Python Suricata Examples, suricata.models.Suricata Python Examples

Example #1

0

Show file

 def test_suricata(self):
     all_suricata = Suricata.get_all()
     suricata = Suricata.get_by_id(1)
     self.assertEqual(len(all_suricata), 1)
     self.assertEqual(suricata.name, "suricata1")
     self.assertEqual(str(suricata), "suricata1  test")
     suricata = Suricata.get_by_id(99)
     self.assertEqual(suricata, None)
     with self.assertRaises(IntegrityError):
         Suricata.objects.create(name="suricata1")

Example #2

0

Show file

 def test_ip_rep(self):
     all_ip_rep = IPReputation.get_all()
     ip_rep = IPReputation.get_by_id(1)
     self.assertEqual(len(all_ip_rep), 1)
     self.assertEqual(ip_rep.ip, "8.8.8.8")
     self.assertEqual(str(ip_rep), "8.8.8.8")
     with IPReputation.get_tmp_dir() as tmp_dir:
         self.assertEqual(IPReputation.store(tmp_dir),
                          tmp_dir + "reputation.list")
     self.assertEqual(str(IPReputation.get_by_ip('8.8.8.8')), '8.8.8.8')
     self.assertEqual(IPReputation.deploy(Suricata.get_by_id(1)),
                      {'status': True})
     IPReputation.import_from_csv(settings.BASE_DIR +
                                  '/suricata/tests/data/ip-rep.csv')
     self.assertEqual(str(IPReputation.get_by_ip('9.9.9.9')), '9.9.9.9')
     IPReputation.get_by_ip('9.9.9.9').delete()
     IPReputation.get_by_ip('1.2.3.4').delete()
     ip_rep = IPReputation.get_by_id(99)
     self.assertEqual(ip_rep, None)
     with self.assertRaises(IntegrityError):
         IPReputation.objects.create(
             ip="8.8.8.8",
             category=CategoryReputation.get_by_id(1),
             reputation_score=0)

Example #3

0

Show file

 def test_cat_rep(self):
     all_cat_rep = CategoryReputation.get_all()
     cat_rep = CategoryReputation.get_by_id(1)
     self.assertEqual(len(all_cat_rep), 1)
     self.assertEqual(cat_rep.short_name, "Google")
     self.assertEqual(str(cat_rep), "Google")
     with CategoryReputation.get_tmp_dir() as tmp_dir:
         self.assertEqual(CategoryReputation.store(tmp_dir),
                          tmp_dir + "categories.txt")
     self.assertEqual(str(CategoryReputation.get_by_short_name("Google")),
                      "Google")
     self.assertEqual(CategoryReputation.deploy(Suricata.get_by_id(1)),
                      {'status': True})
     CategoryReputation.import_from_csv(settings.BASE_DIR +
                                        '/suricata/tests/data/cat-rep.csv')
     self.assertEqual(str(CategoryReputation.get_by_short_name('Pam')),
                      'Pam')
     CategoryReputation.get_by_id(2).delete()
     CategoryReputation.get_by_id(3).delete()
     cat_rep = CategoryReputation.get_by_id(99)
     self.assertEqual(cat_rep, None)
     with self.assertRaises(IntegrityError):
         CategoryReputation.objects.create(short_name="Google",
                                           description="test")

Example #4

0

Show file

 def test_deploy_rules(self):
     suricata = Suricata.get_by_id(1)
     response = suricata.deploy_rules()
     self.assertTrue(response['status'])

Example #5

0

Show file

 def test_reload(self):
     suricata = Suricata.get_by_id(1)
     response = suricata.reload()
     self.assertTrue(response['status'])

Example #6

0

Show file

 def test_test(self):
     suricata = Suricata.get_by_id(1)
     response = suricata.server.test()
     self.assertTrue(response)
     response = suricata.server.test_become()
     self.assertTrue(response)

Example #7

0

Show file

File: test_tasks.py Project: uberkie/ProbeManager_Suricata

 def test_reload_probe(self):
     suricata = Suricata.get_by_id(1)
     response = reload_probe.delay(suricata.name)
     self.assertEqual(response.get()['message'],
                      'Probe suricata1 reloaded successfully')
     self.assertTrue(response.successful())

Example #8

0

Show file

File: test_tasks.py Project: uberkie/ProbeManager_Suricata

 def test_deploy_rules(self):
     suricata = Suricata.get_by_id(1)
     response = deploy_rules.delay(suricata.name)
     self.assertEquals(response.get()['message'],
                       'Probe suricata1 deployed rules successfully')
     self.assertTrue(response.successful())

