def test_example(self): # tests the ExitPolicy and MicroExitPolicy pydoc examples policy = ExitPolicy("accept *:80", "accept *:443", "reject *:*") self.assertEquals("accept *:80, accept *:443, reject *:*", str(policy)) self.assertEquals("accept 80, 443", policy.summary()) self.assertTrue(policy.can_exit_to("75.119.206.243", 80)) policy = MicroExitPolicy("accept 80,443") self.assertTrue(policy.can_exit_to("75.119.206.243", 80))
def test_example(self): # tests the ExitPolicy and MicroExitPolicy pydoc examples policy = ExitPolicy('accept *:80', 'accept *:443', 'reject *:*') self.assertEqual('accept *:80, accept *:443, reject *:*', str(policy)) self.assertEqual('accept 80, 443', policy.summary()) self.assertTrue(policy.can_exit_to('75.119.206.243', 80)) policy = MicroExitPolicy('accept 80,443') self.assertTrue(policy.can_exit_to('75.119.206.243', 80))
def test_can_exit_to_strictness(self): # Check our 'strict' argument. policy = ExitPolicy('reject 1.0.0.0/8:80', 'accept *:*') self.assertEqual(False, policy.can_exit_to(None, 80, strict = True)) # can't exit to *all* instances of port 80 self.assertEqual(True, policy.can_exit_to(None, 80, strict = False)) # can exit to *an* instance of port 80 policy = ExitPolicy('accept 1.0.0.0/8:80', 'reject *:*') self.assertEqual(False, policy.can_exit_to(None, 80, strict = True)) # can't exit to *all* instances of port 80 self.assertEqual(True, policy.can_exit_to(None, 80, strict = False)) # can exit to *an* instance of port 80
def test_can_exit_to(self): # Basic sanity test for our can_exit_to() method. Most of the interesting # use cases (ip masks, wildcards, etc) are covered by the ExitPolicyRule # tests. policy = ExitPolicy('accept *:80', 'accept *:443', 'reject *:*') for index in range(1, 100): ip_addr = '%i.%i.%i.%i' % (index / 2, index / 2, index / 2, index / 2) expected_result = index in (80, 443) self.assertEqual(expected_result, policy.can_exit_to(ip_addr, index)) self.assertEqual(expected_result, policy.can_exit_to(port = index))
def test_set_default_allowed(self): policy = ExitPolicy("reject *:80", "accept *:443") # our default for being allowed defaults to True self.assertFalse(policy.can_exit_to("75.119.206.243", 80)) self.assertTrue(policy.can_exit_to("75.119.206.243", 443)) self.assertTrue(policy.can_exit_to("75.119.206.243", 999)) policy._set_default_allowed(False) self.assertFalse(policy.can_exit_to("75.119.206.243", 80)) self.assertTrue(policy.can_exit_to("75.119.206.243", 443)) self.assertFalse(policy.can_exit_to("75.119.206.243", 999)) # Our is_exiting_allowed() is also influcenced by this flag if we lack any # 'accept' rules. policy = ExitPolicy() self.assertTrue(policy.is_exiting_allowed()) policy._set_default_allowed(False) self.assertFalse(policy.is_exiting_allowed())
def test_set_default_allowed(self): policy = ExitPolicy('reject *:80', 'accept *:443') # our default for being allowed defaults to True self.assertFalse(policy.can_exit_to("75.119.206.243", 80)) self.assertTrue(policy.can_exit_to("75.119.206.243", 443)) self.assertTrue(policy.can_exit_to("75.119.206.243", 999)) policy._set_default_allowed(False) self.assertFalse(policy.can_exit_to("75.119.206.243", 80)) self.assertTrue(policy.can_exit_to("75.119.206.243", 443)) self.assertFalse(policy.can_exit_to("75.119.206.243", 999)) # Our is_exiting_allowed() is also influcenced by this flag if we lack any # 'accept' rules. policy = ExitPolicy() self.assertTrue(policy.is_exiting_allowed()) policy._set_default_allowed(False) self.assertFalse(policy.is_exiting_allowed())
def test_pickleability(self): """ Checks that we can unpickle ExitPolicy instances. """ policy = ExitPolicy('accept *:80', 'accept *:443', 'reject *:*') self.assertTrue(policy.can_exit_to('74.125.28.106', 80)) encoded_policy = pickle.dumps(policy) restored_policy = pickle.loads(encoded_policy) self.assertEqual(policy, restored_policy) self.assertTrue(restored_policy.is_exiting_allowed()) self.assertTrue(restored_policy.can_exit_to('74.125.28.106', 80))