def test_040_localCaptivePortalToSecondRack(self):
global defaultRackCaptivePortal
remote_control.run_command("rm -f /tmp/policy_test_040*")
defaultRackCaptivePortal = uvmContext.appManager().instantiate("captive-portal", default_policy_id)
assert (defaultRackCaptivePortal != None)
defaultRackCaptivePortalData = defaultRackCaptivePortal.getSettings()
# turn default capture rule on and basic login
defaultRackCaptivePortalData['captureRules']['list'][0]['enabled'] = True
defaultRackCaptivePortalData['authenticationType']="LOCAL_DIRECTORY"
defaultRackCaptivePortalData['pageType'] = "BASIC_LOGIN"
defaultRackCaptivePortal.setSettings(defaultRackCaptivePortalData)
# Create local directory user 'test20'
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
# check host table and remove username for host IP
userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip)
userHost['username'] = ""
userHost['usernameCaptivePortal'] = ""
uvmContext.hostTable().setHostTableEntry(remote_control.client_ip,userHost)
# userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip)
# print(userHost)
nukeRules()
appendRule(createPolicySingleConditionRule("USERNAME","[authenticated]", secondRackId))
# check that basic captive page is shown
result = remote_control.run_command("wget -4 -t 2 --timeout=5 -a /tmp/policy_test_040.log -O /tmp/policy_test_040.out http://www.google.com/")
assert (result == 0)
search = remote_control.run_command("grep -q 'username and password' /tmp/policy_test_040.out")
assert (search == 0)
# check if local directory login and password works
ipfind = remote_control.run_command("grep 'Location' /tmp/policy_test_040.log",stdout=True)
ip = re.findall( r'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(?:[0-9:]{0,6})', ipfind )
captureIP = ip[0]
print('Capture IP address is %s' % captureIP)
appid = str(defaultRackCaptivePortal.getAppSettings()["id"])
# print('appid is %s' % appid # debug line)
result = remote_control.run_command("wget -q -O /dev/null -t 2 --timeout=5 \'http://" + captureIP + "/capture/handler.py/authpost?username=test20&password=passwd&nonce=9abd7f2eb5ecd82b&method=GET&appid=" + appid + "&host=" + captureIP + "&uri=/\'")
assert (result == 0)
# verify the username is assigned to the IP
userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip)
assert (userHost['username'] == "test20")
userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip)
# firewall on rack 2 is blocking all, we should not get the test.untangle.com page
result = remote_control.run_command("wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040a.log -O /tmp/policy_test_040a.out http://www.google.com/")
search = remote_control.run_command("grep -q 'Hi!' /tmp/policy_test_040a.out")
assert (search != 0)
# Or the captive page
search = remote_control.run_command("grep -q 'username and password' /tmp/policy_test_040a.out")
assert (search != 0)
# Logout
result = remote_control.run_command("wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040b.log -O /tmp/policy_test_040b.out http://" + captureIP + "/capture/logout")
assert (result == 0)
search = remote_control.run_command("grep -q 'logged out' /tmp/policy_test_040b.out")
assert (search == 0)
# remove captive portal and test user
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
uvmContext.appManager().destroy( defaultRackCaptivePortal.getAppSettings()["id"] )
defaultRackCaptivePortal = None
def test_040_windowsL2TPlocalDirectory(self):
wan_IP = uvmContext.networkManager().getFirstWanAddress()
if (l2tpClientHostResult != 0):
raise unittest.SkipTest("l2tpClientHostResult not available")
if (not wan_IP in l2tpServerHosts):
raise unittest.SkipTest("No paried L2TP client available")
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
appData = self._app.getSettings()
appData = createL2TPconfig(appData, "LOCAL_DIRECTORY")
self._app.setSettings(appData)
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command(
"rasdial.exe %s %s %s" %
(wan_IP, l2tpLocalUser, l2tpLocalPassword),
host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = self._app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" %
(wan_IP),
host=l2tpClientHost)
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
assert (found)
# Use same user with different password
new_user_password = "******"
uvmContext.localDirectory().setUsers(
createLocalDirectoryUser(userpassword=new_user_password))
appData = createL2TPconfig(appData, "LOCAL_DIRECTORY")
self._app.setSettings(appData)
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command(
"rasdial.exe %s %s %s" %
(wan_IP, l2tpLocalUser, new_user_password),
