Beispiel #1
0
 def test_print_group_transport(self):
     source = TransportGroup(name='source')
     destination = TransportGroup(name='destination')
     transport = TransportLayer(source=source, destination=destination)
     ace = Ace(transport=transport)
     expected = 'permit tcp/udp 0.0.0.0/0 source 0.0.0.0/0 destination'
     assert_equals(ace.print_group(), expected)
Beispiel #2
0
 def test_permits_ace_transport(self):
     acl = Acl()
     ace = Ace(transport=22)
     acl.add(ace)
     assert_true(acl.permits(ace))
     assert_true(acl.permits(Ace(transport='tcp 22')))
     assert_true(acl.permits(Ace(transport='udp 22')))
Beispiel #3
0
 def test_permits_acl_transport_tcp(self):
     acl01 = Acl()
     acl02 = Acl()
     acl01.add(Ace(transport='tcp 22'))
     acl02.add(Ace(transport='tcp 1-22'))
     assert_true(acl02.permits(acl01))
     assert_false(acl01.permits(acl02))
Beispiel #4
0
 def test_denies_ace_transport(self):
     acl = Acl()
     ace = Ace(transport=22)
     acl.add(ace)
     assert_false(acl.denies(ace))
     assert_false(acl.denies(Ace(transport='tcp 22')))
     assert_false(acl.denies(Ace(transport='udp 22')))
Beispiel #5
0
 def test_print_group_network(self):
     source = NetworkGroup(name='source')
     destination = NetworkGroup(name='destination')
     network = NetworkLayer(source=source, destination=destination)
     ace = Ace(network=network)
     expected = 'permit ip source destination'
     assert_equals(ace.print_group(), expected)
Beispiel #6
0
 def test_remove_invalid(self):
     acl = Acl()
     acl.add(Ace())
     assert_raises(ValueError, acl.remove, Ace(permit=False))
     invalid_types = (False, 2, 'invalid')
     for value in invalid_types:
         assert_raises(TypeError, acl.remove, value)
Beispiel #7
0
 def test_denies_acl_transport_udp(self):
     acl01 = Acl()
     acl02 = Acl()
     acl01.add(Ace(transport='udp 22'))
     acl02.add(Ace(transport='udp 1-22'))
     assert_false(acl02.denies(acl01))
     assert_true(acl01.denies(acl02))
Beispiel #8
0
 def test_print_group_transport(self):
     source = TransportGroup(name='source')
     destination = TransportGroup(name='destination')
     transport = TransportLayer(source=source, destination=destination)
     ace = Ace(transport=transport)
     expected = 'permit tcp/udp 0.0.0.0/0 source 0.0.0.0/0 destination'
     assert_equals(ace.print_group(), expected)
Beispiel #9
0
 def test_print_group_network(self):
     source = NetworkGroup(name='source')
     destination = NetworkGroup(name='destination')
     network = NetworkLayer(source=source, destination=destination)
     ace = Ace(network=network)
     expected = 'permit ip source destination'
     assert_equals(ace.print_group(), expected)
Beispiel #10
0
 def test_ineqaulity(self):
     acl01 = Acl()
     acl01.add(Ace(logging=2))
     acl02 = Acl()
     assert_not_equals(acl01, acl02)
     acl02.add(Ace())
     assert_not_equals(acl01, acl02)
Beispiel #11
0
 def test_default_denies_network(self):
     acl01 = Acl()
     acl02 = Acl()
     acl02.add(Ace(network='1.2.3.4/24 4.5.6.7/24'))
     acl01.add(Ace(network='8.2.3.4 4.5.6.7'))
     assert_true(acl02.denies(acl01))
     acl01.default_permit = True
     assert_false(acl01.denies(acl02))
Beispiel #12
0
 def test_default_denies_transport(self):
     acl01 = Acl()
     acl02 = Acl()
     acl01.add(Ace(transport='22'))
