diff --git a/Dockerfile.fod.centos.new b/Dockerfile.fod.centos.new
index 192f6f50cd8b76b93f2c2beaf20401da9dc260db..e0046230f111bd3a764bf0d13b5eac590eb0525d 100644
--- a/Dockerfile.fod.centos.new
+++ b/Dockerfile.fod.centos.new
@@ -1,5 +1,5 @@
-# doc: to build+run: docker build -f Dockerfile.fod.centos.new -t fod.centos . && docker run -ti fod.centos
+# doc: to build+run: docker build -f Dockerfile.fod.centos.new -t fod.centos . && docker run -ti -p 8000:8000 fod.centos
#############################################################################
#############################################################################
diff --git a/docker-compose/fod_setup_environment-step3.sh b/docker-compose/fod_setup_environment-step3.sh
index 39faa11ab3787ce6c64072c32a87cd64cbb9cc9f..403441d45569358a8cabdba5cb1d08b5c7b6a99d 100755
--- a/docker-compose/fod_setup_environment-step3.sh
+++ b/docker-compose/fod_setup_environment-step3.sh
@@ -6,7 +6,11 @@ else
cd /opt/FOD
#./install-debian.sh --here --supervisord --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
#./install-debian.sh --here__with_venv_relative --supervisord --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
- ./install-debian.sh --fodproper1 --here__with_venv_relative --supervisord --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
+ ./install-debian.sh --fodproper1 \
+ --here__with_venv_relative --supervisord \
+ --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} \
+ --setup_test_rule --setup_test_rule5 testrtr1 10.1.10.11/32 10.2.10.12/32 1 admin \
+ --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
/opt/FOD/venv/bin/python -m pip install exabgp
touch /opt/setup_ok
fi
diff --git a/docker-compose/fod_setup_environment.sh b/docker-compose/fod_setup_environment.sh
index 6eecbf4f6915afee8b5e164d8a3fa3577b6fb727..b2a590f84cfe78c7a346156cfef1fef507c65a8f 100755
--- a/docker-compose/fod_setup_environment.sh
+++ b/docker-compose/fod_setup_environment.sh
@@ -5,7 +5,12 @@ if [ -e /opt/setup_ok ]; then
else
cd /opt/FOD
#./install-debian.sh --here --supervisord --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
- ./install-debian.sh --here__with_venv_relative --supervisord --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
+ #./install-debian.sh --here__with_venv_relative --supervisord --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
+ ./install-debian.sh \
+ --here__with_venv_relative --supervisord \
+ --setup_admin_user --setup_admin_user5 admin ${ADMIN_PASS} ${ADMIN_EMAIL} ${FOD_ORG} ${FOD_ORG_NET} \
+ --setup_test_rule --setup_test_rule5 testrtr1 10.1.10.11/32 10.2.10.12/32 1 admin \
+ --exabgp ${FOD_EXABGP_LOCAL_ID} ${FOD_EXABGP_LOCAL_IP} ${FOD_EXABGP_LOCAL_AS} ${FOD_EXABGP_REMOTE_ID} ${FOD_EXABGP_REMOTE_IP} ${FOD_EXABGP_REMOTE_AS}
/opt/FOD/venv/bin/python -m pip install exabgp
touch /opt/setup_ok
fi
diff --git a/inst/helpers/add_rule.sh b/inst/helpers/add_rule.sh
new file mode 100755
index 0000000000000000000000000000000000000000..3700416ac5777ac3bffad0f0a90927f4bcf0d9bd
--- /dev/null
+++ b/inst/helpers/add_rule.sh
@@ -0,0 +1,52 @@
+#!/bin/bash
+
+source_prefix="$1"
+shift 1
+[ -n "$source_prefix" ] || source_prefix="127.0.0.1/32"
+
+destination_prefix="$1"
+shift 1
+[ -n "$destination_prefix" ] || destination_prefix="0.0.0.0/0"
+
+#
+
+IPprotocolId="$1" #arg
+shift 1
+[ -n "$IPprotocolId" ] || IPprotocolId="1"
+
+#
+
+appliername="$1"
+shift 1
+[ -n "$appliername" ] || appliername="admin"
+
+#
+
+name_prefix="testrtr1"
+
+#
+
+{ cat /dev/fd/5 | ./pythonenv ./manage.py shell; } 5<<EOF
+from flowspec.models import *
+from django.contrib.auth.models import User;
+applier1 = User.objects.get(username__exact='$appliername');
+
+from django.db.models import Q
+query = Q()
+query |= Q(source='$source_prefix', destination='$destination_prefix', protocol__in=[$IPprotocolId])
+matching_routes = Route.objects.filter(query)
+
+if len(matching_routes)!=0:
+ print("test rule $name_prefix already exists")
+ print("matching_routes="+str(matching_routes))
+else:
+ a = Route(name='$name_prefix', source='$source_prefix', destination='$destination_prefix', status='INACTIVE', applier=applier1)
+ a.save();
+ a.protocol.set([$IPprotocolId])
+ a.save();
+EOF
+
+#
+
+echo "SELECT * from route;" | ./pythonenv ./manage.py dbshell | grep "$name_prefix.*$source_prefix.*$destination_prefix.*$IPprotocolId"
+
diff --git a/install-centos.sh b/install-centos.sh
index ce3922f135e9563db55e08f80be73fd751ceacb6..0946da3e98c90ea1034a93a5c70681977fa18e2e 100755
--- a/install-centos.sh
+++ b/install-centos.sh
