def test_020_severely_limited_tcp(self):
nuke_rules(self._app)
priority_level = 7
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed(
download_server=target_server)
# Create SRC_ADDR based rule to limit bandwidth
append_rule(
self._app,
create_single_condition_rule("SRC_ADDR", remote_control.client_ip,
"SET_PRIORITY", priority_level))
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed(
download_server=target_server)
print_results(wget_speed_pre, wget_speed_post, wget_speed_pre * 0.1,
wget_speed_pre * limited_acceptance_ratio)
assert ((wget_speed_post) and (wget_speed_post))
assert (wget_speed_pre * limited_acceptance_ratio > wget_speed_post)
events = global_functions.get_events('Bandwidth Control',
'Prioritized Sessions', None, 5)
assert (events != None)
found = global_functions.check_events(events.get('list'), 5,
"bandwidth_control_priority",
priority_level, "c_client_addr",
remote_control.client_ip)
assert (found)
def test_015_qos_nobpass_custom_rules_tcp(self):
nuke_rules(self._app)
priority_level = 7
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed()
# Create SRC_ADDR based custom Q0S rule to limit bypass QoS
netsettings = copy.deepcopy(orig_network_settings_with_qos)
netsettings['qosSettings']['qosRules']["list"].append(
create_qos_custom_rule("SRC_ADDR", remote_control.client_ip,
priority_level))
uvmContext.networkManager().setNetworkSettings(netsettings)
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed(
download_server=target_server)
# Restore original network settings
uvmContext.networkManager().setNetworkSettings(
orig_network_settings_with_qos)
# Because the session is NOT bypassed, the QoS rule should not take effect
print_results(wget_speed_pre, wget_speed_post, wget_speed_pre * 0.1,
wget_speed_pre * limited_acceptance_ratio)
assert ((wget_speed_pre) and (wget_speed_post))
assert (
not (wget_speed_pre * limited_acceptance_ratio > wget_speed_post))
def test_050_severely_limited_web_filter_flagged(self):
nuke_rules(self._app)
pre_count = global_functions.get_app_metric_value(
self._app, "prioritize")
priority_level = 7
# This test might need web filter for http to start
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed(
download_server=target_server)
# Create WEB_FILTER_FLAGGED based rule to limit bandwidth
append_rule(
self._app,
create_single_condition_rule("WEB_FILTER_FLAGGED", "true",
"SET_PRIORITY", priority_level))
# Test.untangle.com is listed as Software, Hardware in web filter. As of 1/2014 its in Technology
settingsWF = self._app_web_filter.getSettings()
i = 0
if target_server == global_functions.TEST_SERVER_HOST:
untangleCats = ["Computer,", "Security"]
else:
untangleCats = [
"Uncategorized",
]
for webCategories in settingsWF['categories']['list']:
if any(x in webCategories['name'] for x in untangleCats):
settingsWF['categories']['list'][i]['flagged'] = "true"
i += 1
self._app_web_filter.setSettings(settingsWF)
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed(
download_server=target_server)
print_results(wget_speed_pre, wget_speed_post, wget_speed_pre * 0.1,
wget_speed_pre * limited_acceptance_ratio)
assert ((wget_speed_post) and (wget_speed_post))
assert (wget_speed_pre * limited_acceptance_ratio > wget_speed_post)
events = global_functions.get_events('Bandwidth Control',
'Prioritized Sessions', None, 5)
assert (events != None)
found = global_functions.check_events(events.get('list'), 5,
"bandwidth_control_priority",
priority_level, "c_client_addr",
remote_control.client_ip)
assert (found)
