def testMatchTos(self):
print('Running Test Match TOS...')
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('tos', '--tos 0x10'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.specbits(), ['-m', 'tos', '--tos', '0x10', '-j', 'ACCEPT'])
print('...Done')
def testMatchMultiportDports(self):
print('Running Test Match Mulitport Dports...')
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('multiport', '--dports 20,21,22,80,25,1720'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.specbits(), ['-m', 'multiport', '--dports', '20,21,22,80,25,1720', '-j', 'ACCEPT'])
print('...Done')
def testMatchTcpNotFlags(self):
rule = Rule(protocol='tcp', jump='ACCEPT')
rule.matches.append(Match('tcp', '--tcp-flags ! ACK,SYN ACK'))
self.assertEqual(rule.specbits(), [
'-p', 'tcp', '-m', 'tcp', '--tcp-flags', '!', 'ACK,SYN', 'ACK',
'-j', 'ACCEPT'
])
def testMatchMultiportDports(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('multiport', '--dports 20,21,22,80,25,1720'))
self.assertEqual(rule.specbits(), [
'-m', 'multiport', '--dports', '20,21,22,80,25,1720', '-j',
'ACCEPT'
])
def testMatchTcpFlags(self):
print('Running Test Match TCP Flags...')
rule = Rule(protocol='tcp', jump='ACCEPT')
rule.matches.append(Match('tcp', '--tcp-flags ACK,SYN ACK'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.specbits(), ['-p', 'tcp', '-m', 'tcp', '--tcp-flags', 'ACK,SYN', 'ACK', '-j', 'ACCEPT'])
print('...Done')
def testMatchState(self):
print('Running Test Match State...')
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('state', '--state ESTABLISHED,RELATED'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.specbits(), ['-m', 'state', '--state', 'ESTABLISHED,RELATED', '-j', 'ACCEPT'])
print('...Done')
def testMatchTcpSport(self):
print('Running Test Match TCP SPort...')
rule = Rule(protocol='tcp', jump='ACCEPT')
rule.matches.append(Match('tcp', '--sport 1234'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.specbits(), ['-p', 'tcp', '-m', 'tcp', '--sport', '1234', '-j', 'ACCEPT'])
print('...Done')
def testMatchMark(self):
print('Running Test Match Mark...')
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('mark', '--mark 0x64'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.specbits(), ['-m', 'mark', '--mark', '0x64', '-j', 'ACCEPT'])
print('...Done')
def testInterfaces(self):
rule = Rule(in_interface="eth1", out_interface="eth2", jump="REJECT")
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, "eth1")
self.assertEqual(rule.out_interface, "eth2")
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, None)
self.assertEqual(rule.specbits(), ["-i", "eth1", "-o", "eth2", "-j", "REJECT"])
def testInterfaces(self):
rule = Rule(in_interface='eth1', out_interface='eth2', jump='REJECT')
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, 'eth1')
self.assertEqual(rule.out_interface, 'eth2')
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, None)
self.assertEqual(rule.specbits(),
['-i', 'eth1', '-o', 'eth2', '-j', 'REJECT'])
def testInterfacesNegated(self):
rule = Rule(in_interface='!eth1', out_interface='!eth2',
jump='REJECT')
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, '!eth1')
self.assertEqual(rule.out_interface, '!eth2')
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, None)
self.assertEqual(rule.specbits(), ['!', '-i', 'eth1', '!', '-o', 'eth2', '-j', 'REJECT'])
def testSourceDestinationProtocol(self):
rule = Rule(source="192.168.1.2", destination="192.168.1.3", protocol="tcp", jump="DROP")
self.assertEqual(rule.protocol, "tcp")
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, "192.168.1.2")
self.assertEqual(rule.destination, "192.168.1.3")
self.assertEqual(rule.jump.name(), "DROP")
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ["-p", "tcp", "-s", "192.168.1.2", "-d", "192.168.1.3", "-j", "DROP"])
def testDestination(self):
rule = Rule(destination="192.168.1.3", jump="REJECT")
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, "192.168.1.3")
self.assertEqual(rule.jump.name(), "REJECT")
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ["-d", "192.168.1.3", "-j", "REJECT"])
def testInit(self):
rule = Rule(jump=Target('ACCEPT'))
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, None)