host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = self._app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" %
(wan_IP),
host=l2tpClientHost)
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
assert (found)
def test_040_windowsL2TPlocalDirectory(self):
wan_IP = uvmContext.networkManager().getFirstWanAddress()
if (l2tpClientHostResult != 0):
raise unittest.SkipTest("l2tpClientHostResult not available")
if (not wan_IP in l2tpServerHosts):
raise unittest.SkipTest("No paried L2TP client available")
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
createL2TPconfig("LOCAL_DIRECTORY")
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_IP,l2tpLocalUser,l2tpLocalPassword), host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_IP), host=l2tpClientHost)
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
assert(found)
# Use same user with different password
new_user_password = "******"
uvmContext.localDirectory().setUsers(createLocalDirectoryUser(userpassword=new_user_password))
createL2TPconfig("LOCAL_DIRECTORY")
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_IP,l2tpLocalUser,new_user_password), host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_IP), host=l2tpClientHost)
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
assert(found)
def test_070_createClientVPNTunnelLocalUserPass(self):
global appData, vpnServerResult, vpnClientResult
if (vpnClientResult != 0 or vpnServerResult != 0):
raise unittest.SkipTest("No paried VPN client available")
pre_events_connect = global_functions.get_app_metric_value(app,"connect")
running = remote_control.run_command("pidof openvpn", host=global_functions.VPN_CLIENT_IP,)
loopLimit = 5
while ((running == 0) and (loopLimit > 0)):
# OpenVPN is running, wait 5 sec to see if openvpn is done
loopLimit -= 1
time.sleep(5)
running = remote_control.run_command("pidof openvpn", host=global_functions.VPN_CLIENT_IP)
if loopLimit == 0:
# try killing the openvpn session as it is probably stuck
remote_control.run_command("sudo pkill openvpn", host=global_functions.VPN_CLIENT_IP)
time.sleep(2)
running = remote_control.run_command("pidof openvpn", host=global_functions.VPN_CLIENT_IP)
if running == 0:
raise unittest.SkipTest("OpenVPN test machine already in use")
appData = app.getSettings()
appData["serverEnabled"]=True
siteName = appData['siteName']
appData['exports']['list'].append(create_export("192.0.2.0/24")) # append in case using LXC
appData['remoteClients']['list'][:] = []
appData['remoteClients']['list'].append(setUpClient())
#enable user/password authentication, set to local directory
appData['authUserPass']=True
appData["authenticationType"]="LOCAL_DIRECTORY"
app.setSettings(appData)
clientLink = app.getClientDistributionDownloadLink(vpnClientName,"zip")
#create Local Directory User for authentication
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
#download, unzip, move config to correct directory
result = configureVPNClientForConnection(clientLink)
assert(result == 0)
#create credentials file containing username/password
remote_control.run_command("echo " + ovpnlocaluser + " > /tmp/authUserPassFile; echo " + ovpnPasswd + " >> /tmp/authUserPassFile", host=global_functions.VPN_CLIENT_IP)
#connect to openvpn using the file
remote_control.run_command("cd /etc/openvpn; sudo nohup openvpn --config " + siteName + ".conf --auth-user-pass /tmp/authUserPassFile >/dev/null 2>&1 &", host=global_functions.VPN_CLIENT_IP)
timeout = waitForClientVPNtoConnect()
# fail if tunnel doesn't connect
assert(timeout > 0)
# ping the test host behind the Untangle from the remote testbox
result = remote_control.run_command("ping -c 2 " + remote_control.client_ip, host=global_functions.VPN_CLIENT_IP)
listOfClients = app.getActiveClients()
print("address " + listOfClients['list'][0]['address'])
print("vpn address 1 " + listOfClients['list'][0]['poolAddress'])
host_result = remote_control.run_command("host test.untangle.com", stdout=True)
match = re.search(r'address \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}', host_result)
ip_address_testuntangle = (match.group()).replace('address ','')
# stop the vpn tunnel on remote box
remote_control.run_command("sudo pkill openvpn", host=global_functions.VPN_CLIENT_IP)
# openvpn takes time to shut down
time.sleep(3)
assert(result==0)
assert(listOfClients['list'][0]['address'] == global_functions.VPN_CLIENT_IP)
events = global_functions.get_events('OpenVPN','Connection Events',None,1)
assert(events != None)
found = global_functions.check_events( events.get('list'), 5,
'remote_address', global_functions.VPN_CLIENT_IP,
'client_name', vpnClientName )
assert( found )
