Esempi in Python per combine

Esempio n. 1

File: test_combine_process.py Progetto: Chonghao/build-fwunit

def test_multiple_matches():
    lga_rules = {'app': [
        Rule(ipset('1.1.1.1'), ipset('2.0.0.0/8'), 'app', 'one'),
        Rule(ipset('1.1.1.2'), ipset('2.0.0.0/8'), 'app', 'two'),
        Rule(ipset('1.1.1.3'), ipset('2.0.0.0/8'), 'app', 'three'),
    ]}
    ord_rules = {'app': [
        Rule(ipset('1.0.0.0/8'), ipset('2.7.8.8'), 'app', 'eight'),
        Rule(ipset('1.0.0.0/8'), ipset('2.7.8.9'), 'app', 'nine'),
    ]}
    address_spaces = {
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(sorted(result['app']), sorted([
            # takes the intersection of all rules:
            Rule(src=ipset('1.1.1.1'), dst=ipset('2.7.8.8'), app='app', name='eight+one'),
            Rule(src=ipset('1.1.1.1'), dst=ipset('2.7.8.9'), app='app', name='nine+one'),
            Rule(src=ipset('1.1.1.2'), dst=ipset('2.7.8.8'), app='app', name='eight+two'),
            Rule(src=ipset('1.1.1.2'), dst=ipset('2.7.8.9'), app='app', name='nine+two'),
            Rule(src=ipset('1.1.1.3'), dst=ipset('2.7.8.8'), app='app', name='eight+three'),
            Rule(src=ipset('1.1.1.3'), dst=ipset('2.7.8.9'), app='app', name='nine+three')
        ]))

Esempio n. 2

File: test_combine_process.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_overlapping_rules():
    lga_rules = {
        'app': [
            Rule(ipset('1.1.0.0/16'), ipset('2.0.0.0/8'), 'app', 'lga'),
        ]
    }
    ord_rules = {
        'app': [
            Rule(ipset('1.0.0.0/8'), ipset('2.1.0.0/16'), 'app', 'ord'),
        ]
    }
    address_spaces = {
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}

    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(
            result,
            {
                'app': [
                    # takes the intersection of both rules:
                    Rule(ipset('1.1.0.0/16'), ipset('2.1.0.0/16'), 'app',
                         'lga+ord'),
                ]
            })

Esempio n. 3

File: test_combine_process.py Progetto: Chonghao/build-fwunit

def test_limited_by_space():
    lax_rules = {'app': [
    ]}
    lga_rules = {'app': [
        # /7 covers both lax and lga
        Rule(ipset('0.0.0.0/7'), ipset('2.0.0.0/8'), 'app', 'lga'),
    ]}
    ord_rules = {'app': [
        Rule(ipset('0.0.0.0/7'), ipset('2.0.0.0/8'), 'app', 'ord'),
    ]}
    address_spaces = {
        'lax': ipset('0.0.0.0/8'),
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    routes = {
        ('lax', 'lax'): ['fw1.lax'],
        ('lax', 'lga'): ['fw1.lga', 'fw1.lax'],
        ('lax', 'ord'): ['fw1.ord', 'fw1.lax'],
        ('lga', 'lax'): ['fw1.lax', 'fw1.lga'],
        ('lga', 'lga'): ['fw1.lga'],
        ('lga', 'ord'): ['fw1.ord', 'fw1.lga'],
        ('ord', 'lax'): ['fw1.ord', 'fw1.lax'],
        ('ord', 'lga'): ['fw1.ord', 'fw1.lga'],
        ('ord', 'ord'): ['fw1.ord'],
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules, 'fw1.lax': lax_rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(result, {'app': [
            # only lga's address space is allowed
            Rule(ipset('1.0.0.0/8'), ipset('2.0.0.0/8'), 'app', 'lga+ord'),
        ]})

Esempio n. 4

File: test_combine_process.py Progetto: Chonghao/build-fwunit

def test_one_address_space():
    rules = {'app': [
        Rule(ipset('1.2.3.4'), ipset('1.7.7.7'), 'app', 'p2p'),
        Rule(ipset('1.2.5.0/24'), ipset('1.7.7.7'), 'app', 'net'),
    ]}
    with no_simplify():
        result = process.combine(
            {'nyc': ipset('1.0.0.0/8')},
            {('nyc', 'nyc'): ['fw1.nyc']},
            {'fw1.nyc': rules})
        eq_(sorted(result), sorted(rules))