# Check to see if the faceplate counters have incremented.
post_count = global_functions.get_app_metric_value(app, "prioritize")
assert (pre_count < post_count)
def test_060_host_quota(self):
if runtests.quick_tests_only:
raise unittest.SkipTest('Skipping a time consuming test')
global app
nuke_rules()
priority_level = 7 # Severely Limited
given_quota = 10000 # 10k
# Remove any existing quota
uvmContext.hostTable().removeQuota(remote_control.client_ip)
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed()
# Create rule to give quota
append_rule(create_quota_rule("HOST_HAS_NO_QUOTA","true","GIVE_HOST_QUOTA",given_quota))
# Create penalty for exceeding quota
append_rule(create_single_condition_rule("HOST_QUOTA_EXCEEDED","true","SET_PRIORITY",priority_level))
# Download the file so quota is exceeded
global_functions.get_download_speed(meg=1)
# quota accounting occurs every 60 seconds, so we must wait at least 60 seconds
time.sleep(60)
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed()
print_results( wget_speed_pre, wget_speed_post, wget_speed_pre*0.1, wget_speed_pre*limited_acceptance_ratio )
# Remove quota
uvmContext.hostTable().removeQuota(remote_control.client_ip)
assert ((wget_speed_post) and (wget_speed_post))
assert (wget_speed_pre * limited_acceptance_ratio > wget_speed_post)
events = global_functions.get_events('Bandwidth Control','Quota Events',None,5)
assert(events != None)
found = global_functions.check_events( events.get('list'), 5,
"action", 1, #quota given
"size", given_quota,
"entity", remote_control.client_ip)
assert(found)
found = global_functions.check_events( events.get('list'), 5,
"action", 2, #quota exceeded
"entity", remote_control.client_ip)
assert(found)
events = global_functions.get_events('Bandwidth Control','Prioritized Sessions',None,5)
assert(events != None)
found = global_functions.check_events( events.get('list'), 5,
"bandwidth_control_priority", priority_level,
"c_client_addr", remote_control.client_ip)
assert( found )
def initial_extra_setup(cls):
global orig_network_settings, orig_network_settings_with_qos, orig_network_settings_without_qos, pre_down_speed_kbit, wan_limit_kbit, wan_limit_mbit, target_server
settings = cls._app.getSettings()
settings["configured"] = True
cls._app.setSettings(settings)
cls._app.start()
cls._app_web_filter = uvmContext.appManager().instantiate(
cls.appNameWF(), 1)
if orig_network_settings == None:
orig_network_settings = uvmContext.networkManager(
).getNetworkSettings()
# disable QoS
netsettings = copy.deepcopy(orig_network_settings)
netsettings['qosSettings']['qosEnabled'] = False
uvmContext.networkManager().setNetworkSettings(netsettings)
# measure speed
localTargetResult = subprocess.call(["ping", "-c", "1", target_server],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
if (localTargetResult != 0):
# local bandwidth target server not available so use test.untangle.com
target_server = global_functions.TEST_SERVER_HOST
pre_down_speed_kbit = global_functions.get_download_speed(
download_server=target_server)
# calculate QoS limits
wan_limit_kbit = int((pre_down_speed_kbit * 8) * .9)
# set max to 100Mbit, so that other limiting factors dont interfere
if wan_limit_kbit > 100000: wan_limit_kbit = 100000
wan_limit_mbit = round(wan_limit_kbit / 1024, 2)
# turn on QoS and set wan speed limits
netsettings = copy.deepcopy(orig_network_settings)
netsettings['qosSettings']['qosEnabled'] = True
i = 0
for interface in netsettings['interfaces']['list']:
if interface['isWan']:
netsettings['interfaces']['list'][i][
'downloadBandwidthKbps'] = wan_limit_kbit
netsettings['interfaces']['list'][i][
'uploadBandwidthKbps'] = wan_limit_kbit
i += 1
netsettings['bypassRules']['list'] = []
netsettings['qosSettings']['qosRules']['list'] = []
# These store the "new" defaults with and without QoS
orig_network_settings_with_qos = copy.deepcopy(netsettings)
orig_network_settings_with_qos['qosSettings']['qosEnabled'] = True
orig_network_settings_without_qos = copy.deepcopy(netsettings)
orig_network_settings_without_qos['qosSettings']['qosEnabled'] = False
uvmContext.networkManager().setNetworkSettings(
