def test_101_email_admin_override_custom_report(self): """ 1. Use reportuser 2. Reportuser overrides admin user address. 3. Custom report with test not in default. """ if (not can_relay): raise unittest2.SkipTest('Unable to relay through ' + global_functions.testServerHost) if remote_control.quickTestsOnly: raise unittest2.SkipTest('Skipping a time consuming test') # Create settings to receive test_email_address configure_mail_relay() # add administrator adminsettings = uvmContext.adminManager().getSettings() orig_adminsettings = copy.deepcopy(adminsettings) adminsettings['users']['list'].append( create_admin_user(useremail=test_email_address)) uvmContext.adminManager().setSettings(adminsettings) settings = app.getSettings() # add custom template with a test not in daily reports settings["emailTemplates"]["list"] = settings["emailTemplates"][ "list"][:1] settings["emailTemplates"]["list"].append(create_email_template()) # add report user with test_email_address settings["reportsUsers"]["list"] = settings["reportsUsers"]["list"][:1] settings["reportsUsers"]["list"].append( create_reports_user(profile_email=test_email_address, email_template_id=2)) app.setSettings(settings) # send email subprocess.call([ global_functions.get_prefix() + "/usr/share/untangle/bin/reports-generate-fixed-reports.py" ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) # look for email email_found = fetch_email( "/tmp/test_101_email_admin_override_custom_report_file", test_email_address) if email_found: email_context_found1 = remote_control.run_command( "grep -i 'Custom Report' /tmp/test_101_email_admin_override_custom_report_file 2>&1", stdout=True) email_context_found2 = remote_control.run_command( "grep -i 'Administration-VWuRol5uWw' /tmp/test_101_email_admin_override_custom_report_file 2>&1", stdout=True) # restore uvmContext.adminManager().setSettings(orig_adminsettings) assert (email_found) assert ((email_context_found1) and (email_context_found2))
def configureVPNClientForConnection(clientLink): "download client config from passed link, unzip, and copy to correct location" #download config subprocess.call("wget -o /dev/null -t 1 --timeout=3 http://localhost" + clientLink + " -O /tmp/clientconfig.zip", shell=True) #copy config to remote host subprocess.call( "scp -o 'StrictHostKeyChecking=no' -i " + global_functions.get_prefix() + "/usr/lib/python2.7/dist-packages/tests/test_shell.key /tmp/clientconfig.zip testshell@" + global_functions.VPN_CLIENT_IP + ":/tmp/>/dev/null 2>&1", shell=True) #unzip files unzipFiles = remote_control.run_command( "sudo unzip -o /tmp/clientconfig.zip -d /tmp/", host=global_functions.VPN_CLIENT_IP) #remove any existing openvpn config files removeOld = remote_control.run_command( "sudo rm -f /etc/openvpn/*.conf; sudo rm -f /etc/openvpn/*.ovpn; sudo rm -rf /etc/openvpn/keys", host=global_functions.VPN_CLIENT_IP) #move new config to directory moveNew = remote_control.run_command( "sudo mv -f /tmp/untangle-vpn/* /etc/openvpn/", host=global_functions.VPN_CLIENT_IP) if (unzipFiles == 0) and (removeOld == 0) and (moveNew == 0): result = 0 return result
def test_050_createClientVPNFullTunnel(self): global appData, vpnServerResult, vpnClientResult if remote_control.quickTestsOnly: raise unittest2.SkipTest('Skipping a time consuming test') if (vpnClientResult != 0 or vpnServerResult != 0): raise unittest2.SkipTest("No paried VPN client available") running = remote_control.run_command( "pidof openvpn", host=global_functions.vpnClientVpnIP) if running == 0: raise unittest2.SkipTest("OpenVPN test machine already in use") appData = app.getSettings() appData["serverEnabled"] = True siteName = appData['siteName'] appData['remoteClients']['list'][:] = [] appData['remoteClients']['list'].append( setUpClient(vpn_name=vpnFullClientName)) appData['groups']['list'][0]['fullTunnel'] = True appData['groups']['list'][0]['fullTunnel'] = True app.setSettings(appData) clientLink = app.getClientDistributionDownloadLink( vpnFullClientName, "zip") # print clientLink # download client config file result = os.system( "wget -o /dev/null -t 1 --timeout=3 http://localhost" + clientLink + " -O /tmp/clientconfig.zip") assert (result == 0) # Copy the config file to the