     acl02.add(Ace(transport='1-22'))
     assert_true(acl01.denies(acl02))
     acl01.default_permit = True
     assert_false(acl01.denies(acl02))
Beispiel #13
0
 def test_permits_acl_network(self):
     acl01 = Acl()
     acl02 = Acl()
     acl01.add(Ace(network='1.2.3.4 4.5.6.7'))
     acl02.add(Ace(network='1.2.3.4/24 4.5.6.7/24'))
     assert_true(acl02.permits(acl01))
     assert_false(acl01.permits(acl02))
     acl01.add(Ace(network='8.2.3.4 4.5.6.7'))
     assert_false(acl02.permits(acl01))
Beispiel #14
0
 def test_eqaulity(self):
     aces = list()
     for index in range(2):
         ace = Ace()
         ace.network = NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24')
         ace.transport = TransportLayerBuilder.build('tcp 1024 65535 22 22')
         ace.logging = LoggingFacility.from_string('warning')
         aces.append(ace)
     assert_equals(aces[0], aces[1])
Beispiel #15
0
 def test_eqaulity(self):
     aces = list()
     for index in range(2):
         ace = Ace()
         ace.network = NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24')
         ace.transport = TransportLayerBuilder.build('tcp 1024 65535 22 22')
         ace.logging = LoggingFacility.from_string('warning')
         aces.append(ace)
     assert_equals(aces[0], aces[1])
Beispiel #16
0
 def test_add(self):
     acl = Acl()
     acl.add(Ace())
     assert_equals(len(acl), 1)
     assert_equals(acl[-1]._line_number, 1)
     acl.add(Ace())
     assert_equals(len(acl), 1)
     assert_equals(acl[-1]._line_number, 1)
     acl.add(Ace(logging=2))
     assert_equals(acl[-1]._line_number, 2)
Beispiel #17
0
 def test_str(self):
     acl = Acl('test01')
     expected = 'Acl test01 #0'
     assert_equals(acl.__str__(), expected)
     acl.add(Ace(permit=False, network='1.2.3.0/24 4.5.6.0/24'))
     expected = 'Acl test01 #1\n\tdeny ip 1.2.3.0/24 4.5.6.0/24'
     assert_equals(acl.__str__(), expected)
Beispiel #18
0
 def test_contains(self):
     ace = Ace()
     assert_in(ace, Ace())
     ace = Ace(network=NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24'))
     assert_in(ace, Ace())
     ace = Ace(
         transport=TransportLayerBuilder.build('tcp 1024 65535 22 22'))
     assert_in(ace, Ace())
     ace = Ace(logging=2)
     assert_in(ace, Ace(logging=3))
Beispiel #19
0
 def test_ineqaulity(self):
     ace = Ace()
     ace.network = NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24')
     ace.transport = TransportLayerBuilder.build('tcp 1024 65535 22 22')
     ace.logging = LoggingFacility.from_string('warning')
     assert_not_equals(Ace(), ace)
     assert_not_equals(Ace(permit=False), Ace())
     assert_not_equals(Ace(logging=1), Ace())
     ace = Ace()
     ace.network = NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24')
     assert_not_equals(ace, Ace())
     ace = Ace()
     ace.transport = TransportLayerBuilder.build('tcp 1024 65535 22 22')
     assert_not_equals(ace, Ace())
Beispiel #20
0
 def test_denies_ace_default_permit(self):
     acl = Acl(default_permit=True)
     assert_false(acl.denies(Ace()))
     acl.add(Ace(network='1.2.3.0/24 4.5.6.0/24'))
     assert_false(acl.denies(Ace(network='4.5.6.7 1.2.3.4')))
     acl.remove(Ace(network='1.2.3.0/24 4.5.6.0/24'))
     acl.add(Ace(permit=False, network='1.2.3.0/24 4.5.6.0/24'))
     assert_false(acl.denies(Ace(network='1.2.3.4 4.5.6.7')))
Beispiel #21
0
 def test_denies_acl_transport(self):
