def testBuildWarningTokens(self): pol1 = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_SIMPLE_WARNING, self.naming), EXP_INFO) st, sst = pol1._BuildTokens() self.assertEqual(st, SUPPORTED_TOKENS) self.assertEqual(sst, SUPPORTED_SUB_TOKENS)
def testExpiredTerm(self, mock_warn): windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + EXPIRED_TERM, self.naming), EXP_INFO) mock_warn.assert_called_once_with( 'WARNING: Term %s in policy %s is expired and ' 'will not be rendered.', 'expired_test', 'test-filter')
def testExpiringTerm(self, mock_info): exp_date = datetime.date.today() + datetime.timedelta(weeks=EXP_INFO) windows_ipsec.WindowsIPSec( policy.ParsePolicy( GOOD_HEADER + EXPIRING_TERM % exp_date.strftime('%Y-%m-%d'), self.naming), EXP_INFO) mock_info.assert_called_once_with( 'INFO: Term %s in policy %s expires in ' 'less than two weeks.', 'is_expiring', 'test-filter')
def testPolicy(self): self.naming.GetNetAddr.return_value = [nacaddr.IP('10.0.0.0/8')] self.naming.GetServiceByProto.return_value = ['25'] acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_TCP, self.naming), EXP_INFO) result = str(acl) self.assertTrue(['policy name=test-filter-policy assign=yes'], result, 'header') self.naming.GetNetAddr.assert_called_once_with('PROD_NET') self.naming.GetServiceByProto.assert_called_once_with('SMTP', 'tcp')
def testIcmp(self): acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_ICMP, self.naming), EXP_INFO) result = str(acl) self.assertTrue([ 'filterlist name=t_good-term-icmp-list', 'filteraction name=t_good-term-icmp-action action=permit', 'filter filterlist=t_good-term-icmp-list mirrored=yes srcaddr=any ' ' dstaddr=any', 'rule name=t_good-term-icmp-rule policy=test-filter' ' filterlist=t_good-term-icmp-list' ' filteraction=t_good-term-icmp-action' ], result, 'good-term-icmp')
def testMultiprotocol(self): acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + MULTIPLE_PROTOCOLS_TERM, self.naming), EXP_INFO) result = str(acl) self.assertTrue([ 'filterlist name=t_multi-proto-list', 'filteraction name=t_multi-proto-action action=permit', 'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any ' ' dstaddr=any protocol=tcp', 'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any ' ' dstaddr=any protocol=udp', 'filter filterlist=t_multi-proto-list mirrored=yes srcaddr=any ' ' dstaddr=any protocol=icmp', 'rule name=t_multi-proto-rule policy=test-filter' ' filterlist=t_multi-proto-list filteraction=t_multi-proto-action' ], result, 'multi-proto')
def testTcp(self): self.naming.GetNetAddr.return_value = [nacaddr.IP('10.0.0.0/8')] self.naming.GetServiceByProto.return_value = ['25'] acl = windows_ipsec.WindowsIPSec( policy.ParsePolicy(GOOD_HEADER + GOOD_TERM_TCP, self.naming), EXP_INFO) result = str(acl) self.assertTrue([ 'filteraction name=t_good-term-tcp-action action=permit', 'filter filterlist=t_good-term-tcp-list mirrored=yes srcaddr=any ' ' dstaddr=10.0.0.0 dstmask=8 dstport=25', 'rule name=t_good-term-tcp-rule policy=test-filter' ' filterlist=t_good-term-tcp-list' ' filteraction=t_good-term-tcp-action' ], result, 'good-term-tcp') self.naming.GetNetAddr.assert_called_once_with('PROD_NET') self.naming.GetServiceByProto.assert_called_once_with('SMTP', 'tcp')