[cacl] Update DHCP rules per change in caclmgrd (#1925)

Update control plane application test to reflect the changes made to DHCP rules in sonic-net/sonic-buildimage#4995 (i.e., no longer filtering on source port).
sonic-net · Jul 18, 2020 · 268c57a · 268c57a
1 parent e98c12a
commit 268c57a
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/tests/cacl/test_cacl_application.py b/tests/cacl/test_cacl_application.py
@@ -192,12 +192,12 @@ def generate_expected_rules(duthost):
  ip6tables_rules.append("-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 134 -j ACCEPT")
 
  # Allow all incoming IPv4 DHCP packets
- iptables_rules.append("-A INPUT -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT")
- ip6tables_rules.append("-A INPUT -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT")
+ iptables_rules.append("-A INPUT -p udp -m udp --dport 67:68 -j ACCEPT")
+ ip6tables_rules.append("-A INPUT -p udp -m udp --dport 67:68 -j ACCEPT")
 
  # Allow all incoming IPv6 DHCP packets
- iptables_rules.append("-A INPUT -p udp -m udp --sport 546:547 --dport 546:547 -j ACCEPT")
- ip6tables_rules.append("-A INPUT -p udp -m udp --sport 546:547 --dport 546:547 -j ACCEPT")
+ iptables_rules.append("-A INPUT -p udp -m udp --dport 546:547 -j ACCEPT")
+ ip6tables_rules.append("-A INPUT -p udp -m udp --dport 546:547 -j ACCEPT")
 
  # Allow all incoming BGP traffic
  iptables_rules.append("-A INPUT -p tcp -m tcp --dport 179 -j ACCEPT")