remote PC, unzip the files and move to the openvpn directory on the remote device os.system( "scp -o 'StrictHostKeyChecking=no' -i " + global_functions.get_prefix() + "/usr/lib/python2.7/tests/test_shell.key /tmp/clientconfig.zip testshell@" + global_functions.vpnClientVpnIP + ":/tmp/>/dev/null 2>&1") remote_control.run_command( "sudo unzip -o /tmp/clientconfig.zip -d /tmp/", host=global_functions.vpnClientVpnIP) remote_control.run_command( "sudo rm -f /etc/openvpn/*.conf; sudo rm -f /etc/openvpn/*.ovpn; sudo rm -rf /etc/openvpn/keys", host=global_functions.vpnClientVpnIP) remote_control.run_command( "sudo mv -f /tmp/untangle-vpn/* /etc/openvpn/", host=global_functions.vpnClientVpnIP) remote_control.run_command("cd /etc/openvpn; sudo nohup openvpn " + siteName + ".conf >/dev/null 2>&1 &", host=global_functions.vpnClientVpnIP) result1 = 1 tries = 40 while result1 != 0 and tries > 0: time.sleep(1) tries -= 1 listOfClients = app.getActiveClients() if len(listOfClients['list']): vpnPoolAddressIP = listOfClients['list'][0]['poolAddress'] # ping the test host behind the Untangle from the remote testbox print "vpn pool address: " + vpnPoolAddressIP result1 = os.system("ping -c1 " + vpnPoolAddressIP + " >/dev/null 2>&1") if result1 == 0: result2 = remote_control.run_command("ping -c 2 " + remote_control.clientIP, host=vpnPoolAddressIP) # run a web request to internet and make sure it goes through web filter # webresult = remote_control.run_command("wget -q -O - http://www.playboy.com | grep -q blockpage", host=vpnPoolAddressIP) webresult = remote_control.run_command( "wget --timeout=4 -q -O - http://www.playboy.com | grep -q blockpage", host=vpnPoolAddressIP) print "result1 <%d> result2 <%d> webresult <%d>" % ( result1, result2, webresult) else: print "No VPN IP address found" # Shutdown VPN on both sides. # Delete profile on server appData['remoteClients']['list'][:] = [] app.setSettings(appData) time.sleep(5) # wait for vpn tunnel to go down # kill the client side remote_control.run_command("sudo pkill openvpn", host=global_functions.vpnClientVpnIP) time.sleep(3) # openvpn takes time to shut down # print ("result " + str(result) + " webresult " + str(webresult)) assert (result1 == 0) assert (result2 == 0) assert (listOfClients['list'][0]['address'] == global_functions.vpnClientVpnIP) assert (webresult == 0)
def test_040_createClientVPNTunnel(self): global appData, vpnServerResult, vpnClientResult if (vpnClientResult != 0 or vpnServerResult != 0): raise unittest2.SkipTest("No paried VPN client available") pre_events_connect = global_functions.get_app_metric_value( app, "connect") running = remote_control.run_command( "pidof openvpn", host=global_functions.vpnClientVpnIP, ) loopLimit = 5 while ((running == 0) and (loopLimit > 0)): # OpenVPN is running, wait 5 sec to see if openvpm is done loopLimit -= 1 time.sleep(5) running = remote_control.run_command( "pidof openvpn", host=global_functions.vpnClientVpnIP) if loopLimit == 0: # try killing the openvpn session as it is probably stuck remote_control.run_command("sudo pkill openvpn", host=global_functions.vpnClientVpnIP) time.sleep(2) running = remote_control.run_command( "pidof openvpn", host=global_functions.vpnClientVpnIP) if running == 0: raise unittest2.SkipTest("OpenVPN test machine already in use") appData = app.getSettings() appData["serverEnabled"] = True siteName = appData['siteName'] appData['exports']['list'].append( create_export("192.0.2.0/24")) # append in case using LXC appData['remoteClients']['list'][:] = [] appData['remoteClients']['list'].append(setUpClient()) app.setSettings(appData) clientLink = app.getClientDistributionDownloadLink( vpnClientName, "zip") # print clientLink # download client config file result = os.system( "wget -o /dev/null -t 1 --timeout=3 http://localhost" + clientLink + " -O /tmp/clientconfig.zip") assert (result == 0) # copy the config file to the remote PC, unzip the files and move to the openvpn directory on the remote device result = os.system( "scp -o 'StrictHostKeyChecking=no' -i " + global_functions.get_prefix() + "/usr/lib/python2.7/tests/test_shell.key /tmp/clientconfig.zip testshell@" + global_functions.vpnClientVpnIP + ":/tmp/>/dev/null 2>&1") assert (result == 0) remote_control.run_command( "sudo unzip -o /tmp/clientconfig.zip -d /tmp/", host=global_functions.vpnClientVpnIP) remote_control.run_command( "sudo rm -f /etc/openvpn/*.conf; sudo rm -f /etc/openvpn/*.ovpn; sudo rm -rf /etc/openvpn/keys", host=global_functions.vpnClientVpnIP) remote_control.run_command( "sudo mv -f /tmp/untangle-vpn/* /etc/openvpn/", host=global_functions.vpnClientVpnIP) remote_control.run_command("cd /etc/openvpn; sudo nohup openvpn " + siteName + ".conf >/dev/null 2>&1 &", host=global_functions.vpnClientVpnIP) timeout = waitForClientVPNtoConnect() # If VPN tunnel has failed to connect so fail the test, assert (timeout > 0) # ping the test host behind the Untangle from the remote testbox result = remote_control.run_command( "ping -c 2 " + remote_control.clientIP, host=global_functions.vpnClientVpnIP) listOfClients = app.getActiveClients() print "address " + listOfClients['list'][0]['address'] print "vpn address 1 " + listOfClients['list'][0]['poolAddress'] host_result = remote_control.run_command("host test.untangle.com", stdout=True) # print "host_result <%s>" % host_result match = re.search(r'address \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}', host_result) ip_address_testuntangle = (match.group()).replace('address ', '') # stop the vpn tunnel on remote box remote_control.run_command("sudo pkill openvpn", host=global_functions.vpnClientVpnIP) time.sleep(3) # openvpn takes time to shut down assert (result == 0) assert (listOfClients['list'][0]['address'] == global_functions.vpnClientVpnIP) events = global_functions.get_events('OpenVPN', 'Connection Events', None, 1) assert (events != None) found = global_functions.check_events(events.get('list'), 5, 'remote_address', global_functions.vpnClientVpnIP, 'client_name', vpnClientName) assert (found) # Check to see if the faceplate counters have incremented. post_events_connect = global_functions.get_app_metric_value( app, "connect") assert (pre_events_connect < post_events_connect)
def test_103_email_report_verify_apps(self): """ 1) Install all apps 2) Generate a report 3) Verify that the emailed report contains a section for each app """ global app if (not can_relay): raise unittest2.SkipTest('Unable to relay through ' + global_functions.testServerHost) if remote_control.quickTestsOnly: raise unittest2.SkipTest('Skipping a time consuming test') # create settings to receive test_email_address configure_mail_relay() # add administrator adminsettings = uvmContext.adminManager().getSettings() orig_adminsettings = copy.deepcopy(adminsettings) adminsettings['users']['list'].append( create_admin_user(useremail=test_email_address)) uvmContext.adminManager().setSettings(adminsettings) # clear all report users settings = app.getSettings() settings["reportsUsers"]["list"] = settings["reportsUsers"]["list"][:1] app.setSettings(settings) # install all the apps that aren't already installed apps = [] for name in [ "firewall", "web-filter", "virus-blocker", "spam-blocker", "phish-blocker", "ad-blocker", "web-cache", "bandwidth-control", "application-control", "ssl-inspector", "captive-portal", "web-monitor", "virus-blocker-lite", "spam-blocker-lite", "application-control-lite", "policy-manager", "directory-connector", "wan-failover", "wan-balancer", "configuration-backup", "intrusion-prevention", "ipsec-vpn", "openvpn" ]: if (uvmContext.appManager().isInstantiated(name)): print("App %s already installed" % name) else: apps.append(uvmContext.appManager().instantiate( name, default_policy_id)) # create some traffic result = remote_control.is_online(tries=1) # flush out events app.flushEvents() # send emails subprocess.call([ global_functions.get_prefix() + "/usr/share/untangle/bin/reports-generate-fixed-reports.py" ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) # look for email email_found = fetch_email("/tmp/test_103_email_report_admin_file", test_email_address) # look for all the appropriate sections in the report email results = [] if email_found: for str in [ 'Daily', 'Firewall', 'Web Filter', 'Virus Blocker', 'Spam Blocker', 'Phish Blocker', 'Ad Blocker', 'Web Cache', 'Bandwidth Control', 'Application Control', 'SSL Inspector', 'Web Monitor', 'Captive Portal', 'Virus Blocker Lite', 'Spam Blocker Lite', 'Application Control Lite', 'Policy Manager', 'Directory Connector', 'WAN Failover', 'WAN Balancer', 'Configuration Backup', 'Intrusion Prevention', 'IPsec VPN', 'OpenVPN' ]: results.append( remote_control.run_command( "grep -q -i '%s' /tmp/test_103_email_report_admin_file 2>&1" % str)) # restore uvmContext.adminManager().setSettings(orig_adminsettings) # remove apps that were installed above for a in apps: uvmContext.appManager().destroy(a.getAppSettings()["id"]) assert (email_found) for result in results: assert (result == 0)
