def testBuildWarningTokens(self):
pol1 = windows_ipsec.WindowsIPSec(
policy.ParsePolicy(GOOD_HEADER + GOOD_SIMPLE_WARNING, self.naming),
EXP_INFO)
st, sst = pol1._BuildTokens()
self.assertEqual(st, SUPPORTED_TOKENS)
self.assertEqual(sst, SUPPORTED_SUB_TOKENS)
def testExpiredTerm(self, mock_warn):
windows_ipsec.WindowsIPSec(
policy.ParsePolicy(GOOD_HEADER + EXPIRED_TERM, self.naming),
EXP_INFO)
mock_warn.assert_called_once_with(
'WARNING: Term %s in policy %s is expired and '
'will not be rendered.', 'expired_test', 'test-filter')
def testExpiringTerm(self, mock_info):
exp_date = datetime.date.today() + datetime.timedelta(weeks=EXP_INFO)
windows_ipsec.WindowsIPSec(
policy.ParsePolicy(
GOOD_HEADER + EXPIRING_TERM % exp_date.strftime('%Y-%m-%d'),
self.naming), EXP_INFO)
mock_info.assert_called_once_with(
'INFO: Term %s in policy %s expires in '
'less than two weeks.', 'is_expiring', 'test-filter')
def testPolicy(self):
self.naming.GetNetAddr.return_value = [nacaddr.IP('10.0.0.0/8')]
self.naming.GetServiceByProto.return_value = ['25']
acl = windows_ipsec.WindowsIPSec(
policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_TCP, self.naming),
EXP_INFO)
result = str(acl)
self.assertTrue(['policy name=test-filter-policy assign=yes'], result,
'header')
self.naming.GetNetAddr.assert_called_once_with('PROD_NET')
self.naming.GetServiceByProto.assert_called_once_with('SMTP', 'tcp')
def testIcmp(self):
acl = windows_ipsec.WindowsIPSec(
policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_ICMP, self.naming),
EXP_INFO)
result = str(acl)
self.assertTrue([
'filterlist name=t_good-term-icmp-list',
'filteraction name=t_good-term-icmp-action action=permit',
'filter filterlist=t_good-term-icmp-list mirrored=yes srcaddr=any '
' dstaddr=any',
'rule name=t_good-term-icmp-rule policy=test-filter'
' filterlist=t_good-term-icmp-list'
' filteraction=t_good-term-icmp-action'
], result, 'good-term-icmp')
def testMultiprotocol(self):
acl = windows_ipsec.WindowsIPSec(
policy.ParsePolicy(GOOD_HEADER + MULTIPLE_PROTOCOLS_TERM,
self.naming), EXP_INFO)
result = str(acl)
self.assertTrue([
'filterlist name=t_multi-proto-list',
'filteraction name=t_multi-proto-action action=permit',
'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any '
' dstaddr=any protocol=tcp',
'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any '
' dstaddr=any protocol=udp',
'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any '
' dstaddr=any protocol=icmp',
'rule name=t_multi-proto-rule policy=test-filter'
' filterlist=t_multi-proto-list filteraction=t_multi-proto-action'
], result, 'multi-proto')
def testTcp(self):
self.naming.GetNetAddr.return_value = [nacaddr.IP('10.0.0.0/8')]
self.naming.GetServiceByProto.return_value = ['25']
acl = windows_ipsec.WindowsIPSec(
policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_TCP, self.naming),
EXP_INFO)
result = str(acl)
self.assertTrue([
'filteraction name=t_good-term-tcp-action action=permit',
'filter filterlist=t_good-term-tcp-list mirrored=yes srcaddr=any '
' dstaddr=10.0.0.0 dstmask=8 dstport=25',
'rule name=t_good-term-tcp-rule policy=test-filter'
' filterlist=t_good-term-tcp-list'
' filteraction=t_good-term-tcp-action'
], result, 'good-term-tcp')
self.naming.GetNetAddr.assert_called_once_with('PROD_NET')
self.naming.GetServiceByProto.assert_called_once_with('SMTP', 'tcp')
