def initial_setup(self):
global indexOfWans, appData, app, orig_netsettings
orig_netsettings = uvmContext.networkManager().getNetworkSettings()
if (uvmContext.appManager().isInstantiated(self.module_name())):
raise Exception('app %s already instantiated' % self.module_name())
app = uvmContext.appManager().instantiate(self.module_name(), default_policy_id)
app.start()
appData = app.getSettings()
indexOfWans = global_functions.get_wan_tuples()
def test_051_intfDst(self):
rules_clear()
# check if a multi-wan box.
indexOfWans = global_functions.get_wan_tuples()
if (len(indexOfWans) < 2):
rule_append( create_rule_single_condition( "DST_INTF", remote_control.interface_external ) )
else:
for wanIndexTup in indexOfWans:
wanIndex = wanIndexTup[0]
rule_append( create_rule_single_condition( "DST_INTF", wanIndex ) )
result = remote_control.run_command("wget -q -O /dev/null -t 1 --timeout=3 http://test.untangle.com/")
assert (result != 0)
def initial_extra_setup(cls):
global index_of_wans, app_data, app_wan_failover, app_data_wan_failover, orig_netsettings, ip_address_testdestination
app_data = cls._app.getSettings()
if (uvmContext.appManager().isInstantiated(cls.appNameWanFailover())):
raise Exception('app %s already instantiated' % cls.appNameWanFailover())
app_wan_failover = uvmContext.appManager().instantiate(cls.appNameWanFailover(), default_policy_id)
app_wan_failover.start()
app_wan_failoverData = app_wan_failover.getSettings()
index_of_wans = global_functions.get_wan_tuples()
orig_netsettings = uvmContext.networkManager().getNetworkSettings()
ip_address_testdestination = socket.gethostbyname("test.untangle.com")
def test_053_intfCommas(self):
rules_clear()
# check if a multi-wan box.
indexOfWans = global_functions.get_wan_tuples()
if (len(indexOfWans) < 2):
rule_append( create_rule_single_condition( "DST_INTF", "99," + str(remote_control.interface_external) + ", 100" ) )
else:
interfaces_str = "99"
for wanIndexTup in indexOfWans:
interfaces_str += "," + str(wanIndexTup[0])
interfaces_str += ",100"
rule_append( create_rule_single_condition( "DST_INTF", interfaces_str ) )
result = remote_control.run_command("wget -q -O /dev/null -t 1 --timeout=3 http://test.untangle.com/")
assert (result != 0)
def test_80_OpenVPNTunnelVPNConflict(self):
"""test conflict of OpenVPN and TunnelVPN when 'boundInterfaceId' is set to the first wan IP"""
global tunnelApp
vpn_tunnel_file = "http://10.111.56.29/openvpn-ats-test-tunnelvpn-config.zip"
index_of_wans = global_functions.get_wan_tuples()
if index_of_wans == []:
raise unittest.SkipTest("No static or auto WAN")
# print(index_of_wans[0])
def create_tunnel_rule(vpn_enabled=True,vpn_ipv6=True,rule_id=50,vpn_tunnel_id=200):
return {
"conditions": {
"javaClass": "java.util.LinkedList",
"list": []
},
"description": "Route all traffic over any available Tunnel.",
"enabled": vpn_enabled,
"ipv6Enabled": vpn_ipv6,
"javaClass": "com.untangle.app.tunnel_vpn.TunnelVpnRule",
"ruleId": rule_id,
"tunnelId": vpn_tunnel_id
}
def create_tunnel_profile(vpn_enabled=True,provider="tunnel-Untangle",vpn_tunnel_id=200):
return {
"allTraffic": False,
"enabled": vpn_enabled,
"javaClass": "com.untangle.app.tunnel_vpn.TunnelVpnTunnelSettings",
"name": "tunnel-Untangle",
"provider": "Untangle",
"tags": {
"javaClass": "java.util.LinkedList",
"list": []
},
"tunnelId": vpn_tunnel_id,
"boundInterfaceId": index_of_wans[0][0]
}
#set up OpenVPN server
appData = app.getSettings()
appData["serverEnabled"]=True
siteName = appData['siteName']
appData['exports']['list'].append(create_export("192.0.2.0/24")) # append in case using LXC
appData['remoteClients']['list'][:] = []
appData['remoteClients']['list'].append(setUpClient())
app.setSettings(appData)
# install TunnelVPN
tunnelAppName = "tunnel-vpn"
if (uvmContext.appManager().isInstantiated(tunnelAppName)):
print('app %s already instantiated' % tunnelAppName)
tunnelApp = uvmContext.appManager().app(tunnelAppName)
else:
tunnelApp = uvmContext.appManager().instantiate(tunnelAppName, default_policy_id)
tunnelApp.start()
#set up TunnelVPN
result = subprocess.call("wget -o /dev/null -t 1 --timeout=3 " + vpn_tunnel_file + " -O /tmp/config.zip", shell=True)
if (result != 0):
raise unittest.SkipTest("Unable to download VPN file: " + vpn_tunnel_file)
currentWanIP = remote_control.run_command("wget --timeout=4 -q -O - \"$@\" test.untangle.com/cgi-bin/myipaddress.py",stdout=True)
if (currentWanIP == ""):
raise unittest.SkipTest("Unable to get WAN IP")
# print("Original WAN IP: " + currentWanIP)
tunnelApp.importTunnelConfig("/tmp/config.zip", "Untangle", 200)
tunnelAppData = tunnelApp.getSettings()
tunnelAppData['rules']['list'].append(create_tunnel_rule())