orig_network_settings_with_qos)
def test_012_qos_limit(self):
global pre_down_speed_kbit, wan_limit_kbit
print("\nSetting WAN limit: %i Kbps" % (wan_limit_kbit))
post_down_speed_kbit = global_functions.get_download_speed()
# since the limit is 90% of first measure, check that second measure is less than first measure
assert (pre_down_speed_kbit > post_down_speed_kbit)
def initial_setup(self):
global app, app_web_filter, orig_network_settings, orig_network_settings_with_qos, orig_network_settings_without_qos, pre_down_speed_kbit, wan_limit_kbit, wan_limit_mbit
if (uvmContext.appManager().isInstantiated(self.module_name())):
raise Exception('app %s already instantiated' % self.module_name())
app = uvmContext.appManager().instantiate(self.module_name(),
default_policy_id)
settings = app.getSettings()
settings["configured"] = True
app.setSettings(settings)
app.start()
if (uvmContext.appManager().isInstantiated(self.appNameWF())):
raise Exception('app %s already instantiated' % self.appNameWF())
app_web_filter = uvmContext.appManager().instantiate(
self.appNameWF(), default_policy_id)
if orig_network_settings == None:
orig_network_settings = uvmContext.networkManager(
).getNetworkSettings()
# disable QoS
netsettings = copy.deepcopy(orig_network_settings)
netsettings['qosSettings']['qosEnabled'] = False
uvmContext.networkManager().setNetworkSettings(netsettings)
# measure speed
pre_down_speed_kbit = global_functions.get_download_speed(
download_server="test.untangle.com")
# calculate QoS limits
wan_limit_kbit = int((pre_down_speed_kbit * 8) * .9)
# set max to 100Mbit, so that other limiting factors dont interfere
if wan_limit_kbit > 100000: wan_limit_kbit = 100000
wan_limit_mbit = round(wan_limit_kbit / 1024, 2)
# turn on QoS and set wan speed limits
netsettings = copy.deepcopy(orig_network_settings)
netsettings['qosSettings']['qosEnabled'] = True
i = 0
for interface in netsettings['interfaces']['list']:
if interface['isWan']:
netsettings['interfaces']['list'][i][
'downloadBandwidthKbps'] = wan_limit_kbit
netsettings['interfaces']['list'][i][
'uploadBandwidthKbps'] = wan_limit_kbit
i += 1
netsettings['bypassRules']['list'] = []
netsettings['qosSettings']['qosRules']['list'] = []
# These store the "new" defaults with and without QoS
orig_network_settings_with_qos = copy.deepcopy(netsettings)
orig_network_settings_with_qos['qosSettings']['qosEnabled'] = True
orig_network_settings_without_qos = copy.deepcopy(netsettings)
orig_network_settings_without_qos['qosSettings']['qosEnabled'] = False
uvmContext.networkManager().setNetworkSettings(
orig_network_settings_with_qos)
def test_050_severely_limited_web_filter_flagged(self):
global app, app_web_filter
nuke_rules()
pre_count = global_functions.get_app_metric_value(app,"prioritize")
priority_level = 7
# This test might need web filter for http to start
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed(download_server="test.untangle.com")
# Create WEB_FILTER_FLAGGED based rule to limit bandwidth
append_rule(create_single_condition_rule("WEB_FILTER_FLAGGED","true","SET_PRIORITY",priority_level))
# Test.untangle.com is listed as Software, Hardware in web filter. As of 1/2014 its in Technology
settingsWF = app_web_filter.getSettings()
i = 0
untangleCats = ["Computer,", "Security"]
for webCategories in settingsWF['categories']['list']:
if any(x in webCategories['name'] for x in untangleCats):
settingsWF['categories']['list'][i]['flagged'] = "true"
i += 1
app_web_filter.setSettings(settingsWF)
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed(download_server="test.untangle.com")
print_results( wget_speed_pre, wget_speed_post, wget_speed_pre*0.1, wget_speed_pre*limited_acceptance_ratio )
assert ((wget_speed_post) and (wget_speed_post))
assert (wget_speed_pre * limited_acceptance_ratio > wget_speed_post)
events = global_functions.get_events('Bandwidth Control','Prioritized Sessions',None,5)
assert(events != None)
found = global_functions.check_events( events.get('list'), 5,
"bandwidth_control_priority", priority_level,
"c_client_addr", remote_control.client_ip)
assert( found )