Example #9

0

Show file

    def test_suricata(self):
        response = self.client.get('/api/v1/suricata/suricata/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data['count'], 1)

        data = {
            'name': 'test',
            'secure_deployment': True,
            'scheduled_rules_deployment_enabled': True,
            'scheduled_rules_deployment_crontab': 4,
            'scheduled_check_enabled': True,
            'scheduled_check_crontab': 3,
            'server': 1,
            'rulesets': [
                1,
            ],
            'configuration': 1,
            'installed': True
        }

        data_put = {
            'secure_deployment': True,
            'server': 1,
            'rulesets': [
                1,
            ],
            'configuration': 1,
            'installed': False
        }

        data_patch = {'installed': True}

        response = self.client.post('/api/v1/suricata/suricata/', data)
        self.assertEqual(response.status_code, status.HTTP_201_CREATED)

        response = self.client.post('/api/v1/suricata/suricata/',
                                    {'name': 'test'})
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

        response = self.client.get('/api/v1/suricata/suricata/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data['count'], 2)

        self.assertTrue(
            PeriodicTask.objects.get(name="test_deploy_rules_" +
                                     str(CrontabSchedule.objects.get(id=4))))
        self.assertTrue(PeriodicTask.objects.get(name="test_check_task"))

        response = self.client.put(
            '/api/v1/suricata/suricata/' +
            str(Suricata.get_by_name('test').id) + '/', data_put)
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertFalse(Suricata.get_by_name('test').installed)

        response = self.client.put(
            '/api/v1/suricata/suricata/' +
            str(Suricata.get_by_name('test').id) + '/', {'name': 'test'})
        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

        response = self.client.patch(
            '/api/v1/suricata/suricata/' +
            str(Suricata.get_by_name('test').id) + '/', data_patch)
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(Suricata.get_by_name('test').installed)

        response = self.client.patch(
            '/api/v1/suricata/suricata/' +
            str(Suricata.get_by_name('test').id) + '/',
            {'scheduled_rules_deployment_enabled': False})
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(
            Suricata.get_by_name('test').scheduled_rules_deployment_enabled)

        response = self.client.delete('/api/v1/suricata/suricata/' +
                                      str(Suricata.get_by_name('test').id) +
                                      '/')
        self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)

        response = self.client.get('/api/v1/suricata/suricata/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertEqual(response.data['count'], 1)

        with self.assertRaises(ObjectDoesNotExist):
            PeriodicTask.objects.get(name="test_deploy_rules_" +
                                     str(CrontabSchedule.objects.get(id=4)))
        with self.assertRaises(ObjectDoesNotExist):
            PeriodicTask.objects.get(name="test_check_task")

        response = self.client.get('/api/v1/suricata/suricata/1/test_rules/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

        response = self.client.get('/api/v1/suricata/suricata/1/start/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

        response = self.client.get('/api/v1/suricata/suricata/1/stop/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

        response = self.client.get('/api/v1/suricata/suricata/1/restart/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

        response = self.client.get('/api/v1/suricata/suricata/1/reload/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

        response = self.client.get('/api/v1/suricata/suricata/1/status/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

        response = self.client.get('/api/v1/suricata/suricata/1/uptime/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['uptime'])

        response = self.client.get('/api/v1/suricata/suricata/1/deploy_rules/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

        response = self.client.get('/api/v1/suricata/suricata/1/deploy_conf/')
        self.assertEqual(response.status_code, status.HTTP_200_OK)
        self.assertTrue(response.data['status'])