     acl01 = Acl()
     acl02 = Acl()
     acl01.add(Ace(transport='22'))
     acl02.add(Ace(transport='1-22'))
     assert_false(acl02.denies(acl01))
     assert_true(acl01.denies(acl02))
     acl01.remove(Ace(transport='22'))
     acl01.add(Ace(transport='tcp 22'))
     acl01.add(Ace(transport='udp 22'))
     assert_false(acl02.denies(acl01))
     acl01.add(Ace(transport='tcp 23'))
     assert_true(acl02.denies(acl01))
Beispiel #22
0
 def test_str_unnamed_groups_full_transport(self):
     ace = Ace(network='1.2.3.4 5.6.7.8')
     ace.transport = 'tcp 1-21 22-22'
     expected = 'permit tcp 1.2.3.4/32 1-21 5.6.7.8/32 22'
     assert_equals(ace.__str__(), expected)
Beispiel #23
0
 def test_str_unnamed_groups_destination_transport(self):
     ace = Ace(network='1.2.3.4 5.6.7.8', transport=22)
     expected = 'permit tcp/udp 1.2.3.4/32 5.6.7.8/32 22'
     assert_equals(ace.__str__(), expected)
Beispiel #24
0
 def test_str_unnamed_groups_full_transport(self):
     ace = Ace(network='1.2.3.4 5.6.7.8')
     ace.transport = 'tcp 1-21 22-22'
     expected = 'permit tcp 1.2.3.4/32 1-21 5.6.7.8/32 22'
     assert_equals(ace.__str__(), expected)
Beispiel #25
0
 def test_getitem(self):
     acl = Acl()
     ace = Ace()
     acl.add(ace)
     assert_equals(id(acl[0]), id(ace))
Beispiel #26
0
 def test_remove(self):
     acl = Acl()
     acl.add(Ace())
     acl.remove(Ace())
     assert_equals(len(acl), 0)
Beispiel #27
0
 def test_denies_ace(self):
     acl = Acl()
     assert_true(acl.denies(Ace()))
     acl.add(Ace())
     assert_false(acl.denies(Ace()))
     acl.remove(Ace())
Beispiel #28
0
 def test_str_default(self):
     expected = 'permit ip 0.0.0.0/0 0.0.0.0/0'
     ace = Ace()
     assert_equals(ace.__str__(), expected)
Beispiel #29
0
 def setup(self):
     self.ace = Ace()
     self.network_layer = NetworkLayer()
     self.transport_layer = TransportLayer()
Beispiel #30
0
 def test_str_deny(self):
     ace = Ace(permit=False, network='1.2.3.4 5.6.7.8')
     expected = 'deny ip 1.2.3.4/32 5.6.7.8/32'
     assert_equals(ace.__str__(), expected)
Beispiel #31
0
 def test_permits_ace_networks(self):
     acl = Acl()
     acl.add(Ace(network='1.2.3.0/24 4.5.6.0/24'))
     assert_true(acl.permits(Ace(network='1.2.3.4 4.5.6.7')))
Beispiel #32
0
 def test_str_unnamed_groups_default_udp_transport(self):
     ace = Ace(network='1.2.3.4 5.6.7.8', transport='udp 1-65535 1-65535')
     expected = 'permit udp 1.2.3.4/32 5.6.7.8/32'
     assert_equals(ace.__str__(), expected)
Beispiel #33
0
 def test_str_unnamed_groups_default_udp_transport(self):
     ace = Ace(network='1.2.3.4 5.6.7.8', transport='udp 1-65535 1-65535')
     expected = 'permit udp 1.2.3.4/32 5.6.7.8/32'
     assert_equals(ace.__str__(), expected)
Beispiel #34
0
 def test_add_invalid(self):
     acl = Acl()
     invalid_types = (False, 2, 'invalid')
     for value in invalid_types:
         assert_raises(TypeError, acl.add, value)
     assert_raises(ValueError, acl.add, Ace(), 2)
Beispiel #35
0
 def test_denies_ace_networks(self):
     acl = Acl()
     acl.add(Ace(network='1.2.3.0/24 4.5.6.0/24'))
     assert_false(acl.denies(Ace(network='1.2.3.4 4.5.6.7')))
Beispiel #36
0
 def test_str_deny(self):
     ace = Ace(permit=False, network='1.2.3.4 5.6.7.8')
     expected = 'deny ip 1.2.3.4/32 5.6.7.8/32'
     assert_equals(ace.__str__(), expected)
Beispiel #37
0
class TestAce(object):