# Check to see if the faceplate counters have incremented.
post_count = global_functions.get_app_metric_value(app,"prioritize")
assert(pre_count < post_count)
def test_013_qos_bypass_custom_rules_tcp(self):
global app
nuke_rules()
priority_level = 7
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed()
# Create SRC_ADDR based custom Q0S rule to limit bypass QoS
netsettings = copy.deepcopy( orig_network_settings_with_qos )
netsettings['qosSettings']['qosRules']["list"].append( create_qos_custom_rule("SRC_ADDR",remote_control.client_ip,priority_level) )
netsettings['bypassRules']['list'].append( create_bypass_condition_rule("SRC_ADDR",remote_control.client_ip) )
uvmContext.networkManager().setNetworkSettings( netsettings )
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed()
# Restore original network settings
uvmContext.networkManager().setNetworkSettings( orig_network_settings_with_qos )
print_results( wget_speed_pre, wget_speed_post, wget_speed_pre*0.1, wget_speed_pre*limited_acceptance_ratio )
assert ((wget_speed_pre) and (wget_speed_post))
assert (wget_speed_pre * limited_acceptance_ratio > wget_speed_post)
def test_020_severely_limited_tcp(self):
global app
nuke_rules()
priority_level = 7
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed()
# Create SRC_ADDR based rule to limit bandwidth
append_rule(create_single_condition_rule("SRC_ADDR",remote_control.client_ip,"SET_PRIORITY",priority_level))
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed()
print_results( wget_speed_pre, wget_speed_post, wget_speed_pre*0.1, wget_speed_pre*limited_acceptance_ratio )
assert ((wget_speed_post) and (wget_speed_post))
assert (wget_speed_pre * limited_acceptance_ratio > wget_speed_post)
events = global_functions.get_events('Bandwidth Control','Prioritized Sessions',None,5)
assert(events != None)
found = global_functions.check_events( events.get('list'), 5,
"bandwidth_control_priority", priority_level,
"c_client_addr", remote_control.client_ip)
assert( found )
def initial_setup(self):
global app, app_web_filter, orig_network_settings, orig_network_settings_with_qos, orig_network_settings_without_qos, pre_down_speed_kbit, wan_limit_kbit, wan_limit_mbit
if (uvmContext.appManager().isInstantiated(self.module_name())):
raise Exception('app %s already instantiated' % self.module_name())
app = uvmContext.appManager().instantiate(self.module_name(), default_policy_id)
settings = app.getSettings()
settings["configured"] = True
app.setSettings(settings)
app.start()
if (uvmContext.appManager().isInstantiated(self.appNameWF())):
raise Exception('app %s already instantiated' % self.appNameWF())
app_web_filter = uvmContext.appManager().instantiate(self.appNameWF(), default_policy_id)
if orig_network_settings == None:
orig_network_settings = uvmContext.networkManager().getNetworkSettings()
# disable QoS
netsettings = copy.deepcopy( orig_network_settings )
netsettings['qosSettings']['qosEnabled'] = False
uvmContext.networkManager().setNetworkSettings( netsettings )
# measure speed
pre_down_speed_kbit = global_functions.get_download_speed(download_server="test.untangle.com")
# calculate QoS limits
wan_limit_kbit = int((pre_down_speed_kbit*8) * .9)
# set max to 100Mbit, so that other limiting factors dont interfere
if wan_limit_kbit > 100000: wan_limit_kbit = 100000
wan_limit_mbit = round(wan_limit_kbit/1024,2)