# Check to see if the faceplate counters have incremented.
post_events_connect = global_functions.get_app_metric_value(app, "connect")
assert(pre_events_connect < post_events_connect)
#remove Local Directory User
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
def test_042_windowsL2TPAlias(self):
wan_IP = uvmContext.networkManager().getFirstWanAddress()
device_in_office = global_functions.is_in_office_network(wan_IP)
# L2TP Alias only works at the office network.
if not device_in_office:
raise unittest.SkipTest("Not on office network, skipping")
if (l2tpClientHostResult != 0):
raise unittest.SkipTest("l2tpClientHostResult not available")
# Add reserve IP address to WAN only if WAN is static.
netsettings = copy.deepcopy(orig_netsettings)
ip_alias_set = False
for i in range(len(netsettings['interfaces']['list'])):
if netsettings['interfaces']['list'][i][
'configType'] == "ADDRESSED":
if netsettings['interfaces']['list'][i][
'v4ConfigType'] == "STATIC":
if netsettings['interfaces']['list'][i][
'v4StaticAddress'] == wan_IP:
netsettings['interfaces']['list'][i]['v4Aliases'][
'list'].append(
create_alias(
l2tpAliasIP, netsettings['interfaces']
['list'][i]['v4StaticNetmask'],
netsettings['interfaces']['list'][i]
['v4StaticPrefix']))
uvmContext.networkManager().setNetworkSettings(
netsettings)
ip_alias_set = True
break
if not ip_alias_set:
raise unittest.SkipTest("Unable to set alias IP")
wan_addresses = [wan_IP, l2tpAliasIP]
# Set Local Directory users
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
orig_app_settings = self._app.getSettings()
newAppSettings = copy.deepcopy(orig_app_settings)
newAppSettings = createL2TPconfig(newAppSettings, "LOCAL_DIRECTORY")
# Set aliases for L2TP
wan_alias = []
for idx, val in enumerate(wan_addresses):
wan_alias.append({
'address': val,
'javaClass': 'com.untangle.app.ipsec_vpn.VirtualListen',
'id': idx
})
newAppSettings['virtualListenList']['list'] = wan_alias
# Set the settings
self._app.setSettings(newAppSettings)
# Test both aliases for connectivity
for wan_addr in wan_addresses:
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command(
"rasdial.exe %s %s %s" %
(wan_addr, l2tpLocalUser, l2tpLocalPassword),
host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = self._app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" %
(wan_addr),
host=l2tpClientHost)
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
assert (found)
# Use same user with different password
new_user_password = "******"
uvmContext.localDirectory().setUsers(
createLocalDirectoryUser(userpassword=new_user_password))
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command(
"rasdial.exe %s %s %s" %
(wan_addr, l2tpLocalUser, new_user_password),
host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = self._app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" %
(wan_addr),
host=l2tpClientHost)
# set original user and password
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
assert (found)
# Clean up settings
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
netsettings['interfaces']['list'][i]['v4Aliases']['list'][:] = []
uvmContext.networkManager().setNetworkSettings(netsettings)
self._app.setSettings(orig_app_settings)
def test_042_windowsL2TPAlias(self):
wan_IP = uvmContext.networkManager().getFirstWanAddress()
if (l2tpClientHostResult != 0):
raise unittest.SkipTest("l2tpClientHostResult not available")
if (not wan_IP in l2tpServerHosts):
raise unittest.SkipTest("No paried L2TP client available")
orig_net_set = uvmContext.networkManager().getNetworkSettings()
orig_app_settings = self._app.getSettings()
wan_addresses = []
# Check if we have more than one WAN intf for aliases
for intf in orig_net_set['interfaces']['list']:
if (intf['isWan']):
intf_status = uvmContext.networkManager().getInterfaceStatus(intf['interfaceId'])
wan_addresses.append(intf_status['v4Address'])
if (not len(wan_addresses) > 1):
raise unittest.SkipTest("Not enough WAN Interfaces to test L2TP Aliases")
if (l2tpClientHostResult != 0):
raise unittest.SkipTest("l2tpClientHostResult not available")
# Set Local Directory users
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
newAppSettings = copy.deepcopy(orig_app_settings)
newAppSettings = createL2TPconfig(newAppSettings,"LOCAL_DIRECTORY")
# Set aliases for L2TP
wan_alias = []
for idx, val in enumerate(wan_addresses):
wan_alias.append({'address': val, 'javaClass': 'com.untangle.app.ipsec_vpn.VirtualListen', 'id': idx})
newAppSettings['virtualListenList']['list'] = wan_alias
# Set the settings
self._app.setSettings(newAppSettings)
# Test both aliases for connectivity
for wan_addr in wan_addresses:
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_addr,l2tpLocalUser,l2tpLocalPassword), host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = self._app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_addr), host=l2tpClientHost)
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
assert(found)
# Use same user with different password
new_user_password = "******"
uvmContext.localDirectory().setUsers(createLocalDirectoryUser(userpassword=new_user_password))