    def setup(self):
        self.ace = Ace()
        self.network_layer = NetworkLayer()
        self.transport_layer = TransportLayer()

    def test_initialization_default(self):
        assert_equals(self.ace.network, NetworkLayer())
        assert_equals(self.ace.transport, None)
        assert_equals(self.ace.logging, LoggingFacility())

    def test_network_getter(self):
        assert_equals(self.ace.network, self.network_layer)

    def test_network_setter(self):
        self.ace.network = None
        assert_equals(self.ace.network, NetworkLayer())
        source = '1.2.3.0/24'
        destination = '5.6.0.0/16'
        nl = NetworkLayer.from_string('{} {}'.format(source, destination))
        self.ace.network = NetworkLayer.from_string('{} {}'.format(source, destination))
        assert_equals(self.ace.network, nl)
        assert_equals(self.ace.network.source, source)
        assert_equals(self.ace.network.destination, destination)

    def test_network_setter_invalid(self):
        invalid_types = (1, True)
        invalid_values = ('1.2.3.0/24', '1', '2 3')
        for value in invalid_types:
            assert_raises(TypeError, setattr, self.ace, 'network', value)
        for value in invalid_values:
            assert_raises(ValueError, setattr, self.ace, 'network', value)

    def test_transport_getter(self):
        assert_equals(self.ace.transport, None)
        self.ace.transport = TransportLayer()
        assert_equals(self.ace.transport, self.transport_layer)

    def test_transport_setter(self):
        self.ace.transport = None
        assert_equals(self.ace.transport, None)
        nl = TransportLayerBuilder.build('tcp 1 2 3 4')
        self.ace.transport = TransportLayerBuilder.build('tcp 1 2 3 4')
        assert_in(nl, self.ace.transport)

    def test_transport_setter_invalid(self):
        invalid_types = (True, )
        invalid_values = ('1.2.3.0/24', )
        for value in invalid_types:
            assert_raises(TypeError, setattr, self.ace, 'transport', value)
        for value in invalid_values:
            assert_raises(ValueError, setattr, self.ace, 'transport', value)

    def test_logging_getter(self):
        self.logging = 2
        assert_equals(self.logging, LoggingFacility(2))

    def test_logging_setter(self):
        for value in (LoggingFacility(2), 2, 'critical'):
            self.ace.logging = value
            assert_equals(self.ace.logging, LoggingFacility(2))
            assert_not_equals(self.ace.logging, LoggingFacility(3))
            assert_not_equals(self.ace.logging, LoggingFacility(1))

    def test_logging_setter_invalid(self):
        invalid_types = (True, )
        invalid_values = ('invalid', )
        for value in invalid_types:
            assert_raises(TypeError, setattr, self.ace, 'logging', value)
        for value in invalid_values:
            assert_raises(ValueError, setattr, self.ace, 'logging', value)

    def test_eqaulity(self):
        aces = list()
        for index in range(2):
            ace = Ace()
            ace.network = NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24')
            ace.transport = TransportLayerBuilder.build('tcp 1024 65535 22 22')
            ace.logging = LoggingFacility.from_string('warning')
            aces.append(ace)
        assert_equals(aces[0], aces[1])

    def test_eqaulity_invalid(self):
        invalid_types = (True, 2, 'invalid')
        for value in invalid_types:
            assert_raises(TypeError, self.ace.__eq__, value)

    def test_ineqaulity(self):
        ace = Ace()
        ace.network = NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24')
        ace.transport = TransportLayerBuilder.build('tcp 1024 65535 22 22')
        ace.logging = LoggingFacility.from_string('warning')
        assert_not_equals(Ace(), ace)
        assert_not_equals(Ace(permit=False), Ace())
        assert_not_equals(Ace(logging=1), Ace())
        ace = Ace()
        ace.network = NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24')
        assert_not_equals(ace, Ace())
        ace = Ace()
        ace.transport = TransportLayerBuilder.build('tcp 1024 65535 22 22')
        assert_not_equals(ace, Ace())

    def test_ineqaulity_invalid(self):
        invalid_types = (True, 2, 'invalid')
        for value in invalid_types:
            assert_raises(TypeError, self.ace.__ne__, value)

