[26-06-02 09:32:18] START switch_dnat scenario: cases/switch_dnat.sh header : verify dnat add-list-remove and nat table rule updates topology: sw1 192.58.0.1 -- UDP output --> sw2 192.58.0.2; +----------- DNAT example:80 -> 127.0.0.1:8080 topology: # Topology: topology: # - Diagram: topology: # sw1 192.58.0.1 -- UDP output --> sw2 192.58.0.2 topology: # | | topology: # +----------- DNAT example:80 -> 127.0.0.1:8080 topology: # - Docker mgmt network: 172.246.0.0/24 topology: # sw1=172.246.0.241, sw2=172.246.0.242. topology: # - OpenLAN service network "example": 192.58.0.0/24 topology: # sw1=192.58.0.1, sw2=192.58.0.2. topology: # Validation: topology: # start local 127.0.0.1:8080 service on sw2, map example:80 to 8080 by dnat, topology: # verify unreachable before dnat and reachable after dnat from sw1. Started switch pause container: tests-sw-dnat1-pause Started switch frr container: tests-sw-dnat1-frr Started switch ipsec container: tests-sw-dnat1-ipsec Started switch container: tests-sw-dnat1 [26-06-02 09:32:18][ASSERT#0001][expect] at cases/switch_dnat.sh:39 fn=setup_sw1 retry=30 cmd="docker logs -f tests-sw-dnat1" expect="Http.Start" 2026/06/02 09:32:19 INFO|root|Wait: ... 2026/06/02 09:32:19 INFO|root|UdpServer.Listen: udp://0.0.0.0:10002 2026/06/02 09:32:19 INFO|root|TcpServer.Listen: tcp://0.0.0.0:10002 2026/06/02 09:32:19 INFO|root|Http.Start 0.0.0.0:10000 [26-06-02 09:32:19][ASSERT#0001][OK] cost=1.027s [26-06-02 09:32:19][ASSERT#0002][cmd] at cases/switch_dnat.sh:41 fn=setup_sw1 cmd="docker exec tests-sw-dnat1 openlan crypt update --algorithm aes-128 --secret cb2ff088a34d" [26-06-02 09:32:20][ASSERT#0002][OK] cost=0.054s [26-06-02 09:32:20][ASSERT#0003][cmd] at cases/switch_dnat.sh:42 fn=setup_sw1 cmd="docker exec tests-sw-dnat1 openlan network --name example add --address 192.58.0.1/24" [26-06-02 09:32:20][ASSERT#0003][OK] cost=0.248s [26-06-02 09:32:20][ASSERT#0004][cmd] at cases/switch_dnat.sh:43 fn=setup_sw1 cmd="docker exec tests-sw-dnat1 openlan user add --name t1@example --password 123456" # total 1 username password role lease t1@example 123456 guest 2027-06-02T09 [26-06-02 09:32:20][ASSERT#0004][OK] cost=0.059s Started switch pause container: tests-sw-dnat2-pause Started switch frr container: tests-sw-dnat2-frr Started switch ipsec container: tests-sw-dnat2-ipsec Started switch container: tests-sw-dnat2 [26-06-02 09:32:21][ASSERT#0005][expect] at cases/switch_dnat.sh:52 fn=setup_sw2 retry=30 cmd="docker logs -f tests-sw-dnat2" expect="Http.Start" 2026/06/02 09:32:21 INFO|root|Wait: ... 2026/06/02 09:32:21 INFO|root|UdpServer.Listen: udp://0.0.0.0:10002 2026/06/02 09:32:21 INFO|root|TcpServer.Listen: tcp://0.0.0.0:10002 2026/06/02 09:32:21 INFO|root|Http.Start 0.0.0.0:10000 [26-06-02 09:32:22][ASSERT#0005][OK] cost=1.034s [26-06-02 09:32:22][ASSERT#0006][cmd] at cases/switch_dnat.sh:54 fn=setup_sw2 cmd="docker exec tests-sw-dnat2 openlan crypt update --algorithm aes-128 --secret cb2ff088a34d" [26-06-02 09:32:22][ASSERT#0006][OK] cost=0.073s [26-06-02 09:32:22][ASSERT#0007][cmd] at cases/switch_dnat.sh:55 fn=setup_sw2 cmd="docker exec tests-sw-dnat2 openlan network --name example add --address 192.58.0.2/24" [26-06-02 09:32:22][ASSERT#0007][OK] cost=0.249s [26-06-02 09:32:22][ASSERT#0008][cmd] at cases/switch_dnat.sh:56 fn=setup_sw2 cmd="docker exec tests-sw-dnat2 openlan user add --name t1@example --password 123456" # total 1 username password role lease t1@example 123456 guest 2027-06-02T09 [26-06-02 09:32:22][ASSERT#0008][OK] cost=0.062s [26-06-02 09:32:22][ASSERT#0009][cmd] at cases/switch_dnat.sh:57 fn=setup_sw2 cmd="docker exec tests-sw-dnat2 openlan network --name