def test_match_tcp_generators(): assert MatchTcpFlags.match_ack() == MatchTcpFlags( TcpFlags(ack=True), useAck=True) assert MatchTcpFlags.match_rst() == MatchTcpFlags( TcpFlags(rst=True), useRst=True) assert len(MatchTcpFlags.match_established()) == 2 assert MatchTcpFlags.match_established() == [MatchTcpFlags.match_ack(), MatchTcpFlags.match_rst()]
def test_header_constraints_serialization(): hc = HeaderConstraints() hcd = hc.dict() fields = set(map(attrgetter("name"), attr.fields(HeaderConstraints))) - { "firewallClassifications" } | {"flowStates"} for field in fields: assert hcd[field] is None hc = HeaderConstraints(srcIps="1.1.1.1") assert hc.dict()["srcIps"] == "1.1.1.1" hc = HeaderConstraints(dstPorts=["10-20", "33-33"]) assert hc.dict()["dstPorts"] == "10-20,33-33" hc = HeaderConstraints(dstPorts="10-20,33") assert hc.dict()["dstPorts"] == "10-20,33" for dp in [10, "10", [10], ["10"]]: hc = HeaderConstraints(dstPorts=dp) assert hc.dict()["dstPorts"] == "10" hc = HeaderConstraints(applications="dns,ssh") assert hc.dict()["applications"] == ["dns", "ssh"] hc = HeaderConstraints(applications=["dns", "ssh"]) assert hc.dict()["applications"] == ["dns", "ssh"] hc = HeaderConstraints(ipProtocols=" , dns,") assert hc.dict()["ipProtocols"] == ["dns"] hc = HeaderConstraints(ipProtocols=["tcp", "udp"]) assert hc.dict()["ipProtocols"] == ["tcp", "udp"] match_syn = MatchTcpFlags(tcpFlags=TcpFlags(syn=True), useSyn=True) hc1 = HeaderConstraints(tcpFlags=match_syn) hc2 = HeaderConstraints(tcpFlags=[match_syn]) assert hc1.dict() == hc2.dict() with pytest.raises(ValueError): HeaderConstraints(applications="")
def test_header_constraints_of(): hc = HeaderConstraints.of( Flow( ipProtocol='ICMP', icmpCode=7, srcIp="1.1.1.1", dstIp="2.2.2.2", dscp=0, dstPort=0, srcPort=0, ecn=0, fragmentOffset=0, icmpVar=0, ingressInterface='', ingressNode='', ingressVrf='', packetLength=0, state='new', tag='tag', tcpFlagsAck=0, tcpFlagsCwr=0, tcpFlagsEce=0, tcpFlagsFin=0, tcpFlagsPsh=0, tcpFlagsRst=0, tcpFlagsSyn=0, tcpFlagsUrg=0, )) assert hc.srcIps == "1.1.1.1" assert hc.dstIps == "2.2.2.2" assert hc.ipProtocols == ['ICMP'] assert hc.icmpCodes == '7' assert hc.srcPorts is None assert hc.dstPorts is None assert hc.tcpFlags is None hc = HeaderConstraints.of( Flow( ipProtocol='TCP', srcPort=1000, dstPort=2000, tcpFlagsAck=True, srcIp="1.1.1.1", dstIp="2.2.2.2", dscp=0, ecn=0, fragmentOffset=0, icmpCode=0, icmpVar=0, ingressInterface='', ingressNode='', ingressVrf='', packetLength=0, state='new', tag='tag', tcpFlagsCwr=0, tcpFlagsEce=0, tcpFlagsFin=0, tcpFlagsPsh=0, tcpFlagsRst=0, tcpFlagsSyn=0, tcpFlagsUrg=0, )) assert hc.srcIps == "1.1.1.1" assert hc.dstIps == "2.2.2.2" assert hc.ipProtocols == ['TCP'] assert hc.icmpCodes is None assert hc.icmpTypes is None assert hc.srcPorts == '1000' assert hc.dstPorts == '2000' assert hc.tcpFlags == [ MatchTcpFlags( TcpFlags(ack=True), useAck=True, useCwr=True, useEce=True, useFin=True, usePsh=True, useRst=True, useSyn=True, useUrg=True, ) ]
def test_match_tcp_generators(): assert MatchTcpFlags.match_ack() == MatchTcpFlags(TcpFlags(ack=True), useAck=True) assert MatchTcpFlags.match_rst() == MatchTcpFlags(TcpFlags(rst=True), useRst=True) assert MatchTcpFlags.match_syn() == MatchTcpFlags(TcpFlags(syn=True), useSyn=True) assert MatchTcpFlags.match_synack() == MatchTcpFlags(TcpFlags(ack=True, syn=True), useAck=True, useSyn=True) assert len(MatchTcpFlags.match_established()) == 2 assert MatchTcpFlags.match_established() == [ MatchTcpFlags.match_ack(), MatchTcpFlags.match_rst(), ] assert MatchTcpFlags.match_not_established() == [ MatchTcpFlags(useAck=True, useRst=True, tcpFlags=TcpFlags(ack=False, rst=False)) ]