timeout = 480
found = False
# Send command for Windows VPN connect.
vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_addr,l2tpLocalUser,new_user_password), host=l2tpClientHost)
if vpnServerResult == 0:
while not found and timeout > 0:
timeout -= 1
time.sleep(1)
virtUsers = self._app.getVirtualUsers()
for user in virtUsers['list']:
if user['clientUsername'] == l2tpLocalUser:
found = True
# Send command for Windows VPN disconnect.
vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_addr), host=l2tpClientHost)
# set original user and password
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
assert(found)
# Clean up settings
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
self._app.setSettings(orig_app_settings)
def test_070_createClientVPNTunnelLocalUserPass(self):
global appData, vpnServerResult, vpnClientResult
if (vpnClientResult != 0 or vpnServerResult != 0):
raise unittest.SkipTest("No paried VPN client available")
pre_events_connect = global_functions.get_app_metric_value(
app, "connect")
running = remote_control.run_command(
"pidof openvpn",
host=global_functions.VPN_CLIENT_IP,
)
loopLimit = 5
while ((running == 0) and (loopLimit > 0)):
# OpenVPN is running, wait 5 sec to see if openvpn is done
loopLimit -= 1
time.sleep(5)
running = remote_control.run_command(
"pidof openvpn", host=global_functions.VPN_CLIENT_IP)
if loopLimit == 0:
# try killing the openvpn session as it is probably stuck
remote_control.run_command("sudo pkill openvpn",
host=global_functions.VPN_CLIENT_IP)
time.sleep(2)
running = remote_control.run_command(
"pidof openvpn", host=global_functions.VPN_CLIENT_IP)
if running == 0:
raise unittest.SkipTest("OpenVPN test machine already in use")
appData = app.getSettings()
appData["serverEnabled"] = True
siteName = appData['siteName']
appData['exports']['list'].append(
create_export("192.0.2.0/24")) # append in case using LXC
appData['remoteClients']['list'][:] = []
appData['remoteClients']['list'].append(setUpClient())
#enable user/password authentication, set to local directory
appData['authUserPass'] = True
appData["authenticationType"] = "LOCAL_DIRECTORY"
app.setSettings(appData)
clientLink = app.getClientDistributionDownloadLink(
vpnClientName, "zip")
#create Local Directory User for authentication
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
#download, unzip, move config to correct directory
result = configureVPNClientForConnection(clientLink)
assert (result == 0)
#create credentials file containing username/password
remote_control.run_command("echo " + ovpnlocaluser +
" > /tmp/authUserPassFile; echo " +
ovpnPasswd + " >> /tmp/authUserPassFile",
host=global_functions.VPN_CLIENT_IP)
#connect to openvpn using the file
remote_control.run_command(
"cd /etc/openvpn; sudo nohup openvpn --config " + siteName +
".conf --auth-user-pass /tmp/authUserPassFile >/dev/null 2>&1 &",
host=global_functions.VPN_CLIENT_IP)
timeout = waitForClientVPNtoConnect()
# fail if tunnel doesn't connect
assert (timeout > 0)
# ping the test host behind the Untangle from the remote testbox
result = remote_control.run_command(
"ping -c 2 " + remote_control.client_ip,
host=global_functions.VPN_CLIENT_IP)
listOfClients = app.getActiveClients()
print("address " + listOfClients['list'][0]['address'])
print("vpn address 1 " + listOfClients['list'][0]['poolAddress'])
host_result = remote_control.run_command("host test.untangle.com",
stdout=True)
match = re.search(r'address \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}',
host_result)
ip_address_testuntangle = (match.group()).replace('address ', '')
# stop the vpn tunnel on remote box
remote_control.run_command("sudo pkill openvpn",
host=global_functions.VPN_CLIENT_IP)
# openvpn takes time to shut down
time.sleep(3)
assert (result == 0)
assert (listOfClients['list'][0]['address'] ==
global_functions.VPN_CLIENT_IP)
events = global_functions.get_events('OpenVPN', 'Connection Events',
None, 1)
assert (events != None)
found = global_functions.check_events(events.get('list'), 5,
'remote_address',
global_functions.VPN_CLIENT_IP,
'client_name', vpnClientName)
assert (found)
# Check to see if the faceplate counters have incremented.
post_events_connect = global_functions.get_app_metric_value(
app, "connect")
assert (pre_events_connect < post_events_connect)
#remove Local Directory User
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
def test_040_localCaptivePortalToSecondRack(self):
global defaultRackCaptivePortal
remote_control.run_command("rm -f /tmp/policy_test_040*")
defaultRackCaptivePortal = uvmContext.appManager().instantiate(
"captive-portal", default_policy_id)
assert (defaultRackCaptivePortal != None)
defaultRackCaptivePortalData = defaultRackCaptivePortal.getSettings()
# turn default capture rule on and basic login
defaultRackCaptivePortalData['captureRules']['list'][0][
'enabled'] = True
defaultRackCaptivePortalData['authenticationType'] = "LOCAL_DIRECTORY"
defaultRackCaptivePortalData['pageType'] = "BASIC_LOGIN"
defaultRackCaptivePortal.setSettings(defaultRackCaptivePortalData)
# Create local directory user 'test20'
uvmContext.localDirectory().setUsers(createLocalDirectoryUser())
# check host table and remove username for host IP
userHost = uvmContext.hostTable().getHostTableEntry(
remote_control.client_ip)
userHost['username'] = ""
userHost['usernameCaptivePortal'] = ""
uvmContext.hostTable().setHostTableEntry(remote_control.client_ip,
userHost)
# userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip)
# print(userHost)
nukeRules()
appendRule(
createPolicySingleConditionRule("USERNAME", "[authenticated]",
secondRackId))
# check that basic captive page is shown
result = remote_control.run_command(
"wget -4 -t 2 --timeout=5 -a /tmp/policy_test_040.log -O /tmp/policy_test_040.out http://www.google.com/"
)
assert (result == 0)
search = remote_control.run_command(
"grep -q 'username and password' /tmp/policy_test_040.out")
assert (search == 0)
# check if local directory login and password works
ipfind = remote_control.run_command(
"grep 'Location' /tmp/policy_test_040.log", stdout=True)
ip = re.findall(
r'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(?:[0-9:]{0,6})',
ipfind)
captureIP = ip[0]
print('Capture IP address is %s' % captureIP)
appid = str(defaultRackCaptivePortal.getAppSettings()["id"])
# print('appid is %s' % appid # debug line)
result = remote_control.run_command(
"wget -q -O /dev/null -t 2 --timeout=5 \'http://" + captureIP +
"/capture/handler.py/authpost?username=test20&password=passwd&nonce=9abd7f2eb5ecd82b&method=GET&appid="
+ appid + "&host=" + captureIP + "&uri=/\'")
assert (result == 0)
# verify the username is assigned to the IP
userHost = uvmContext.hostTable().getHostTableEntry(
remote_control.client_ip)
assert (userHost['username'] == "test20")
userHost = uvmContext.hostTable().getHostTableEntry(
remote_control.client_ip)
# firewall on rack 2 is blocking all, we should not get the test.untangle.com page
result = remote_control.run_command(
"wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040a.log -O /tmp/policy_test_040a.out http://www.google.com/"
)
search = remote_control.run_command(
"grep -q 'Hi!' /tmp/policy_test_040a.out")
assert (search != 0)
# Or the captive page
search = remote_control.run_command(
"grep -q 'username and password' /tmp/policy_test_040a.out")
assert (search != 0)
# Logout
result = remote_control.run_command(
"wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040b.log -O /tmp/policy_test_040b.out http://"
+ captureIP + "/capture/logout")
assert (result == 0)
search = remote_control.run_command(
"grep -q 'logged out' /tmp/policy_test_040b.out")
assert (search == 0)
# remove captive portal and test user
uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
uvmContext.appManager().destroy(
defaultRackCaptivePortal.getAppSettings()["id"])
defaultRackCaptivePortal = None