example output add --remote 172.246.0.241 --protocol udp --secret t1:123456 --crypt aes-128:cb2ff088a34d" [26-06-02 09:32:22][ASSERT#0009][OK] cost=0.068s [26-06-02 09:32:22][ASSERT#0010][cmd] at cases/switch_dnat.sh:61 fn=setup_http cmd="docker exec tests-sw-dnat2 sh -c nohup sh -c 'while true; do printf "HTTP/1.1 200 OK\r\nContent-Length: 9\r\n\r\nport-8080" | socat - TCP-LISTEN:8080,bind=127.0.0.1,reuseaddr; done' >/tmp/dnat-8080.log 2>&1 &" [26-06-02 09:32:22][ASSERT#0010][OK] cost=0.058s [26-06-02 09:32:22][ASSERT#0011][cmd] at cases/switch_dnat.sh:65 fn=test_dnat_add_and_reachability cmd="docker exec tests-sw-dnat2 sysctl -w net.ipv4.conf.all.route_localnet=1" net.ipv4.conf.all.route_localnet = 1 [26-06-02 09:32:22][ASSERT#0011][OK] cost=0.043s [26-06-02 09:32:22][ASSERT#0012][match] at cases/switch_dnat.sh:66 fn=test_dnat_add_and_reachability retry=15 cmd="docker exec tests-sw-dnat1 openlan network --name example access ls" expect="172.246.0.242" # total 1 uuid alive device alias user remote network state ep3z07pPjKPTa 0m0s tap0 1a57a8dd6f18 t1 172.246.0.242:36524 example authenticated [26-06-02 09:32:22][ASSERT#0012][OK] cost=0.061s [26-06-02 09:32:22][ASSERT#0013][match] at cases/switch_dnat.sh:67 fn=test_dnat_add_and_reachability retry=5 cmd="docker exec tests-sw-dnat1 ping -c 3 192.58.0.2" expect="bytes from" PING 192.58.0.2 (192.58.0.2) 56(84) bytes of data. 64 bytes from 192.58.0.2: icmp_seq=1 ttl=64 time=1.02 ms 64 bytes from 192.58.0.2: icmp_seq=2 ttl=64 time=1.75 ms 64 bytes from 192.58.0.2: icmp_seq=3 ttl=64 time=1.16 ms --- 192.58.0.2 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms [26-06-02 09:32:29][ASSERT#0013][OK] cost=6.224s [26-06-02 09:32:29][ASSERT#0014][unmatch] at cases/switch_dnat.sh:70 fn=test_dnat_add_and_reachability retry=5 cmd="docker exec tests-sw-dnat1 wget -qO- -T 3 -t 1 http://192.58.0.2:80" unexpected="port-8080" Last output: [26-06-02 09:32:34][ASSERT#0014][OK] cost=5.290s [26-06-02 09:32:34][ASSERT#0015][cmd] at cases/switch_dnat.sh:73 fn=test_dnat_add_and_reachability cmd="docker exec tests-sw-dnat2 openlan network --name example dnat add --protocol tcp --dest 192.58.0.2 --dport 80 --todest 127.0.0.1 --todport 8080" [26-06-02 09:32:34][ASSERT#0015][OK] cost=0.070s [26-06-02 09:32:34][ASSERT#0016][match] at cases/switch_dnat.sh:74 fn=test_dnat_add_and_reachability retry=15 cmd="docker exec tests-sw-dnat2 openlan network --name example dnat ls" expect="todport: 8080" dport: 80 protocol: tcp todestination: 127.0.0.1 todport: 8080 [26-06-02 09:32:34][ASSERT#0016][OK] cost=0.066s [26-06-02 09:32:34][ASSERT#0017][match] at cases/switch_dnat.sh:75 fn=test_dnat_add_and_reachability retry=15 cmd="docker exec tests-sw-dnat2 iptables -t nat -S TT_example_DNAT " expect="DNAT tcp:192.58.0.2:80" -N TT_example_DNAT -A TT_example_DNAT -d 192.58.0.2/32 -p tcp -m tcp --dport 80 -m comment --comment "DNAT tcp:192.58.0.2:80" -j DNAT --to-destination 127.0.0.1:8080 [26-06-02 09:32:34][ASSERT#0017][OK] cost=0.059s [26-06-02 09:32:34][ASSERT#0018][match] at cases/switch_dnat.sh:77 fn=test_dnat_add_and_reachability retry=15 cmd="docker exec tests-sw-dnat1 wget -qO- -T 3 -t 1 http://192.58.0.2:80" expect="port-8080" port-8080 [26-06-02 09:32:34][ASSERT#0018][OK] cost=0.076s [26-06-02 09:32:34][ASSERT#0019][cmd] at cases/switch_dnat.sh:79 fn=test_dnat_add_and_reachability cmd="docker exec tests-sw-dnat1 openlan reload --save" Save configuraion ... success # reloading pid:43 .... PID 43 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 # max wait 60s... # during 1s, new pid:516 ... PID 516 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 [26-06-02 