# turn on QoS and set wan speed limits
netsettings = copy.deepcopy( orig_network_settings )
netsettings['qosSettings']['qosEnabled'] = True
i = 0
for interface in netsettings['interfaces']['list']:
if interface['isWan']:
netsettings['interfaces']['list'][i]['downloadBandwidthKbps']=wan_limit_kbit
netsettings['interfaces']['list'][i]['uploadBandwidthKbps']=wan_limit_kbit
i += 1
netsettings['bypassRules']['list'] = []
netsettings['qosSettings']['qosRules']['list'] = []
# These store the "new" defaults with and without QoS
orig_network_settings_with_qos = copy.deepcopy( netsettings )
orig_network_settings_with_qos['qosSettings']['qosEnabled'] = True
orig_network_settings_without_qos = copy.deepcopy( netsettings )
orig_network_settings_without_qos['qosSettings']['qosEnabled'] = False
uvmContext.networkManager().setNetworkSettings(orig_network_settings_with_qos)
def test_061_user_quota(self):
if runtests.quick_tests_only:
raise unittest.SkipTest('Skipping a time consuming test')
global app
nuke_rules(self._app)
priority_level = 7 # Severely Limited
given_quota = 10000 # 10k
# Set this host's username
username = remote_control.run_command("hostname -s", stdout=True)
entry = uvmContext.hostTable().getHostTableEntry(
remote_control.client_ip)
entry['usernameDirectoryConnector'] = username
uvmContext.hostTable().setHostTableEntry(remote_control.client_ip,
entry)
# Remove any existing quota
uvmContext.userTable().removeQuota(username)
# Record average speed without bandwidth control configured
wget_speed_pre = global_functions.get_download_speed(
download_server=target_server)
# Create rule to give quota
append_rule(
self._app,
create_quota_rule("USER_HAS_NO_QUOTA", "true", "GIVE_USER_QUOTA",
given_quota))
# Create penalty for exceeding quota
append_rule(
self._app,
create_single_condition_rule("USER_QUOTA_EXCEEDED", "true",
"SET_PRIORITY", priority_level))
# Download the file so quota is exceeded
global_functions.get_download_speed(download_server=target_server,
meg=1)
# quota accounting occurs every 60 seconds, so we must wait at least 60 seconds
time.sleep(60)
# Download file and record the average speed in which the file was download
wget_speed_post = global_functions.get_download_speed(
download_server=target_server)
print_results(wget_speed_pre, wget_speed_post, wget_speed_pre * 0.1,
wget_speed_pre * limited_acceptance_ratio)
# Remove quota
uvmContext.userTable().removeQuota(username)
# Blank username
entry['usernameDirectoryConnector'] = None
uvmContext.hostTable().setHostTableEntry(remote_control.client_ip,
entry)
assert ((wget_speed_post) and (wget_speed_post))
assert (wget_speed_pre * limited_acceptance_ratio > wget_speed_post)
events = global_functions.get_events('Bandwidth Control',
'Quota Events', None, 5)
assert (events != None)
found = global_functions.check_events(
events.get('list'),
5,
"action",
1, #quota given
"size",
given_quota,
"entity",
username)
assert (found)
found = global_functions.check_events(
events.get('list'),
5,
"action",
2, #quota exceeded
"entity",
username)
assert (found)
events = global_functions.get_events('Bandwidth Control',
'Prioritized Sessions', None, 5)
assert (events != None)
found = global_functions.check_events(events.get('list'), 5,
"bandwidth_control_priority",
priority_level, "c_client_addr",
remote_control.client_ip)
assert (found)
