Beispiel #1
0
    def test_ban(self):
        ''' Create a ban and remove it. '''

        ban = IPTablesCommandBanEntry(BAN_IP)
        ban.ban(interface=INTERFACE)

        status, output = commands.getstatusoutput("/sbin/iptables -L -n")
        self.assertEqual(status, 0, 
                         msg="Failed to run iptables command: %s" % output)
        self.assertIn(BAN_IP, output, msg="IP address not banned")
        ban.unban(interface=INTERFACE)
        status, output = commands.getstatusoutput("/sbin/iptables -L -n")
        self.assertNotIn(BAN_IP, output, msg="IP address was not unbanned")
Beispiel #2
0
    def test_whitelist_notwhitelisted(self):
        ''' Test the unwhitelisting of an IP to ensure it isn't whitelisted '''

        lock = threading.Lock()
        ban_fetcher = BanFetcher(BINDSTRING, INTERFACE, BAN_BACKEND,
                                 ["10.0.220.1", "10.0.222.1/24"], lock)

        # An address that should be banned
        self.assertTrue(ban_fetcher.subscription(
            ("swabber_bans", "10.0.220.2")),
                        msg="Unwhitelisted IP was whitelisted")

        # clean up after ourselves
        ban = IPTablesCommandBanEntry("10.0.220.2")
        ban.unban(interface=INTERFACE)
Beispiel #3
0
    def test_clean(self):
        ''' Test the cleaning of bans after a very short time window '''

        ban_len = 1
        ban = IPTablesCommandBanEntry(BAN_IP)
        ban.ban(INTERFACE)
        time.sleep(ban_len*2)

        cleaner = BanCleaner(ban_len, BAN_BACKEND, threading.Lock(), INTERFACE)
        cleaner.clean_bans(INTERFACE)

        status, output = commands.getstatusoutput("/sbin/iptables -L -n")
        self.assertEqual(status, 0, 
                         msg="Failed to run iptables command: %s" % output)
        self.assertNotIn(BAN_IP, output, msg="Ban was not reset by cleaner")
Beispiel #4
0
    def test_clean(self):
        ''' Test the cleaning of bans after a very short time window '''

        ban_len = 1
        ban = IPTablesCommandBanEntry(BAN_IP)
        ban.ban(INTERFACE)
        time.sleep(ban_len * 2)

        cleaner = BanCleaner(ban_len, BAN_BACKEND, threading.Lock(), INTERFACE)
        cleaner.clean_bans(INTERFACE)

        status, output = commands.getstatusoutput("/sbin/iptables -L -n")
        self.assertEqual(status,
                         0,
                         msg="Failed to run iptables command: %s" % output)
        self.assertNotIn(BAN_IP, output, msg="Ban was not reset by cleaner")
Beispiel #5
0
    def test_whitelist_notwhitelisted(self): 
        ''' Test the unwhitelisting of an IP to ensure it isn't whitelisted '''

        lock = threading.Lock()
        ban_fetcher = BanFetcher(BINDSTRING, INTERFACE,
                                 BAN_BACKEND, ["10.0.220.1", "10.0.222.1/24"],
                                 lock)

        # An address that should be banned
        self.assertTrue(
            ban_fetcher.subscription(("swabber_bans", "10.0.220.2")), 
            msg="Unwhitelisted IP was whitelisted")

        # clean up after ourselves
        ban = IPTablesCommandBanEntry("10.0.220.2")
        ban.unban(interface=INTERFACE)
Beispiel #6
0
    def test_ban(self):
        ''' Create a ban and remove it. '''

        ban = IPTablesCommandBanEntry(BAN_IP)
        ban.ban(interface=INTERFACE)

        status, output = commands.getstatusoutput("/sbin/iptables -L -n")
        self.assertEqual(status,
                         0,
                         msg="Failed to run iptables command: %s" % output)
        self.assertIn(BAN_IP, output, msg="IP address not banned")
        ban.unban(interface=INTERFACE)
        status, output = commands.getstatusoutput("/sbin/iptables -L -n")
        self.assertNotIn(BAN_IP, output, msg="IP address was not unbanned")