self.assertEqual(rule.jump.name(), 'ACCEPT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['-j', 'ACCEPT'])
def testSourceNegated(self):
rule = Rule(source='! 192.168.1.2', jump='ACCEPT')
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, '! 192.168.1.2')
self.assertEqual(rule.destination, None)
self.assertEqual(rule.jump.name(), 'ACCEPT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['!', '-s', '192.168.1.2', '-j', 'ACCEPT'])
def testDestinationNegated(self):
rule = Rule(destination='! 192.168.1.3', jump='REJECT')
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, '! 192.168.1.3')
self.assertEqual(rule.jump.name(), 'REJECT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['!', '-d', '192.168.1.3', '-j', 'REJECT'])
def testSource(self):
rule = Rule(source="192.168.1.2", jump="ACCEPT")
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, "192.168.1.2")
self.assertEqual(rule.destination, None)
self.assertEqual(rule.jump.name(), "ACCEPT")
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ["-s", "192.168.1.2", "-j", "ACCEPT"])
def testInit(self):
rule = Rule(jump=Target('ACCEPT'))
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, None)
self.assertEqual(rule.jump.name(), 'ACCEPT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['-j', 'ACCEPT'])
def testSourceNegated(self):
rule = Rule(source='! 192.168.1.2', jump='ACCEPT')
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, '! 192.168.1.2')
self.assertEqual(rule.destination, None)
self.assertEqual(rule.jump.name(), 'ACCEPT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(),
['!', '-s', '192.168.1.2', '-j', 'ACCEPT'])
def testDestinationNegated(self):
rule = Rule(destination='! 192.168.1.3', jump='REJECT')
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, '! 192.168.1.3')
self.assertEqual(rule.jump.name(), 'REJECT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(),
['!', '-d', '192.168.1.3', '-j', 'REJECT'])
def testSourceDestinationProtocol(self):
rule = Rule(source='192.168.1.2', destination='192.168.1.3',
protocol='tcp', jump='DROP')
self.assertEqual(rule.protocol, 'tcp')
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, '192.168.1.2')
self.assertEqual(rule.destination, '192.168.1.3')
self.assertEqual(rule.jump.name(), 'DROP')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['-p', 'tcp', '-s', '192.168.1.2', '-d', '192.168.1.3', '-j', 'DROP'])
def testInterfacesNegated(self):
print('Running Test Interfaces Negated...')
rule = Rule(in_interface='!eth0', out_interface='!eth2',
jump='REJECT')
print('\tRule: ' + str(rule))
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, '!eth0')
self.assertEqual(rule.out_interface, '!eth2')
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, None)
self.assertEqual(rule.specbits(), ['!', '-i', 'eth0', '!', '-o', 'eth2', '-j', 'REJECT'])
print('...Done')
def testDestinationNegated(self):
print('Running Test Destination Negated...')
rule = Rule(destination='! 192.168.1.3', jump='REJECT')
print('\tRule: ' + str(rule))
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, '! 192.168.1.3')
self.assertEqual(rule.jump.name(), 'REJECT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['!', '-d', '192.168.1.3', '-j', 'REJECT'])
print('...Done')
def testSourceNegated(self):
print('Running Test Source Negated...')
rule = Rule(source='! 104.236.221.27', jump='ACCEPT')
print('\tRule: ' + str(rule))
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, '! 104.236.221.27')
self.assertEqual(rule.destination, None)
self.assertEqual(rule.jump.name(), 'ACCEPT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['!', '-s', '104.236.221.27', '-j', 'ACCEPT'])
print('...Done')
def testInit(self):
print('Rule Test Case Set:\nRunning Test Inital...')
rule = Rule(jump=Target('ACCEPT'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.protocol, None)
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, None)
self.assertEqual(rule.destination, None)
self.assertEqual(rule.jump.name(), 'ACCEPT')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['-j', 'ACCEPT'])
print('...Done')
def testSourceDestinationProtocol(self):
print('Running Test Source Destination Protocol...')