09:32:35][ASSERT#0019][OK] cost=1.064s [26-06-02 09:32:35][ASSERT#0020][cmd] at cases/switch_dnat.sh:80 fn=test_dnat_add_and_reachability cmd="docker exec tests-sw-dnat2 openlan reload --save" Save configuraion ... success # reloading pid:43 .... PID 43 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 # max wait 60s... # during 1s, new pid:530 ... PID 530 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 [26-06-02 09:32:36][ASSERT#0020][OK] cost=1.064s [26-06-02 09:32:36][ASSERT#0021][match] at cases/switch_dnat.sh:81 fn=test_dnat_add_and_reachability retry=15 cmd="docker exec tests-sw-dnat2 openlan network --name example dnat ls" expect="todport: 8080" dport: 80 protocol: tcp todestination: 127.0.0.1 todport: 8080 [26-06-02 09:32:37][ASSERT#0021][OK] cost=1.140s [26-06-02 09:32:37][ASSERT#0022][match] at cases/switch_dnat.sh:82 fn=test_dnat_add_and_reachability retry=15 cmd="docker exec tests-sw-dnat2 iptables -t nat -S TT_example_DNAT " expect="DNAT tcp:192.58.0.2:80" -N TT_example_DNAT -A TT_example_DNAT -d 192.58.0.2/32 -p tcp -m tcp --dport 80 -m comment --comment "DNAT tcp:192.58.0.2:80" -j DNAT --to-destination 127.0.0.1:8080 [26-06-02 09:32:37][ASSERT#0022][OK] cost=0.053s [26-06-02 09:32:37][ASSERT#0023][match] at cases/switch_dnat.sh:83 fn=test_dnat_add_and_reachability retry=15 cmd="docker exec tests-sw-dnat1 wget -qO- -T 3 -t 1 http://192.58.0.2:80" expect="port-8080" port-8080 [26-06-02 09:32:46][ASSERT#0023][OK] cost=8.187s [26-06-02 09:32:46][ASSERT#0024][cmd] at cases/switch_dnat.sh:87 fn=test_dnat_remove cmd="docker exec tests-sw-dnat2 openlan network --name example dnat rm --protocol tcp --dest 192.58.0.2 --dport 80" [26-06-02 09:32:46][ASSERT#0024][OK] cost=0.105s [26-06-02 09:32:46][ASSERT#0025][unmatch] at cases/switch_dnat.sh:89 fn=test_dnat_remove retry=3 cmd="docker exec tests-sw-dnat2 openlan network --name example dnat ls" unexpected="dport: 80" Last output: null [26-06-02 09:32:49][ASSERT#0025][OK] cost=3.203s [26-06-02 09:32:49][ASSERT#0026][unmatch] at cases/switch_dnat.sh:90 fn=test_dnat_remove retry=5 cmd="docker exec tests-sw-dnat1 wget -qO- -T 3 -t 1 http://192.58.0.2:80" unexpected="port-8080" Last output: [26-06-02 09:32:54][ASSERT#0026][OK] cost=5.324s [26-06-02 09:32:54][ASSERT#0027][cmd] at cases/switch_dnat.sh:92 fn=test_dnat_remove cmd="docker exec tests-sw-dnat1 openlan reload --save" Save configuraion ... success # reloading pid:516 .... PID 516 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 # max wait 60s... # during 1s, new pid:742 ... PID 742 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 [26-06-02 09:32:55][ASSERT#0027][OK] cost=1.076s [26-06-02 09:32:55][ASSERT#0028][cmd] at cases/switch_dnat.sh:93 fn=test_dnat_remove cmd="docker exec tests-sw-dnat2 openlan reload --save" Save configuraion ... success # reloading pid:530 .... PID 530 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 # max wait 60s... # during 1s, new pid:784 ... PID 784 CMD: /usr/bin/openlan-switch -conf:dir /etc/openlan/switch -log:level 20 [26-06-02 09:32:56][ASSERT#0028][OK] cost=1.064s [26-06-02 09:32:56][ASSERT#0029][unmatch] at cases/switch_dnat.sh:94 fn=test_dnat_remove retry=3 cmd="docker exec tests-sw-dnat2 openlan network --name example dnat ls" unexpected="dport: 80" Last output: null [26-06-02 09:33:00][ASSERT#0029][OK] cost=3.218s [26-06-02 09:33:00][ASSERT#0030][unmatch] at cases/switch_dnat.sh:95 fn=test_dnat_remove retry=5 cmd="docker exec tests-sw-dnat1 wget -qO- -T 3 -t 1 http://192.58.0.2:80" unexpected="port-8080" Last output: [26-06-02 09:33:09][ASSERT#0030][OK] cost=9.393s [26-06-02 09:33:10] END switch_dnat status=PASS cost=52.139s