def test_icmp_block_single_port_outgoing(self): rules = Rules(block_single_port) binary_packet = BinaryPacket() binary_packet.icmp_type = 52 # The rule shouldn't apply here packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_icmp_packet(), geoDB=None) result = rules.result_for_pkt(packet) self.assertEqual(RULE_RESULT_PASS, result) binary_packet.icmp_type = 53 # The rule should apply here packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_icmp_packet(), geoDB=None) result = rules.result_for_pkt(packet) self.assertEqual(RULE_RESULT_DROP, result)
def test_icmp_block_port_range_outgoing(self): rules = Rules(block_port_range_rules) binary_packet = BinaryPacket() port_unblocked_range = range(0, 100) + range(201, 256) port_blocked_range = range(100, 201) for port in port_unblocked_range: binary_packet.icmp_type = port # The rule shouldn't apply here packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_icmp_packet(), geoDB=None) result = rules.result_for_pkt(packet) self.assertEqual(RULE_RESULT_PASS, result) for port in port_blocked_range: binary_packet.icmp_type = port # The rule should apply here packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_icmp_packet(), geoDB=None) result = rules.result_for_pkt(packet) self.assertEqual(RULE_RESULT_DROP, result)