rule = Rule(source='104.236.221.27', destination='192.168.1.3',
protocol='tcp', jump='DROP')
print('\tRule: ' + str(rule))
self.assertEqual(rule.protocol, 'tcp')
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, '104.236.221.27')
self.assertEqual(rule.destination, '192.168.1.3')
self.assertEqual(rule.jump.name(), 'DROP')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), ['-p', 'tcp', '-s', '104.236.221.27', '-d', '192.168.1.3', '-j', 'DROP'])
print('...Done')
def testSourceDestinationProtocol(self):
rule = Rule(source='192.168.1.2',
destination='192.168.1.3',
protocol='tcp',
jump='DROP')
self.assertEqual(rule.protocol, 'tcp')
self.assertEqual(rule.in_interface, None)
self.assertEqual(rule.out_interface, None)
self.assertEqual(rule.source, '192.168.1.2')
self.assertEqual(rule.destination, '192.168.1.3')
self.assertEqual(rule.jump.name(), 'DROP')
self.assertEqual(rule.jump.options(), {})
self.assertEqual(rule.specbits(), [
'-p', 'tcp', '-s', '192.168.1.2', '-d', '192.168.1.3', '-j', 'DROP'
])
def testMatchTos(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('tos', '--tos 0x10'))
self.assertEqual(rule.specbits(), ['-m', 'tos', '--tos', '0x10', '-j', 'ACCEPT'])
def testMatchTcpSport(self):
rule = Rule(protocol='tcp', jump='ACCEPT')
rule.matches.append(Match('tcp', '--sport 1234'))
self.assertEqual(rule.specbits(), ['-p', 'tcp', '-m', 'tcp', '--sport', '1234', '-j', 'ACCEPT'])
def testMatchTcpNotFlags(self):
rule = Rule(protocol='tcp', jump='ACCEPT')
rule.matches.append(Match('tcp', '--tcp-flags ! ACK,SYN ACK'))
self.assertEqual(rule.specbits(), ['-p', 'tcp', '-m', 'tcp', '--tcp-flags', '!', 'ACK,SYN', 'ACK', '-j', 'ACCEPT'])
def testMatchState(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('state', '--state ESTABLISHED,RELATED'))
self.assertEqual(rule.specbits(), ['-m', 'state', '--state', 'ESTABLISHED,RELATED', '-j', 'ACCEPT'])
def testMatchMultiportDports(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('multiport', '--dports 20,21,22,80,25,1720'))
self.assertEqual(rule.specbits(), ['-m', 'multiport', '--dports', '20,21,22,80,25,1720', '-j', 'ACCEPT'])
def testMatchMark(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('mark', '--mark 0x64'))
self.assertEqual(rule.specbits(), ['-m', 'mark', '--mark', '0x64', '-j', 'ACCEPT'])
def testTargetLog(self):
rule = Rule(jump=Target('LOG', '--log-prefix "ICMP accepted : " --log-level 4'))
self.assertEqual(rule.specbits(), ['-j', 'LOG', '--log-level', '4', '--log-prefix', 'ICMP accepted : '])
def testTargetLog(self):
rule = Rule(jump=Target(
'LOG', '--log-prefix "ICMP accepted : " --log-level 4'))
self.assertEqual(rule.specbits(), [
'-j', 'LOG', '--log-level', '4', '--log-prefix', 'ICMP accepted : '
])
def testMatchState(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('state', '--state ESTABLISHED,RELATED'))
self.assertEqual(
rule.specbits(),
['-m', 'state', '--state', 'ESTABLISHED,RELATED', '-j', 'ACCEPT'])
def testMatchMark(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('mark', '--mark 0x64'))
self.assertEqual(rule.specbits(),
['-m', 'mark', '--mark', '0x64', '-j', 'ACCEPT'])
def testMatchTcpSport(self):
rule = Rule(protocol='tcp', jump='ACCEPT')
rule.matches.append(Match('tcp', '--sport 1234'))
self.assertEqual(
rule.specbits(),
['-p', 'tcp', '-m', 'tcp', '--sport', '1234', '-j', 'ACCEPT'])
def testMatchTos(self):
rule = Rule(jump='ACCEPT')
rule.matches.append(Match('tos', '--tos 0x10'))
self.assertEqual(rule.specbits(),
['-m', 'tos', '--tos', '0x10', '-j', 'ACCEPT'])
def testMatchTcpSport(self):
rule = Rule(protocol="tcp", jump="ACCEPT")
rule.matches.append(Match("tcp", "--sport 1234"))
self.assertEqual(rule.specbits(), ["-p", "tcp", "-m", "tcp", "--sport", "1234", "-j", "ACCEPT"])
def testMatchTos(self):
rule = Rule(jump="ACCEPT")
rule.matches.append(Match("tos", "--tos 0x10"))
self.assertEqual(rule.specbits(), ["-m", "tos", "--tos", "0x10", "-j", "ACCEPT"])
def testTargetLog(self):
print('Running Test Target Log...')
rule = Rule(jump=Target('LOG', '--log-prefix "ICMP accepted : " --log-level 4'))
print('\tRule: ' + str(rule))
self.assertEqual(rule.specbits(), ['-j', 'LOG', '--log-level', '4', '--log-prefix', 'ICMP accepted : '])
print('...Done')
