This test aims to ensure that a configured Control Plane Access List (CACL) is able to DROP incoming packets from specified incoming IP addresses using a variety of protocols such as SSH, SNMP, and NTP.
- Test that SNMP works initially, before CACL configuration
- Send NTP request initially, before CACL configuration
- Copy CACL config shell file to DUT and run file
- Once the CACL is configured, it stays active for 2 mintues before being automatically removed
- Have localhost wait for the SSH port on the DUT to be stopped. Test will fail if the port doesn't stop
- This confirms that the CACL has been configured
- Check that the SSH port is up expecting a
Falseresult - Send SNMP request expecting no response from the DUT
- Send NTP request expecting an exception
- Have localhost wait for CACL to be removed
- Delete config file from the dut
- Send SNMP request and ensure that a response is sent
- Send NTP request and expect no exception