    def test_contains(self):
        ace = Ace()
        assert_in(ace, Ace())
        ace = Ace(network=NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24'))
        assert_in(ace, Ace())
        ace = Ace(transport=TransportLayerBuilder.build('tcp 1024 65535 22 22'))
        assert_in(ace, Ace())
        ace = Ace(logging=2)
        assert_in(ace, Ace(logging=3))

    def test_not_contains(self):
        ace = Ace(network=NetworkLayer.from_string('1.2.3.0/24 2.3.4.0/24'))
        assert_not_in(Ace(), ace)
        ace = Ace(transport=TransportLayerBuilder.build('tcp 1024 65535 22 22'))
        assert_not_in(Ace(), ace)
        ace = Ace(logging='warning')
        assert_not_in(Ace(), ace)

    def test_repr(self):
        assert_equals(self.ace.__repr__(), '<ACE {}>'.format(str(self.ace)))

    def test_print_group_network(self):
        source = NetworkGroup(name='source')
        destination = NetworkGroup(name='destination')
        network = NetworkLayer(source=source, destination=destination)
        ace = Ace(network=network)
        expected = 'permit ip source destination'
        assert_equals(ace.print_group(), expected)

    def test_print_group_transport(self):
        source = TransportGroup(name='source')
        destination = TransportGroup(name='destination')
        transport = TransportLayer(source=source, destination=destination)
        ace = Ace(transport=transport)
        expected = 'permit tcp/udp 0.0.0.0/0 source 0.0.0.0/0 destination'
        assert_equals(ace.print_group(), expected)

    def test_str_default(self):
        expected = 'permit ip 0.0.0.0/0 0.0.0.0/0'
        ace = Ace()
        assert_equals(ace.__str__(), expected)

    def test_str_deny(self):
        ace = Ace(permit=False, network='1.2.3.4 5.6.7.8')
        expected = 'deny ip 1.2.3.4/32 5.6.7.8/32'
        assert_equals(ace.__str__(), expected)

    def test_str_unnamed_groups_default_transport(self):
        ace = Ace(network='1.2.3.4 5.6.7.8')
        expected = 'permit ip 1.2.3.4/32 5.6.7.8/32'
        assert_equals(ace.__str__(), expected)

    def test_str_unnamed_groups_default_tcp_transport(self):
        ace = Ace(network='1.2.3.4 5.6.7.8', transport='tcp 1-65535 1-65535')
        expected = 'permit tcp 1.2.3.4/32 5.6.7.8/32'
        assert_equals(ace.__str__(), expected)

    def test_str_unnamed_groups_default_udp_transport(self):
        ace = Ace(network='1.2.3.4 5.6.7.8', transport='udp 1-65535 1-65535')
        expected = 'permit udp 1.2.3.4/32 5.6.7.8/32'
        assert_equals(ace.__str__(), expected)

    def test_str_unnamed_groups_full_transport(self):
        ace = Ace(network='1.2.3.4 5.6.7.8')
        ace.transport = 'tcp 1-21 22-22'
        expected = 'permit tcp 1.2.3.4/32 1-21 5.6.7.8/32 22'
        assert_equals(ace.__str__(), expected)

    def test_str_unnamed_groups_destination_transport(self):
        ace = Ace(network='1.2.3.4 5.6.7.8', transport=22)
        expected = 'permit tcp/udp 1.2.3.4/32 5.6.7.8/32 22'
        assert_equals(ace.__str__(), expected)
Beispiel #38
0
 def test_length(self):
     acl = Acl()
     acl.add(Ace())
     assert_equals(len(acl), 1)
     acl.add(Ace(logging=1))
     assert_equals(len(acl), 2)
Beispiel #39
0
 def test_str_unnamed_groups_destination_transport(self):
     ace = Ace(network='1.2.3.4 5.6.7.8', transport=22)
     expected = 'permit tcp/udp 1.2.3.4/32 5.6.7.8/32 22'
     assert_equals(ace.__str__(), expected)
Beispiel #40
0
 def test_contains(self):
     acl = Acl()
     ace = Ace()
     acl.add(ace)
     assert_in(ace, acl)
Beispiel #41
0
 def test_permits_ace(self):
     acl = Acl()
     assert_false(acl.permits(Ace()))
     acl.add(Ace())
     assert_true(acl.permits(Ace()))
     acl.remove(Ace())