fix(networking): volatiles with public ip

issue #1099

fix(networking): volatiles with public ip
issue #1099
bf0b2b8f · Francesc Guasch · f40bb513 · bf0b2b8f · bf0b2b8f · bf0b2b8f
Commit bf0b2b8f authored Jul 11, 2019 by Francesc Guasch
--- a/lib/Ravada/Domain.pm
+++ b/lib/Ravada/Domain.pm
@@ -2515,7 +2515,7 @@ sub _add_iptable {
    my $display_info = $self->display_info($user);
    $self->display_file($user) if !$self->_data('display_file');

-    my $local_ip = $display_info->{listen_ip};
+    my $local_ip = (delete $args{local_ip} or $display_info->{listen_ip});
    my $local_port = $display_info->{port};

    $self->_remove_iptables( port => $local_port );
@@ -2631,6 +2631,14 @@ sub open_iptables {
    }

    $self->_add_iptable(%args);
+
+    my $remote_ip = $args{remote_ip};
+    if ($remote_ip && $remote_ip =~ /^127\./) {
+        my %args2 = %args;
+        $args2{local_ip} = $self->_vm->ip;
+        $self->_add_iptable(%args2);
+    }
+
    $self->info($user);
 }


--- a/lib/Ravada/VM.pm
+++ b/lib/Ravada/VM.pm
@@ -608,12 +608,12 @@ sub _interface_ip($self, $remote_ip=undef) {

 sub listen_ip($self, $remote_ip=undef) {
    return Ravada::display_ip() if Ravada::display_ip();
+    return $self->public_ip     if $self->public_ip;

    return $self->_interface_ip($remote_ip) if $remote_ip;

    return (
-            $self->public_ip
-            or $self->ip()
+            $self->ip()
    );
 }


--- a/t/kvm/n10_nodes.t
+++ b/t/kvm/n10_nodes.t
@@ -191,7 +191,7 @@ sub test_iptables($node, $remote_ip, $local_ip, $local_port) {
        , local_ip => $local_ip
        , local_port => $local_port
    );
-    ok(scalar @line,$node->type." No iptables found $remote_ip -> $local_ip:$local_port");
+    ok(scalar @line,$node->type." No iptables found $remote_ip -> $local_ip:$local_port") or confess;
    ok(scalar @line == 1,$node->type." iptables should found only 1 found $remote_ip -> $local_ip:$local_port ".Dumper(\@line));
 }

@@ -1162,6 +1162,9 @@ SKIP: {
    is($node->is_local,0,"Expecting ".$node->name." ".$node->ip." is remote" ) or BAIL_OUT();

    is($vm->shared_storage($node,'/var/tmp/'),0) or exit;
+
+    test_domain($vm_name, $node);
+
    test_migrate_back($node);

    test_remove_base_main($node);

--- a/t/vm/91_fw_req.t
+++ b/t/vm/91_fw_req.t
 use warnings;
 use strict;

+use Carp qw(confess);
 use Data::Dumper;
 use JSON::XS;
 use Test::More;
@@ -53,9 +54,7 @@ sub test_create_domain {
    return $domain->name;
 }

-sub test_fw_domain{
-    my ($vm_name, $domain_name) = @_;
-    my $remote_ip = '99.88.77.66';
+sub test_fw_domain($vm_name, $domain_name, $remote_ip='99.88.77.66') {

    my $local_ip;
    my $local_port;
@@ -65,11 +64,13 @@ sub test_fw_domain{
        my $vm = rvd_back->search_vm($vm_name);
        my $domain = $vm->search_domain($domain_name);
        ok($domain,"Searching for domain $domain_name") or return;
+        $domain->shutdown_now($USER) if $domain->is_active;
        $domain->start( user => $USER, remote_ip => $remote_ip);

        my $display = $domain->display($USER);
        ($local_port) = $display =~ m{\d+\.\d+\.\d+\.\d+\:(\d+)};
        $local_ip = $vm->ip;
+        $local_ip = $vm->public_ip if $vm->public_ip;

        ok(defined $local_port, "Expecting a port in display '$display'") or return;
    
@@ -99,6 +100,14 @@ sub test_fw_domain{

 }

+sub test_fw_domain_public_ip($vm_name, $domain_name, $remote_ip='1.2.3.4') {
+    my $vm = rvd_back->search_vm($vm_name);
+    $vm->public_ip('127.0.0.2');
+
+    test_fw_domain($vm_name, $domain_name, $remote_ip);
+    $vm->public_ip('');
+}
+
 sub test_fw_domain_pause {
    my ($vm_name, $domain_name) = @_;
    my $remote_ip = '99.88.77.66';
@@ -141,7 +150,7 @@ sub test_fw_domain_pause {

        is($req->status,'done');
        is($req->error,'');
-        ok(search_rule($local_ip,$local_port, $remote_ip ),"Expecting rule for $local_ip:$local_port <- $remote_ip") or return;
+        ok(search_rule($local_ip,$local_port, $remote_ip ),"Expecting rule for $local_ip:$local_port <- $remote_ip") or confess;
        my @messages2 = $USER->messages();
        is(scalar @messages2, scalar @messages
            ,"Expecting no new messages ");
@@ -166,7 +175,8 @@ sub test_chain {

    my $rule_num = search_rule(@_);

-    ok($rule_num,"[$vm_name] Expecting rule for $remote_ip -> $local_ip: $local_port") 
+    ok($rule_num,"[$vm_name] Expecting rule for $remote_ip -> $local_ip: $local_port")
+            or confess
        if $enabled;
    ok(!$rule_num,"[$vm_name] Expecting no rule for $remote_ip "
                        ."-> $local_ip: $local_port"
@@ -238,8 +248,10 @@ for my $vm_name (qw( Void KVM )) {
        flush_rules();

        my $domain_name = test_create_domain($vm_name);
+        test_fw_domain($vm_name, $domain_name, '127.0.0.1');
        test_fw_domain($vm_name, $domain_name);
        test_fw_domain_pause($vm_name, $domain_name);
+        test_fw_domain_public_ip($vm_name, $domain_name);

        test_fw_domain_down($vm_name);
    };

--- a/t/vm/v20_volatile_clones.t
+++ b/t/vm/v20_volatile_clones.t
@@ -400,8 +400,10 @@ sub test_ips {

        $vm->public_ip('');
        is($vm->public_ip,'');
+
+        $domain = Ravada::Domain->open($domain->id);
        for my $ip2 (@ips) {
-            is($vm->listen_ip($ip), $ip) or exit;
+            is($vm->listen_ip($ip2), $ip2) or exit;
            my $clone2 = $domain->clone(name => new_domain_name , user => user_admin
                ,remote_ip => $ip2
            );