@@ -92,6 +92,15 @@ setup_adminuser__peer_ip_prefix1="0.0.0.0/0"
#
+setup_testrule=0
+setup_testrule_appliername="$setup_adminuser__username"
+setup_testrule_name_prefix="testrule1"
+setup_testrule_source_prefix="0.0.0.0/0"
+setup_testrule_destination_prefix="127.0.0.1/32"
+setup_testrule_IPprotocolId=1 # ICMP
+
+#
+
setup_netconf=0
setup_netconf__device=
@@ -305,6 +314,22 @@ while [ $# -gt 0 ]; do
shift 1
setup_adminuser__peer_ip_prefix1="$1"
shift 1
+ elif [ $# -ge 1 -a "$1" = "--setup_test_rule" ]; then
+ shift 1
+ setup_test_rule=1
+ elif [ $# -ge 1 -a "$1" = "--setup_test_rule5" ]; then
+ shift 1
+ setup_testrule=1
+ setup_testrule_name_prefix="$1"
+ shift 1
+ setup_testrule_source_prefix="$1"
+ shift 1
+ setup_testrule_destination_prefix="$1"
+ shift 1
+ setup_testrule_IPprotocolId="$1"
+ shift 1
+ setup_testrule_appliername="$1"
+ shift 1
elif [ $# -ge 1 -a "$1" = "--netconf" ]; then
shift 1
setup_netconf=1
@@ -813,6 +838,36 @@ if [ "$install_fodproper" = 1 ]; then
fi
+ echo "setup_testrule=$setup_testrule" 1>&2
+
+ if [ "$setup_testrule" = 1 ]; then
+ echo "$0: step 2.4.2.1: setup test rule" 1>&2
+
+ (
+ set +e # for now ignore potential errors, especially in case user already exists
+ source ./venv/bin/activate
+{ cat /dev/fd/5 | ./pythonenv ./manage.py shell; } 5<<EOF
+from flowspec.models import *
+from django.contrib.auth.models import User;
+applier1 = User.objects.get(username__exact='$setup_testrule_appliername');
+
+from django.db.models import Q
+query = Q()
+query |= Q(source='$setup_testrule_source_prefix', destination='$setup_testrule_destination_prefix', protocol__in=[$setup_testrule_IPprotocolId])
+matching_routes = Route.objects.filter(query)
+
+if len(matching_routes)!=0:
+ print("test rule $setup_testrule_name_prefix already exists")
+ print("matching_routes="+str(matching_routes))
+else:
+ a = Route(name='$setup_testrule_name_prefix', source='$setup_testrule_source_prefix', destination='$setup_testrule_destination_prefix', status='INACTIVE', applier=applier1)
+ a.save();
+ a.protocol.set([$setup_testrule_IPprotocolId])
+ a.save();
+EOF
+ )
+ fi
+
##
# ./manage.py above may have created debug.log with root permissions:
diff --git a/install-debian.sh b/install-debian.sh
index b684c013020e5c30863d163848c98a7b452dcae2..bbf0d89b147c197cb98eedc4a29ce8072d5becd8 100755
--- a/install-debian.sh
+++ b/install-debian.sh
@@ -98,6 +98,15 @@ setup_adminuser__peer_ip_prefix1="0.0.0.0/0"
#
+setup_testrule=0
+setup_testrule_appliername="$setup_adminuser__username"
+setup_testrule_name_prefix="testrule1"
+setup_testrule_source_prefix="0.0.0.0/0"
+setup_testrule_destination_prefix="127.0.0.1/32"
+setup_testrule_IPprotocolId=1 # ICMP
+
+#
+
setup_netconf=0
setup_netconf__device=
@@ -408,6 +417,22 @@ while [ $# -gt 0 ]; do
shift 1
setup_adminuser__peer_ip_prefix1="$1"
shift 1
+ elif [ $# -ge 1 -a "$1" = "--setup_test_rule" ]; then
+ shift 1
+ setup_test_rule=1
+ elif [ $# -ge 1 -a "$1" = "--setup_test_rule5" ]; then
+ shift 1
+ setup_testrule=1
+ setup_testrule_name_prefix="$1"
+ shift 1
+ setup_testrule_source_prefix="$1"
+ shift 1
+ setup_testrule_destination_prefix="$1"
+ shift 1
+ setup_testrule_IPprotocolId="$1"
+ shift 1
+ setup_testrule_appliername="$1"
+ shift 1
elif [ $# -ge 1 -a "$1" = "--netconf" ]; then
shift 1
setup_netconf=1
@@ -954,6 +979,36 @@ if [ "$install_fodproper" = 1 ]; then
fi
+ echo "setup_testrule=$setup_testrule" 1>&2
+
+ if [ "$setup_testrule" = 1 ]; then
+ echo "$0: step 2.4.2.1: setup test rule" 1>&2
+
+ (
+ set +e # for now ignore potential errors, especially in case user already exists
+ source ./venv/bin/activate
+{ cat /dev/fd/5 | ./pythonenv ./manage.py shell; } 5<<EOF
+from flowspec.models import *
+from django.contrib.auth.models import User;
+applier1 = User.objects.get(username__exact='$setup_testrule_appliername');
+
+from django.db.models import Q
+query = Q()
+query |= Q(source='$setup_testrule_source_prefix', destination='$setup_testrule_destination_prefix', protocol__in=[$setup_testrule_IPprotocolId])
+matching_routes = Route.objects.filter(query)
+
+if len(matching_routes)!=0:
+ print("test rule $setup_testrule_name_prefix already exists")
+ print("matching_routes="+str(matching_routes))
+else:
+ a = Route(name='$setup_testrule_name_prefix', source='$setup_testrule_source_prefix', destination='$setup_testrule_destination_prefix', status='INACTIVE', applier=applier1)
+ a.save();
+ a.protocol.set([$setup_testrule_IPprotocolId])
+ a.save();
+EOF
+ )
+ fi
+
##
# ./manage.py above may have created debug.log with root permissions: