def test_release(self, mock_get_version): vpn = VPN(host='localhost', port=1234) self.assertIsNone(vpn._release) release_string = 'OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018' mock_get_version.return_value = release_string self.assertEqual(vpn.release, release_string) self.assertEqual(vpn._release, release_string) mock_get_version.assert_called_once_with() mock_get_version.reset_mock() vpn._release = 'asd' self.assertEqual(vpn.release, 'asd') mock_get_version.assert_not_called()
def load_defaults(self): """Load default config options. """ # Settings self.settings = {} self.settings['name'] = None self.settings['geoip_data'] = None self.settings['datetime_format'] = '%d/%m/%Y %H:%M:%S' # VPN(s) self.vpns = [] vpn = VPN(host='localhost', port=5555) vpn.name = 'Default VPN' vpn.allow_disconnect = True self.vpns.append(vpn)
def test_socket(self): vpn = VPN(socket='file.sock') self.assertEqual(vpn._mgmt_socket, 'file.sock') self.assertIsNone(vpn._mgmt_host) self.assertIsNone(vpn._mgmt_port) self.assertEqual(vpn.type, VPNType.UNIX_SOCKET) self.assertEqual(vpn.mgmt_address, 'file.sock')
def test_host_port(self): vpn = VPN(host='localhost', port=1234) self.assertEqual(vpn._mgmt_host, 'localhost') self.assertEqual(vpn._mgmt_port, 1234) self.assertIsNone(vpn._mgmt_socket) self.assertEqual(vpn.type, VPNType.IP) self.assertEqual(vpn.mgmt_address, 'localhost:1234')
def test__get_version(self, mock_send_command): vpn = VPN(host='localhost', port=1234) mock_send_command.return_value = """ OpenVPN Version: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018 Management Version: 1 END """ self.assertEqual( vpn._get_version(), 'OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018' ) mock_send_command.assert_called_once_with('version') mock_send_command.reset_mock() mock_send_command.return_value = "" with self.assertRaises(ParseError) as ctx: vpn._get_version() self.assertEqual( 'Unable to get OpenVPN version, no matches found in socket response.', str(ctx.exception)) mock_send_command.assert_called_once_with('version') mock_send_command.reset_mock() mock_send_command.return_value = """ Management Version: 1 END """ with self.assertRaises(ParseError) as ctx: vpn._get_version() self.assertEqual( 'Unable to get OpenVPN version, no matches found in socket response.', str(ctx.exception)) mock_send_command.assert_called_once_with('version') mock_send_command.reset_mock()
def test_cache(self, release_mock, state_mock): """Test caching VPN metadata works and clears correctly. """ vpn = VPN(host='localhost', port=1234) vpn.cache_data() release_mock.assert_called_once() state_mock.assert_called_once() vpn._release = 'asd' vpn._state = 'qwe' vpn.clear_cache() self.assertIsNone(vpn._release) self.assertIsNone(vpn._state)
def do_config(self): # check status start_time = time.time() LOG.info("check vpn status, vpn: %s" % self.host_ip) commonutils.check_host_status(self.host_ip, self.user, self.password, retry_time=500, interval=1) LOG.info("vpn is ready, vpn: %s" % self.host_ip) LOG.info("start config vpn, vpn: %s, add_conns: %s" % (self.host_ip, self.add_conns)) # add_conn vpn = VPN(public_ip=self.host_ip, user=self.user, pass_word=self.password) for conn in self.add_conns: try: vpn.add_tunnel(tunnel_name=conn["tunnel_name"], left=conn["left_public_ip"], left_subnet=conn["left_subnet"], right=conn["right_public_ip"], right_subnet=conn["right_subnet"]) except Exception as e: LOG.error("add conn error, vpn: %s, conn: %s, error: %s" % (self.host_ip, conn, e.message)) LOG.info("add conns success, vpn: %s, conns: %s" % (self.host_ip, self.add_conns)) # delete conns for conn in self.delete_conns: try: vpn.remove_tunnel(conn) except Exception as e: LOG.error("delete conn error, vpn: %s, conn: %s, error: %s" % (self.host_ip, conn, e.message)) LOG.info("delete conns success, vpn: %s, conns: %s" % (self.host_ip, self.delete_conns)) try: vpn.restart_ipsec_service() except Exception as e: LOG.error("restart ipsec error, vpn: %s, error: %s" % (self.host_ip, e.message)) cost_time = time.time() - start_time LOG.info("config vpn success, vpn: %s, cost time: %d" % (self.host_ip, cost_time))
def test_version(self, mock_get_version): vpn = VPN(host='localhost', port=1234) vpn._release = 'OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018' self.assertEqual(vpn.version, '2.4.4') vpn._release = 'OpenVPN 1.2.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018' self.assertEqual(vpn.version, '1.2.3') vpn._release = 'OpenVPN 11.22.33 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2018' self.assertEqual(vpn.version, '11.22.33') vpn._release = None mock_get_version.assert_not_called( ) # Check mock hasn't been triggered up to this point mock_get_version.return_value = None self.assertIsNone(vpn.version) mock_get_version.assert_called_once() mock_get_version.reset_mock() vpn._release = 'asd' with self.assertRaises(ParseError) as ctx: vpn.version() self.assertEqual('Unable to parse version from release string.', str(ctx.exception)) mock_get_version.assert_not_called()
def test_server_state(self, mock): vpn = VPN(host='localhost', port=1234) mock.return_value = """1560719601,CONNECTED,SUCCESS,10.0.0.1,,,1.2.3.4,1194 END""" self.assertIsNone(vpn._state) state = vpn.state mock.assert_called_once() self.assertEqual(datetime.datetime(2019, 6, 16, 22, 13, 21), state.up_since) self.assertEqual('CONNECTED', state.state_name) self.assertEqual('SUCCESS', state.desc_string) self.assertEqual('10.0.0.1', state.local_virtual_v4_addr) self.assertIsNone(state.remote_addr) self.assertIsNone(state.remote_port) self.assertEqual('1.2.3.4', state.local_addr) self.assertEqual(1194, state.local_port) mock.reset_mock() _ = vpn.state mock.assert_not_called()
def _parse_file(self, filename): config = configparser.RawConfigParser() logger.info('Parsing config file: %s', filename) contents = config.read(filename) if not contents: raise InvalidConfigError( 'Unable to read config file: {}'.format(filename)) if 'Monitor' not in config.sections(): raise InvalidConfigError( "'Monitor' section required, but not found in config") # Parse 'Monitor' section monitor = config['Monitor'] self.settings['name'] = monitor.get('name') self.settings['geoip_data'] = monitor.get('geoip_data') self.settings['datetime_format'] = monitor.get('datetime_format', '%d/%m/%Y %H:%M:%S') # Parse other (VPN) sections for s in [s for s in config.sections() if s != 'Monitor']: section = config[s] # Compulsory host = section.get('host') try: port = section.getint('port') except ValueError: port = None socket = section.get('socket') if (socket and host) or (socket and port) or (not socket and not host and not port): raise InvalidConfigError( 'Must specify either socket or host and port') if socket: vpn = VPN(socket=socket) else: vpn = VPN(host=host, port=port) vpn.name = s # Optional try: vpn.allow_disconnect = section.getboolean( 'allow_disconnect', True) except configparser.NoOptionError: pass # Add VPN self.vpns.append(vpn)
def run(args, server): env = new_env(args) if args.alg == 'A3C': trainer = A3C(env, args) elif args.alg == 'Q': trainer = Q(env, args) elif args.alg == 'VPN': env_off = new_env(args) env_off.verbose = 0 env_off.reset() trainer = VPN(env, args, env_off=env_off) else: raise ValueError('Invalid algorithm: ' + args.alg) # Variable names that start with "local" are not saved in checkpoints. variables_to_save = [v for v in tf.global_variables() if \ not v.name.startswith("global") and not v.name.startswith("local/target/")] global_variables = [ v for v in tf.global_variables() if not v.name.startswith("local") ] init_op = tf.variables_initializer(global_variables) init_all_op = tf.global_variables_initializer() saver = FastSaver(variables_to_save, max_to_keep=0) var_list = tf.get_collection(tf.GraphKeys.TRAINABLE_VARIABLES, tf.get_variable_scope().name) logger.info('Trainable vars:') for v in var_list: logger.info(' %s %s', v.name, v.get_shape()) logger.info("Num parameters: %d", trainer.local_network.num_param) def init_fn(ses): logger.info("Initializing all parameters.") ses.run(init_all_op) device = 'gpu' if args.gpu > 0 else 'cpu' gpu_options = tf.GPUOptions(per_process_gpu_memory_fraction=0.15) config = tf.ConfigProto(device_filters=[ "/job:ps", "/job:worker/task:{}/{}:0".format(args.task, device) ], gpu_options=gpu_options, allow_soft_placement=True) logdir = os.path.join(args.log, 'train') summary_writer = tf.summary.FileWriter(logdir + "_%d" % args.task) logger.info("Events directory: %s_%s", logdir, args.task) sv = tf.train.Supervisor( is_chief=(args.task == 0), logdir=logdir, saver=saver, summary_op=None, init_op=init_op, init_fn=init_fn, summary_writer=summary_writer, ready_op=tf.report_uninitialized_variables(global_variables), global_step=trainer.global_step, save_model_secs=0, save_summaries_secs=30) logger.info( "Starting session. If this hangs, we're mostly likely waiting to connect to the parameter server. " + "One common cause is that the parameter server DNS name isn't resolving yet, or is misspecified." ) with sv.managed_session(server.target, config=config) as sess, sess.as_default(): sess.run(trainer.sync) trainer.start(sess, summary_writer) global_step = sess.run(trainer.global_step) epoch = -1 logger.info("Starting training at step=%d", global_step) while not sv.should_stop() and (not args.max_step or global_step < args.max_step): if args.task == 0 and int(global_step / args.eval_freq) > epoch: epoch = int(global_step / args.eval_freq) filename = os.path.join(args.log, 'e%d' % (epoch)) sv.saver.save(sess, filename) sv.saver.save(sess, os.path.join(args.log, 'latest')) print("Saved to: %s" % filename) trainer.process(sess) global_step = sess.run(trainer.global_step) if args.task == 0 and int(global_step / args.eval_freq) > epoch: epoch = int(global_step / args.eval_freq) filename = os.path.join(args.log, 'e%d' % (epoch)) sv.saver.save(sess, filename) sv.saver.save(sess, os.path.join(args.log, 'latest')) print("Saved to: %s" % filename) # Ask for all the services to stop. sv.stop() logger.info('reached %s steps. worker stopped.', global_step)
def run_tester(args, server): env = new_env(args) # env.configure() env.reset() env.max_history = args.eval_num if args.alg == 'A3C': agent = A3C(env, args) elif args.alg == 'Q': agent = Q(env, args) elif args.alg == 'VPN': agent = VPN(env, args) else: raise ValueError('Invalid algorithm: ' + args.alg) device = 'gpu' if args.gpu > 0 else 'cpu' gpu_options = tf.GPUOptions(per_process_gpu_memory_fraction=0.15) config = tf.ConfigProto(device_filters=[ "/job:ps", "/job:worker/task:{}/{}:0".format(args.task, device) ], gpu_options=gpu_options, allow_soft_placement=True) variables_to_save = [v for v in tf.global_variables() if \ not v.name.startswith("global") and not v.name.startswith("local/target/")] global_variables = [ v for v in tf.global_variables() if not v.name.startswith("local") ] init_op = tf.variables_initializer(global_variables) init_all_op = tf.global_variables_initializer() var_list = tf.get_collection(tf.GraphKeys.TRAINABLE_VARIABLES, tf.get_variable_scope().name) logger.info('Trainable vars:') for v in var_list: logger.info(' %s %s', v.name, v.get_shape()) logger.info("Num parameters: %d", agent.local_network.num_param) def init_fn(ses): logger.info("Initializing all parameters.") ses.run(init_all_op) saver = FastSaver(variables_to_save, max_to_keep=0) sv = tf.train.Supervisor( is_chief=False, global_step=agent.global_step, summary_op=None, init_op=init_op, init_fn=init_fn, ready_op=tf.report_uninitialized_variables(global_variables), saver=saver, save_model_secs=0, save_summaries_secs=0) best_reward = -10000 with sv.managed_session(server.target, config=config) as sess, sess.as_default(): epoch = args.eval_epoch while args.eval_freq * epoch <= args.max_step: path = os.path.join(args.log, "e%d" % epoch) if not os.path.exists(path + ".index"): time.sleep(10) continue logger.info("Start evaluation (Epoch %d)", epoch) saver.restore(sess, path) np.random.seed(args.seed) reward = evaluate(env, agent.local_network, args.eval_num, eps=args.eps_eval) logfile = open(os.path.join(args.log, "eval.csv"), "a") print("Epoch: %d, Reward: %.2f" % (epoch, reward)) logfile.write("%d, %.3f\n" % (epoch, reward)) logfile.close() if reward > best_reward: best_reward = reward sv.saver.save(sess, os.path.join(args.log, 'best')) print("Saved to: %s" % os.path.join(args.log, 'best')) epoch += 1 logger.info('tester stopped.')
def test_anchor(self): vpn = VPN(host='localhost', port=1234) vpn.name = 'Test VPN' self.assertEqual(vpn.anchor, 'test_vpn') vpn.name = 'asd_asd' self.assertEqual(vpn.anchor, 'asd_asd')
def test_host_port_socket(self): with self.assertRaises(MonitorError) as ctx: VPN(host='localhost', port=1234, socket='file.sock') self.assertEqual('Must specify either socket or host and port', str(ctx.exception))