def test_102_email_admin_override_custom_report_mobile(self): """ 1. Use reportuser 2. Reportuser overrides admin user address. 3. Custom report with test not in default. """ if (not can_relay): raise unittest2.SkipTest('Unable to relay through ' + global_functions.testServerHost) if remote_control.quickTestsOnly: raise unittest2.SkipTest('Skipping a time consuming test') # Create settings to receive test_email_address configure_mail_relay() # add administrator adminsettings = uvmContext.adminManager().getSettings() orig_adminsettings = copy.deepcopy(adminsettings) adminsettings['users']['list'].append( create_admin_user(useremail=test_email_address)) uvmContext.adminManager().setSettings(adminsettings) settings = app.getSettings() # add custom template with a test not in daily reports settings["emailTemplates"]["list"] = settings["emailTemplates"][ "list"][:1] settings["emailTemplates"]["list"].append( create_email_template(mobile=True)) # add report user with test_email_address settings["reportsUsers"]["list"] = settings["reportsUsers"]["list"][:1] settings["reportsUsers"]["list"].append( create_reports_user(profile_email=test_email_address, email_template_id=2)) app.setSettings(settings) # send email subprocess.call([ global_functions.get_prefix() + "/usr/share/untangle/bin/reports-generate-fixed-reports.py" ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) # look for email email_found = fetch_email( "/tmp/test_102_email_admin_override_custom_report_mobile_file", test_email_address) if email_found: email_context_found1 = remote_control.run_command( "grep -i 'Custom Report' /tmp/test_102_email_admin_override_custom_report_mobile_file 2>&1", stdout=True) email_context_found2 = remote_control.run_command( "grep -i 'Administration-VWuRol5uWw' /tmp/test_102_email_admin_override_custom_report_mobile_file 2>&1", stdout=True) # restore uvmContext.adminManager().setSettings(orig_adminsettings) assert (email_found) assert ((email_context_found1) and (email_context_found2)) # Verify that all images are less than 350x350. # copy mail from remote client subprocess.call( "scp -q -i %s testshell@%s:/tmp/test_102_email_admin_override_custom_report_mobile_file /tmp/" % (remote_control.hostKeyFile, remote_control.clientIP), shell=True) fp = open( "/tmp/test_102_email_admin_override_custom_report_mobile_file") email_string = fp.read() fp.close() subprocess.call( "rm /tmp/test_102_email_admin_override_custom_report_mobile_file", shell=True) # Delete the first line as it is blank and throws off the parser email_string = '\n'.join(email_string.split('\n')[1:]) msg = email.message_from_string(email_string) mime_content_ids = [] for part in msg.walk(): if part.get_content_maintype() == "image": # print("Image found") for index, key in enumerate(part.keys()): if key == "Content-ID": email_image = part.get_payload(decode=True) im = Image.open(StringIO(email_image)) (image_width, image_height) = im.size print("Image width: %d height: %d" % (image_width, image_height)) assert (image_width < 350 and image_height < 350)