tunnelAppData['tunnels']['list'].append(create_tunnel_profile())
tunnelApp.setSettings(tunnelAppData)
# wait for vpn tunnel to form
timeout = 240
connected = False
connectStatus = ""
newWanIP = currentWanIP
while (not connected and timeout > 0):
listOfConnections = tunnelApp.getTunnelStatusList()
connectStatus = listOfConnections['list'][0]['stateInfo']
if (connectStatus == "CONNECTED"):
newWanIP = remote_control.run_command("wget --timeout=4 -q -O - \"$@\" test.untangle.com/cgi-bin/myipaddress.py",stdout=True)
if (currentWanIP != newWanIP):
connected = True
else:
time.sleep(1)
timeout-=1
else:
time.sleep(1)
timeout-=1
# disable the added tunnel
tunnelAppData['rules']['list'][:] = []
for i in range(len(tunnelAppData['tunnels']['list'])):
tunnelAppData['tunnels']['list'][i]['enabled'] = False
print(tunnelAppData['tunnels']['list'][i]['enabled'])
tunnelApp.setSettings(tunnelAppData)
#stop tunnel here
time.sleep(3)
tunnelApp.stop()
# If VPN tunnel has failed to connect, fail the test,
assert(connected)
def initial_extra_setup(cls):
global indexOfWans, appData, orig_netsettings
orig_netsettings = uvmContext.networkManager().getNetworkSettings()
appData = cls._app.getSettings()
indexOfWans = global_functions.get_wan_tuples()
def test_80_OpenVPNTunnelVPNConflict(self):
"""test conflict of OpenVPN and TunnelVPN when 'boundInterfaceId' is set to the first wan IP"""
global tunnelApp
vpn_tunnel_file = "http://10.111.56.29/openvpn-ats-test-tunnelvpn-config.zip"
index_of_wans = global_functions.get_wan_tuples()
if index_of_wans == []:
raise unittest.SkipTest("No static or auto WAN")
# print(index_of_wans[0])
def create_tunnel_rule(vpn_enabled=True,
vpn_ipv6=True,
rule_id=50,
vpn_tunnel_id=200):
return {
"conditions": {
"javaClass": "java.util.LinkedList",
"list": []
},
"description": "Route all traffic over any available Tunnel.",
"enabled": vpn_enabled,
"ipv6Enabled": vpn_ipv6,
"javaClass": "com.untangle.app.tunnel_vpn.TunnelVpnRule",
"ruleId": rule_id,
"tunnelId": vpn_tunnel_id
}
def create_tunnel_profile(vpn_enabled=True,
provider="tunnel-Untangle",
vpn_tunnel_id=200):
return {
"allTraffic": False,
"enabled": vpn_enabled,
"javaClass":
"com.untangle.app.tunnel_vpn.TunnelVpnTunnelSettings",
"name": "tunnel-Untangle",
"provider": "Untangle",
"tags": {
"javaClass": "java.util.LinkedList",
"list": []
},
"tunnelId": vpn_tunnel_id,
"boundInterfaceId": index_of_wans[0][0]
}
#set up OpenVPN server
appData = app.getSettings()
appData["serverEnabled"] = True
siteName = appData['siteName']
appData['exports']['list'].append(
create_export("192.0.2.0/24")) # append in case using LXC
appData['remoteClients']['list'][:] = []
appData['remoteClients']['list'].append(setUpClient())
app.setSettings(appData)
# install TunnelVPN
tunnelAppName = "tunnel-vpn"
if (uvmContext.appManager().isInstantiated(tunnelAppName)):
print('app %s already instantiated' % tunnelAppName)
tunnelApp = uvmContext.appManager().app(tunnelAppName)
else:
tunnelApp = uvmContext.appManager().instantiate(
tunnelAppName, default_policy_id)
tunnelApp.start()
#set up TunnelVPN
result = subprocess.call("wget -o /dev/null -t 1 --timeout=3 " +
vpn_tunnel_file + " -O /tmp/config.zip",
shell=True)
if (result != 0):
raise unittest.SkipTest("Unable to download VPN file: " +
vpn_tunnel_file)
currentWanIP = remote_control.run_command(
"wget --timeout=4 -q -O - \"$@\" test.untangle.com/cgi-bin/myipaddress.py",
stdout=True)
if (currentWanIP == ""):
raise unittest.SkipTest("Unable to get WAN IP")
# print("Original WAN IP: " + currentWanIP)
tunnelApp.importTunnelConfig("/tmp/config.zip", "Untangle", 200)
tunnelAppData = tunnelApp.getSettings()
tunnelAppData['rules']['list'].append(create_tunnel_rule())
tunnelAppData['tunnels']['list'].append(create_tunnel_profile())
tunnelApp.setSettings(tunnelAppData)
# wait for vpn tunnel to form
timeout = 240
connected = False
connectStatus = ""
newWanIP = currentWanIP
while (not connected and timeout > 0):
listOfConnections = tunnelApp.getTunnelStatusList()
connectStatus = listOfConnections['list'][0]['stateInfo']
if (connectStatus == "CONNECTED"):
newWanIP = remote_control.run_command(
"wget --timeout=4 -q -O - \"$@\" test.untangle.com/cgi-bin/myipaddress.py",
stdout=True)
if (currentWanIP != newWanIP):
connected = True
else:
time.sleep(1)
timeout -= 1
else:
time.sleep(1)
timeout -= 1
# disable the added tunnel
tunnelAppData['rules']['list'][:] = []
for i in range(len(tunnelAppData['tunnels']['list'])):
tunnelAppData['tunnels']['list'][i]['enabled'] = False
print(tunnelAppData['tunnels']['list'][i]['enabled'])
tunnelApp.setSettings(tunnelAppData)
#stop tunnel here
time.sleep(3)
tunnelApp.stop()
# If VPN tunnel has failed to connect, fail the test,
assert (connected)