Esempio n. 5

File: test_combine.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_combine():
    address_spaces = {
        'ten':
        ipset('10.0.0.0/8'),
        'twenty':
        ipset('20.0.0.0/8'),
        'unmanaged':
        ipset('0.0.0.0/0') - ipset('10.0.0.0/8') - ipset('20.0.0.0/8'),
    }
    routes = {
        ('ten', 'ten'): ['fw1.ten'],
        ('ten', 'twenty'): ['fw1.ten', 'fw1.twenty'],
        ('ten', 'unmanaged'): ['fw1.ten'],
        ('twenty', 'ten'): ['fw1.ten', 'fw1.twenty'],
        ('twenty', 'twenty'): ['fw1.twenty'],
        ('twenty', 'unmanaged'): ['fw1.twenty'],
        ('unmanaged', 'ten'): ['fw1.ten'],
        ('unmanaged', 'twenty'): ['fw1.twenty'],
        ('unmanaged', 'unmanaged'): [],
    }
    sources = {
        'fw1.ten': RULES_10,
        'fw1.twenty': RULES_20,
    }
    res = process.combine(address_spaces, routes, sources)
    res['http'].sort()
    eq_(
        res,
        {
            'http':
            sorted([
                Rule(src=ipset('10.10.0.0/16'),
                     dst=ipset('10.20.0.0/16', '30.20.0.0/16'),
                     app='http',
                     name='10->10+10->30'),
                Rule(src=ipset('20.10.0.0/16'),
                     dst=ipset('20.20.0.0/16', '30.20.0.0/16'),
                     app='http',
                     name='20->20+20->30'),
                Rule(src=ipset('30.10.0.0/16'),
                     dst=ipset('10.20.0.0/16', '20.20.0.0/16'),
                     app='http',
                     name='30->10+30->20'),
                # note that only the intersection of these flows makes it through
                Rule(src=ipset('10.20.0.0/16'),
                     dst=ipset('20.20.0.0/16'),
                     app='http',
                     name='10->20'),
                Rule(src=ipset('20.20.0.0/16'),
                     dst=ipset('10.20.0.0/16'),
                     app='http',
                     name='20->10'),
            ]),
        })

Esempio n. 6

File: test_combine_process.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_one_address_space():
    rules = {
        'app': [
            Rule(ipset('1.2.3.4'), ipset('1.7.7.7'), 'app', 'p2p'),
            Rule(ipset('1.2.5.0/24'), ipset('1.7.7.7'), 'app', 'net'),
        ]
    }
    with no_simplify():
        result = process.combine({'nyc': ipset('1.0.0.0/8')},
                                 {('nyc', 'nyc'): ['fw1.nyc']},
                                 {'fw1.nyc': rules})
        eq_(sorted(result), sorted(rules))

Esempio n. 7

File: test_combine_process.py Progetto: Chonghao/build-fwunit

def test_identical_rules():
    rules = {'app': [
        Rule(ipset('2.7.7.0/24'), ipset('1.7.7.0/24'), 'app', 'lga-ord'),
    ]}
    address_spaces = {
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    sources = {'fw1.ord': rules, 'fw1.lga': rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(result, rules)

Esempio n. 8

File: test_combine_process.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_multiple_matches():
    lga_rules = {
        'app': [
            Rule(ipset('1.1.1.1'), ipset('2.0.0.0/8'), 'app', 'one'),
            Rule(ipset('1.1.1.2'), ipset('2.0.0.0/8'), 'app', 'two'),
            Rule(ipset('1.1.1.3'), ipset('2.0.0.0/8'), 'app', 'three'),
        ]
    }
    ord_rules = {
        'app': [
            Rule(ipset('1.0.0.0/8'), ipset('2.7.8.8'), 'app', 'eight'),
            Rule(ipset('1.0.0.0/8'), ipset('2.7.8.9'), 'app', 'nine'),
        ]
    }
    address_spaces = {
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(
            sorted(result['app']),
            sorted([
                # takes the intersection of all rules:
                Rule(src=ipset('1.1.1.1'),
                     dst=ipset('2.7.8.8'),
                     app='app',
                     name='eight+one'),
                Rule(src=ipset('1.1.1.1'),
                     dst=ipset('2.7.8.9'),
                     app='app',
                     name='nine+one'),
                Rule(src=ipset('1.1.1.2'),
                     dst=ipset('2.7.8.8'),
                     app='app',
                     name='eight+two'),
                Rule(src=ipset('1.1.1.2'),
                     dst=ipset('2.7.8.9'),
                     app='app',
                     name='nine+two'),
                Rule(src=ipset('1.1.1.3'),
                     dst=ipset('2.7.8.8'),
                     app='app',
                     name='eight+three'),
                Rule(src=ipset('1.1.1.3'),
                     dst=ipset('2.7.8.9'),
                     app='app',
                     name='nine+three')
            ]))

Esempio n. 9

File: test_combine_process.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_identical_rules():
    rules = {
        'app': [
            Rule(ipset('2.7.7.0/24'), ipset('1.7.7.0/24'), 'app', 'lga-ord'),
        ]
    }
    address_spaces = {
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    sources = {'fw1.ord': rules, 'fw1.lga': rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(result, rules)

