Bug #3198
【c系统】 L2TPVPN测试失败
100%
Description
【操作路径】:
1、添加L2TP实例
gdbus call -y -d com.cuc.igd1 -o /com/cuc/igd1/Firewall/L2TPVPN -m com.cuc.igd1.ObjectManager.AddObject
2、执行命令:
dbus-send --system --type=method_call --print-reply --dest=com.cuc.igd1 /com/cuc/igd1/Firewall/L2TPVPN com.cuc.igd1.ObjectManager.GetManagedObjects
3、添加ipset
gdbus call -y -d com.cuc.igd1 -o /com/cuc/igd1/Firewall/IPSet -m com.cuc.igd1.IPSet.AddIPSet '[("L2tpUser_BJ", 1, 2, "hash:ip", 3, ["23.59.83.168","151.101.2.133","151.101.66.133"])]'
4、gdbus call -y -d com.cuc.igd1 -o /com/cuc/igd1/Firewall/L2TPVPN/1 -m com.cuc.igd1.Properties.SetValues "com.cuc.igd1.L2TPVPN" "{'Name': <'L2tpUser_BJ'>, 'Enable': <byte 0x01>, 'DestPort': <uint32 1701>, 'InsAddress': <'220.250.74.57'>, 'UserName': <'L2tpUser_BJ'>, 'word': <'4r2MD51mn4aOmY'>, 'Operate': <byte 0x00>, 'SetName': <['L2tpUser_BJ']>}"
5打开besttrace工具后选择点击路由跟踪。输入步骤3添加的ipset,点击开始,查看请求连接跳转列表。
【实际结果】:
步骤1,命令能正常执行,能成功添加L2TP实例
步骤2,命令能正常执行
步骤3,命令能正常执行,能成功添加ipset
步骤4,命令能正常执行
步骤5,可以查看到请求连接跳转列表中有:AS9929标识。
【预期结果】
步骤5 ,未走VPN通道,无AS9929标识,
dbus-send --system --type=method_call --print-reply --dest=com.cuc.igd1 /com/cuc/igd1/Firewall/L2TPVPN com.cuc.igd1.ObjectManager.GetManagedObjects查看password为空
method return time=1739173171.389713 sender=:1.0 -> destination=:1.63 serial=3039 reply_serial=2
array [
dict entry(
object path "/com/cuc/igd1/Firewall/L2TPVPN/1"
array [
dict entry(
string "com.cuc.igd1.L2TPVPN"
array [
dict entry(
string "Name"
variant string "L2tpUser_BJ"
)
dict entry(
string "Enable"
variant byte 1
)
dict entry(
string "InsAddress"
variant string "220.250.74.57"
)
dict entry(
string "DestPort"
variant uint32 1701
)
dict entry(
string "UserName"
variant string "L2tpUser_BJ"
)
dict entry(
string "Password"
variant string ""
)
dict entry(
string "Operate"
variant byte 0
)
dict entry(
string "SetName"
variant array [
string "L2tpUser_BJ"
]
)
]
)
]
)
]