def testBuildWarningTokens(self): pol1 = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_SIMPLE_WARNING, self.naming), EXP_INFO) st, sst = pol1._BuildTokens() self.assertEquals(st, SUPPORTED_TOKENS) self.assertEquals(sst, SUPPORTED_SUB_TOKENS)
def testExpiredTerm(self, mock_warn): windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + EXPIRED_TERM, self.naming), EXP_INFO) mock_warn.assert_called_once_with( 'WARNING: Term %s in policy %s is expired and ' 'will not be rendered.', 'expired_test', 'test-filter')
def testExpiredTerm(self): self.mox.StubOutWithMock(windows_ipsec.logging, 'warn') # create mock to ensure we warn about expired terms being skipped windows_ipsec.logging.warn( 'WARNING: Term %s in policy %s is expired and ' 'will not be rendered.', 'expired_test', 'test-filter') self.mox.ReplayAll() windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + EXPIRED_TERM, self.naming), EXP_INFO)
def testExpiringTerm(self, mock_info): exp_date = datetime.date.today() + datetime.timedelta(weeks=EXP_INFO) windows_ipsec.WindowsIPSec( policy.ParsePolicy( GOOD_HEADER + EXPIRING_TERM % exp_date.strftime('%Y-%m-%d'), self.naming), EXP_INFO) mock_info.assert_called_once_with( 'INFO: Term %s in policy %s expires in ' 'less than two weeks.', 'is_expiring', 'test-filter')
def testPolicy(self): self.naming.GetNetAddr('PROD_NET').AndReturn( [nacaddr.IP('10.0.0.0/8')]) self.naming.GetServiceByProto('SMTP', 'tcp').AndReturn(['25']) self.mox.ReplayAll() acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_TCP, self.naming), EXP_INFO) result = str(acl) self.failUnless(['policy name=test-filter-policy assign=yes'], result, 'header')
def testExpiringTerm(self): self.mox.StubOutWithMock(windows_ipsec.logging, 'info') # create mock to ensure we inform about expiring terms windows_ipsec.logging.info( 'INFO: Term %s in policy %s expires in ' 'less than two weeks.', 'is_expiring', 'test-filter') self.mox.ReplayAll() exp_date = datetime.date.today() + datetime.timedelta(weeks=EXP_INFO) windows_ipsec.WindowsIPSec( policy.ParsePolicy( GOOD_HEADER + EXPIRING_TERM % exp_date.strftime('%Y-%m-%d'), self.naming), EXP_INFO)
def testPolicy(self): self.naming.GetNetAddr.return_value = [nacaddr.IP('10.0.0.0/8')] self.naming.GetServiceByProto.return_value = ['25'] acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_TCP, self.naming), EXP_INFO) result = str(acl) self.failUnless(['policy name=test-filter-policy assign=yes'], result, 'header') self.naming.GetNetAddr.assert_called_once_with('PROD_NET') self.naming.GetServiceByProto.assert_called_once_with('SMTP', 'tcp')
def testIcmp(self): acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_ICMP, self.naming), EXP_INFO) result = str(acl) self.failUnless([ 'filterlist name=t_good-term-icmp-list', 'filteraction name=t_good-term-icmp-action action=permit', 'filter filterlist=t_good-term-icmp-list mirrored=yes srcaddr=any ' ' dstaddr=any', 'rule name=t_good-term-icmp-rule policy=test-filter' ' filterlist=t_good-term-icmp-list' ' filteraction=t_good-term-icmp-action' ], result, 'good-term-icmp')
def testTcp(self): self.naming.GetNetAddr('PROD_NET').AndReturn( [nacaddr.IP('10.0.0.0/8')]) self.naming.GetServiceByProto('SMTP', 'tcp').AndReturn(['25']) self.mox.ReplayAll() acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_TCP, self.naming), EXP_INFO) result = str(acl) self.failUnless([ 'filteraction name=t_good-term-tcp-action action=permit', 'filter filterlist=t_good-term-tcp-list mirrored=yes srcaddr=any ' ' dstaddr=10.0.0.0 dstmask=8 dstport=25', 'rule name=t_good-term-tcp-rule policy=test-filter' ' filterlist=t_good-term-tcp-list' ' filteraction=t_good-term-tcp-action' ], result, 'good-term-tcp')
def testMultiprotocol(self): acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + MULTIPLE_PROTOCOLS_TERM, self.naming), EXP_INFO) result = str(acl) self.failUnless([ 'filterlist name=t_multi-proto-list', 'filteraction name=t_multi-proto-action action=permit', 'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any ' ' dstaddr=any protocol=tcp', 'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any ' ' dstaddr=any protocol=udp', 'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any ' ' dstaddr=any protocol=icmp', 'rule name=t_multi-proto-rule policy=test-filter' ' filterlist=t_multi-proto-list filteraction=t_multi-proto-action' ], result, 'multi-proto')
def testBadIcmp(self): self.mox.ReplayAll() acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + BAD_TERM_ICMP, self.naming), EXP_INFO) self.assertRaises(aclgenerator.UnsupportedFilterError, str, acl)