Regression tests added?
  • ChangeLog updates (for next release)
  • Documentation added?
• Test changes
  • Checked in changed Readme.adoc (make test-spec)
  • Added new test to group Readme.adoc and yaml file
• Code style update (formatting, renaming)
• Refactoring (please detail in commit messages)
• Build related changes
• Documentation content changes
  • ChangeLog updated (for major changes)
• Other (please describe):

[troglobit]

Ping @jovatn, this PR also contains a proposal for how a test section/group could look. It's a litmus test to see if we're aligned or if we need to discuss this a bit more. (Re: discussion you, me, and @axkar had the other day.)

[jovatn]

Great work!
Two comments:

• On section/group: Although informative to have a description on each section, I realized there are some risks. (1) Easy to forget to update if tests are added, removed or modified. (2) What if we create a test-suite which excludes some of the tests within a section? Then the section description risks being incorrect. This said, I still think it is a good idea, but we ought to avoid being too specific in the section description.
• On the firewall container test: Great! I only have a question on formatting; should we rename ext0/int0 to ext1/int1 or ext/int? No big deal, but we have changed the port naming to start by 1 instead of 0 in all(?) other tests.

[troglobit]

On section/group: Although informative to have a description on each section, I realized there are some risks. (1) Easy to forget to update if tests are added, removed or modified. (2) What if we create a test-suite which excludes some of the tests within a section? Then the section description risks being incorrect. This said, I still think it is a good idea, but we ought to avoid being too specific in the section description.

OK, I can drop it until we've agreed upon a strategy for these. Would that be better? (ping @mattiaswal)

On the firewall container test: Great! I only have a question on formatting; should we rename ext0/int0 to ext1/int1 or ext/int? No big deal, but we have changed the port naming to start by 1 instead of 0 in all(?) other tests.

Well, we have cases where we use veth0a<-->veth0b in examples and documentation, so I don't think this would be much of a difference.

[jovatn]

Well, we have cases where we use veth0a<-->veth0b in examples and documentation, so I don't think this would be much of a difference.

I agree. We frequently use br0 as well.

[troglobit]

Well, we have cases where we use veth0a<-->veth0b in examples and documentation, so I don't think this would be much of a difference.
I agree. We frequently use br0 as well.

Yeah, I think we talked about this at one point AFK as well. Iirc, the agreement was to use positive integers for physical interfaces (or interfaces supposed to emulate physical interfaces in virtual setups like Qemu/GNS3).

Side note, I wonder if the confusion in computer science, and computers in general, stems from the one in natural numbers, which some define as excluding zero?

[mattiaswal]

Great work! Two comments:

• On section/group: Although informative to have a description on each section, I realized there are some risks. (1) Easy to forget to update if tests are added, removed or modified. (2) What if we create a test-suite which excludes some of the tests within a section? Then the section description risks being incorrect. This said, I still think it is a good idea, but we ought to avoid being too specific in the section description.
• On the firewall container test: Great! I only have a question on formatting; should we rename ext0/int0 to ext1/int1 or ext/int? No big deal, but we have changed the port naming to start by 1 instead of 0 in all(?) other tests.

I agree on the group part, but as I see this is better than nothing. The test specification will not be done with this release, we must continue to work with the graphical parts.

My idea of the group page is to describe the functions tested overall, but I doubt someone has time to do it now.

[mattiaswal]

Great work! Gold star for you! ⭐ ⭐ ⭐ ⭐ ⭐