Example #10

0

Show file

File: test_views.py Project: uberkie/ProbeManager_Suricata

    def test_index(self):
        """
         Index Page for an instance of Suricata
        """
        suricata = Suricata.get_by_id(1)
        response = self.client.get('/suricata/' + str(suricata.id))
        self.assertEqual(response.status_code, 200)
        self.assertIn('<title>Suricata</title>', str(response.content))
        self.assertEqual('suricata/index.html', response.templates[0].name)
        self.assertIn('suricata', response.resolver_match.app_names)
        self.assertIn('function probe_index',
                      str(response.resolver_match.func))
        self.assertEqual(str(response.context['user']), 'testuser')
        with self.assertTemplateUsed('suricata/index.html'):
            self.client.get('/suricata/' + str(suricata.id))
        response = self.client.get('/suricata/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/stop/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('Probe stopped successfully', str(response.content))
        response = self.client.get('/suricata/stop/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/start/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('Probe started successfully', str(response.content))
        response = self.client.get('/suricata/start/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/status/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('get status successfully', str(response.content))
        response = self.client.get('/suricata/status/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/restart/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('Probe restarted successfully', str(response.content))
        response = self.client.get('/suricata/restart/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/reload/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('Probe reloaded successfully', str(response.content))
        response = self.client.get('/suricata/reload/99')
        self.assertEqual(response.status_code, 404)
        with open(settings.BASE_DIR + "/suricata/default-Suricata-conf.yaml",
                  encoding='utf_8') as f:
            CONF_FULL_DEFAULT = f.read()
        conftest = Configuration.objects.create(
            name='conftest',
            conf_rules_directory='/etc/suricata/rules',
            conf_iprep_directory='/etc/suricata/iprep',
            conf_lua_directory='/etc/suricata/lua-output',
            conf_file='/etc/suricata/suricata.yaml',
            conf_advanced=False,
            conf_advanced_text=CONF_FULL_DEFAULT,
            conf_HOME_NET="[192.168.0.0/24]",
            conf_EXTERNAL_NET="!$HOME_NET",
            conf_HTTP_SERVERS="$HOME_NET",
            conf_SMTP_SERVERS="$HOME_NET",
            conf_SQL_SERVERS="$HOME_NET",
            conf_DNS_SERVERS="$HOME_NET",
            conf_TELNET_SERVERS="$HOME_NET",
            conf_AIM_SERVERS="$EXTERNAL_NET",
            conf_DNP3_SERVER="$HOME_NET",
            conf_DNP3_CLIENT="$HOME_NET",
            conf_MODBUS_CLIENT="$HOME_NET",
            conf_MODBUS_SERVER="$HOME_NET",
            conf_ENIP_CLIENT="$HOME_NET",
            conf_ENIP_SERVER="$HOME_NET",
            conf_HTTP_PORTS="80",
            conf_SHELLCODE_PORTS="!80",
            conf_ORACLE_PORTS="1521",
            conf_SSH_PORTS="22",
            conf_DNP3_PORTS="20000",
            conf_MODBUS_PORTS="502",
            conf_stats=ValidationType.get_by_id(1),
            conf_afpacket_interface='eth0',
            conf_outputs_fast=ValidationType.get_by_id(1),
            conf_outputs_evelog=ValidationType.get_by_id(0),
            conf_outputs_evelog_alert_http=ValidationType.get_by_id(0),
            conf_outputs_evelog_alert_tls=ValidationType.get_by_id(0),
            conf_outputs_evelog_alert_ssh=ValidationType.get_by_id(0),
            conf_outputs_evelog_alert_smtp=ValidationType.get_by_id(0),
            conf_outputs_evelog_alert_dnp3=ValidationType.get_by_id(0),
            conf_outputs_evelog_alert_taggedpackets=ValidationType.get_by_id(
                0),
            conf_outputs_evelog_xff=ValidationType.get_by_id(0),
            conf_outputs_evelog_dns_query=ValidationType.get_by_id(0),
            conf_outputs_evelog_dns_answer=ValidationType.get_by_id(0),
            conf_outputs_evelog_http_extended=ValidationType.get_by_id(0),
            conf_outputs_evelog_tls_extended=ValidationType.get_by_id(0),
            conf_outputs_evelog_files_forcemagic=ValidationType.get_by_id(1),
            conf_outputs_unified2alert=ValidationType.get_by_id(1),
            conf_lua=ValidationType.get_by_id(1),
            conf_applayer_tls=AppLayerType.get_by_id(0),
            conf_applayer_dcerpc=AppLayerType.get_by_id(0),
            conf_applayer_ftp=AppLayerType.get_by_id(0),
            conf_applayer_ssh=AppLayerType.get_by_id(0),
            conf_applayer_smtp=AppLayerType.get_by_id(0),
            conf_applayer_imap=AppLayerType.get_by_id(1),
            conf_applayer_msn=AppLayerType.get_by_id(1),
            conf_applayer_smb=AppLayerType.get_by_id(0),
            conf_applayer_dns=AppLayerType.get_by_id(0),
            conf_applayer_http=AppLayerType.get_by_id(0))
        suricata.configuration = conftest
        suricata.save()
        response = self.client.get('/suricata/deploy-conf/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('Test configuration OK', str(response.content))
        self.assertIn('Deployed configuration successfully',
                      str(response.content))
        response = self.client.get('/suricata/deploy-conf/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/deploy-rules/' +
                                   str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('Deployed rules launched with succeed',
                      str(response.content))
        response = self.client.get('/suricata/deploy-rules/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/update/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('launched with succeed', str(response.content))
        response = self.client.get('/suricata/update/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/deploy-reputation-list/' +
                                   str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('launched with succeed', str(response.content))
        response = self.client.get('/suricata/deploy-reputation-list/99')
        self.assertEqual(response.status_code, 404)

        response = self.client.get('/suricata/install/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('launched with succeed', str(response.content))
        response = self.client.get('/suricata/install/99')
        self.assertEqual(response.status_code, 404)
        response = self.client.get('/suricata/update/' + str(suricata.id),
                                   follow=True)
        self.assertEqual(response.status_code, 200)
        self.assertIn('launched with succeed', str(response.content))
        response = self.client.get('/suricata/update/99')
        self.assertEqual(response.status_code, 404)