Updated the iptable rule to use parent/base name of midplane interfac…

…e of chassis. (#75)
sonic-net · Nov 19, 2023 · 689395a · 689395a
1 parent 45212a8
commit 689395a
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 9 deletions.
diff --git a/scripts/caclmgrd b/scripts/caclmgrd
@@ -305,16 +305,22 @@ class ControlPlaneAclManager(daemon_base.DaemonBase):
         ip_address_cmd1 = ['awk', '{print $4}']
         ip_address_cmd2 = ['cut', '-d', '/', '-f1']
         ip_address_cmd3 = ['head', '-1']
-        return self.run_commands_pipe(ip_address_cmd0, ip_address_cmd1, ip_address_cmd2, ip_address_cmd3)
+        ip_address_cmd4 = ['awk', '{print $0}']
+        ip_address_cmd5 = ['cut', '-d', ' ', '-f2']
+
+        midplane_dev_name = self.run_commands_pipe(ip_address_cmd0, ip_address_cmd4, ip_address_cmd5)
+        midplane_ip = self.run_commands_pipe(ip_address_cmd0, ip_address_cmd1, ip_address_cmd2, ip_address_cmd3)
+
+        return midplane_dev_name, midplane_ip
 
     def generate_allow_internal_chasis_midplane_traffic(self, namespace):
         allow_internal_chassis_midplane_traffic = []
         if device_info.is_chassis() and not namespace:
-            chassis_midplane_ip = self.get_chassis_midplane_interface_ip()
+            chassis_midplane_dev_name, chassis_midplane_ip = self.get_chassis_midplane_interface_ip()
             if not chassis_midplane_ip:
                 return allow_internal_chassis_midplane_traffic
             allow_internal_chassis_midplane_traffic.append(['iptables', '-A', 'INPUT', '-s', chassis_midplane_ip, '-d', chassis_midplane_ip, '-j', 'ACCEPT'])
-            allow_internal_chassis_midplane_traffic.append(['iptables', '-A', 'INPUT', '-i', 'eth1-midplane', '-j', 'ACCEPT'])
+            allow_internal_chassis_midplane_traffic.append(['iptables', '-A', 'INPUT', '-i', chassis_midplane_dev_name, '-j', 'ACCEPT'])
 
         return allow_internal_chassis_midplane_traffic
 

diff --git a/tests/caclmgrd/caclmgrd_chassis_midplane_test.py b/tests/caclmgrd/caclmgrd_chassis_midplane_test.py
@@ -35,9 +35,9 @@ def test_caclmgrd_chassis_midplane(self, test_name, test_data, fs):
             fs.create_file(DBCONFIG_PATH) # fake database_config.json
 
         with mock.patch("sonic_py_common.device_info.is_chassis", return_value=True):
-            with mock.patch("caclmgrd.ControlPlaneAclManager.run_commands_pipe", return_value='1.0.0.33'):
-                caclmgrd_daemon = self.caclmgrd.ControlPlaneAclManager("caclmgrd")
-                ret = caclmgrd_daemon.generate_allow_internal_chasis_midplane_traffic('')
-                self.assertListEqual(test_data["return"], ret)
-                ret = caclmgrd_daemon.generate_allow_internal_chasis_midplane_traffic('asic0')
-                self.assertListEqual([], ret)
+            with mock.patch("caclmgrd.ControlPlaneAclManager.run_commands_pipe", side_effect=["eth1-midplane", "1.0.0.33", "eth1-midplane", "1.0.0.33"]):
+                    caclmgrd_daemon = self.caclmgrd.ControlPlaneAclManager("caclmgrd")
+                    ret = caclmgrd_daemon.generate_allow_internal_chasis_midplane_traffic('')
+                    self.assertListEqual(test_data["return"], ret)
+                    ret = caclmgrd_daemon.generate_allow_internal_chasis_midplane_traffic('asic0')
+                    self.assertListEqual([], ret)