def test_100_email_report_admin(self): """ The "default" configuration test: - Administrator email account gets """ if (not can_relay): raise unittest2.SkipTest('Unable to relay through ' + global_functions.testServerHost) if remote_control.quickTestsOnly: raise unittest2.SkipTest('Skipping a time consuming test') # create settings to receive test_email_address configure_mail_relay() # add administrator adminsettings = uvmContext.adminManager().getSettings() orig_adminsettings = copy.deepcopy(adminsettings) adminsettings['users']['list'].append( create_admin_user(useremail=test_email_address)) uvmContext.adminManager().setSettings(adminsettings) # clear all report users settings = app.getSettings() settings["reportsUsers"]["list"] = settings["reportsUsers"]["list"][:1] app.setSettings(settings) # send emails subprocess.call([ global_functions.get_prefix() + "/usr/share/untangle/bin/reports-generate-fixed-reports.py" ], stdout=subprocess.PIPE, stderr=subprocess.PIPE) # look for email email_found = fetch_email("/tmp/test_100_email_report_admin_file", test_email_address) email_context_found1 = "" email_context_found2 = "" if email_found: email_context_found1 = remote_control.run_command( "grep -i -e 'Reports:.*Daily.*' /tmp/test_100_email_report_admin_file 2>&1", stdout=True) email_context_found2 = remote_control.run_command( "grep -i -e 'Content-Type: image/png; name=' /tmp/test_100_email_report_admin_file 2>&1", stdout=True) # restore uvmContext.adminManager().setSettings(orig_adminsettings) assert (email_found) assert ((email_context_found1) and (email_context_found2)) ## Verify that all images are intact. # copy mail from remote client subprocess.call( "scp -q -i %s testshell@%s:/tmp/test_100_email_report_admin_file /tmp/" % (remote_control.hostKeyFile, remote_control.clientIP), shell=True) fp = open("/tmp/test_100_email_report_admin_file") email_string = fp.read() fp.close() subprocess.call("rm /tmp/test_100_email_report_admin_file", shell=True) # Delete the first line as it is blank and throws off the parser email_string = '\n'.join(email_string.split('\n')[1:]) msg = email.message_from_string(email_string) mime_content_ids = [] parser = ContentIdParser() for part in msg.walk(): if part.get_content_maintype() == "image": for index, key in enumerate(part.keys()): if key == "Content-ID": mime_content_ids.append(part.values()[index]) elif part.get_content_maintype() == "text": parser.feed(part.get_payload(decode=True)) assert (len(parser.content_ids) == len(mime_content_ids))
def test_103_email_report_verify_apps(self): """ 1) Install all apps 2) Generate a report 3) Verify that the emailed report contains a section for each app """ global app,apps_list,apps_name_list if (not can_relay): raise unittest2.SkipTest('Unable to relay through ' + global_functions.testServerHost) if remote_control.quickTestsOnly: raise unittest2.SkipTest('Skipping a time consuming test') # create settings to receive test_email_address configure_mail_relay() # add administrator adminsettings = uvmContext.adminManager().getSettings() orig_adminsettings = copy.deepcopy(adminsettings) adminsettings['users']['list'].append(create_admin_user(useremail=test_email_address)) uvmContext.adminManager().setSettings(adminsettings) # clear all report users settings = app.getSettings() settings["reportsUsers"]["list"] = settings["reportsUsers"]["list"][:1] app.setSettings(settings) # install all the apps that aren't already installed system_stats = uvmContext.metricManager().getStats() # print system_stats system_memory = system_stats['systemStats']['MemTotal'] if (int(system_memory) < 2200000000): # don't use high memory apps in devices with 2G or less. apps_list = apps_list_short apps_name_list = apps_name_list_short apps = [] for name in apps_list: if (uvmContext.appManager().isInstantiated(name)): print("App %s already installed" % name) else: apps.append( uvmContext.appManager().instantiate(name, default_policy_id) ) # create some traffic result = remote_control.is_online(tries=1) # flush out events app.flushEvents() # send emails subprocess.call([global_functions.get_prefix()+"/usr/share/untangle/bin/reports-generate-fixed-reports.py"],stdout=subprocess.PIPE,stderr=subprocess.PIPE) # look for email email_found = fetch_email( "/tmp/test_103_email_report_admin_file", test_email_address ) # look for all the appropriate sections in the report email results = [] if email_found: for str in apps_name_list: results.append(remote_control.run_command("grep -q -i '%s' /tmp/test_103_email_report_admin_file 2>&1"%str)) # restore uvmContext.adminManager().setSettings(orig_adminsettings) # remove apps that were installed above for a in apps: uvmContext.appManager().destroy( a.getAppSettings()["id"] ) assert(email_found) for result in results: assert(result == 0)