hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-2481 Allow [un]block-commands to be overriden

Browse Source 
In the case of Clustrix, there are other ports to block as well.
This commit is contained in:
Johan Wikman
2019-05-22 10:13:02 +03:00
parent 5a26bd8ce5
commit 0d3a235851
2 changed files with 45 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
maxscale-system-test/mariadb_nodes.cpp
View File

@ -489,26 +489,50 @@ int Mariadb_nodes::clean_iptables(int node)
port[node]); port[node]);
} }
std::string Mariadb_nodes::block_command(int node) const
{
const char FORMAT[] =
"iptables -I INPUT -p tcp --dport %d -j REJECT;"
"ip6tables -I INPUT -p tcp --dport %d -j REJECT";
char command[sizeof(FORMAT) + 20];
sprintf(command, FORMAT, port[node], port[node]);
return command;
}
std::string Mariadb_nodes::unblock_command(int node) const
{
const char FORMAT[] =
"iptables -I INPUT -p tcp --dport %d -j ACCEPT;"
"ip6tables -I INPUT -p tcp --dport %d -j ACCEPT";
char command[sizeof(FORMAT) + 20];
sprintf(command, FORMAT, port[node], port[node]);
return command;
}
int Mariadb_nodes::block_node(int node) int Mariadb_nodes::block_node(int node)
{ {
int local_result = 0; std::string command = block_command(node);
int local_result = 0;
local_result += ssh_node_f(node, true, "%s", command.c_str());
local_result += ssh_node_f(node, true,
"iptables -I INPUT -p tcp --dport %d -j REJECT;"
"ip6tables -I INPUT -p tcp --dport %d -j REJECT",
port[node], port[node]);
blocked[node] = true; blocked[node] = true;
return local_result; return local_result;
} }
int Mariadb_nodes::unblock_node(int node) int Mariadb_nodes::unblock_node(int node)
{ {
std::string command = unblock_command(node);
int local_result = 0; int local_result = 0;
local_result += clean_iptables(node); local_result += clean_iptables(node);
local_result += ssh_node_f(node, true, local_result += ssh_node_f(node, true, "%s", command.c_str());
"iptables -I INPUT -p tcp --dport %d -j ACCEPT;"
"ip6tables -I INPUT -p tcp --dport %d -j ACCEPT",
port[node], port[node]);
blocked[node] = false; blocked[node] = false;
return local_result; return local_result;

12
maxscale-system-test/mariadb_nodes.h
View File

@ -240,6 +240,18 @@ public:
// Create the default users used by all tests // Create the default users used by all tests
void create_users(int node); void create_users(int node);
/**
* @param node Index of node to block.
* @return The command used for blocking a node.
*/
virtual std::string block_command(int node) const;
/**
* @param node Index of node to unblock.
* @return The command used for unblocking a node.
*/
virtual std::string unblock_command(int node) const;
/** /**
* @brif BlockNode setup firewall on a backend node to block MariaDB port * @brif BlockNode setup firewall on a backend node to block MariaDB port
* @param node Index of node to block * @param node Index of node to block