Esempio n. 10

File: test_combine_process.py Progetto: Chonghao/build-fwunit

def test_other_app():
    ord_rules = {
        'ordonly': [
            Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), 'ordonly', 'ordonly'),
        ],
        'inboth': [
            Rule(ipset('1.1.8.8'), ipset('1.1.9.9'), 'inboth', 'inboth_ord'),
        ],
        '@@other': [
            Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), '@@other', 'ordother'),
        ],
    }
    lga_rules = {
        'lgaonly': [
            Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), 'lgaonly', 'lgaonly'),
        ],
        'inboth': [
            Rule(ipset('65.1.8.8'), ipset('65.1.9.9'), 'inboth', 'inboth_lga'),
        ],
        '@@other': [
            Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), '@@other', 'lgaother'),
        ],
    }
    address_spaces = {
        'ord': ipset('0.0.0.0/2'),
        'lga': ipset('64.0.0.0/2'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        for apprules in result.itervalues():
            apprules.sort()
        eq_(result, {
            'ordonly': sorted([
                Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), 'ordonly', 'ordonly'),
                Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), 'ordonly', 'lgaother'),
            ]),
            'lgaonly': sorted([
                Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), 'lgaonly', 'lgaonly'),
                Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), 'lgaonly', 'ordother'),
            ]),
            'inboth': sorted([
                Rule(ipset('1.1.8.8'), ipset('1.1.9.9'), 'inboth', 'inboth_ord'),
                Rule(ipset('65.1.8.8'), ipset('65.1.9.9'), 'inboth', 'inboth_lga'),
            ]),
            '@@other': sorted([
                Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), '@@other', 'ordother'),
                Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), '@@other', 'lgaother'),
            ]),
        })

Esempio n. 11

File: test_combine_process.py Progetto: Chonghao/build-fwunit

def test_nonoverlapping_rules():
    lga_rules = {'app': [
        Rule(ipset('1.2.5.0/24'), ipset('2.2.5.0/24'), 'app', 'lga'),
    ]}
    ord_rules = {'app': [
        Rule(ipset('2.7.7.0/24'), ipset('1.7.7.0/24'), 'app', 'ord'),
    ]}
    address_spaces = {
        'ord': ipset('2.0.0.0/8'),
        'lga': ipset('1.0.0.0/8'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(result, {})

Esempio n. 12

File: test_combine_process.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_limited_by_space():
    lax_rules = {'app': []}
    lga_rules = {
        'app': [
            # /7 covers both lax and lga
            Rule(ipset('0.0.0.0/7'), ipset('2.0.0.0/8'), 'app', 'lga'),
        ]
    }
    ord_rules = {
        'app': [
            Rule(ipset('0.0.0.0/7'), ipset('2.0.0.0/8'), 'app', 'ord'),
        ]
    }
    address_spaces = {
        'lax': ipset('0.0.0.0/8'),
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    routes = {
        ('lax', 'lax'): ['fw1.lax'],
        ('lax', 'lga'): ['fw1.lga', 'fw1.lax'],
        ('lax', 'ord'): ['fw1.ord', 'fw1.lax'],
        ('lga', 'lax'): ['fw1.lax', 'fw1.lga'],
        ('lga', 'lga'): ['fw1.lga'],
        ('lga', 'ord'): ['fw1.ord', 'fw1.lga'],
        ('ord', 'lax'): ['fw1.ord', 'fw1.lax'],
        ('ord', 'lga'): ['fw1.ord', 'fw1.lga'],
        ('ord', 'ord'): ['fw1.ord'],
    }
    sources = {
        'fw1.ord': ord_rules,
        'fw1.lga': lga_rules,
        'fw1.lax': lax_rules
    }
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(
            result,
            {
                'app': [
                    # only lga's address space is allowed
                    Rule(ipset('1.0.0.0/8'), ipset('2.0.0.0/8'), 'app',
                         'lga+ord'),
                ]
            })

Esempio n. 13

File: test_combine_process.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_nonoverlapping_rules():
    lga_rules = {
        'app': [
            Rule(ipset('1.2.5.0/24'), ipset('2.2.5.0/24'), 'app', 'lga'),
        ]
    }
    ord_rules = {
        'app': [
            Rule(ipset('2.7.7.0/24'), ipset('1.7.7.0/24'), 'app', 'ord'),
        ]
    }
    address_spaces = {
        'ord': ipset('2.0.0.0/8'),
        'lga': ipset('1.0.0.0/8'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(result, {})

Esempio n. 14

File: test_combine_process.py Progetto: Chonghao/build-fwunit

def test_overlapping_rules():
    lga_rules = {'app': [
        Rule(ipset('1.1.0.0/16'), ipset('2.0.0.0/8'), 'app', 'lga'),
    ]}
    ord_rules = {'app': [
        Rule(ipset('1.0.0.0/8'), ipset('2.1.0.0/16'), 'app', 'ord'),
    ]}
    address_spaces = {
        'lga': ipset('1.0.0.0/8'),
        'ord': ipset('2.0.0.0/8'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}

    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        eq_(result, {'app': [
            # takes the intersection of both rules:
            Rule(ipset('1.1.0.0/16'), ipset('2.1.0.0/16'), 'app', 'lga+ord'),
        ]})

Esempio n. 15

File: test_combine.py Progetto: Chonghao/build-fwunit

def test_combine():
    address_spaces = {
        'ten': ipset('10.0.0.0/8'),
        'twenty': ipset('20.0.0.0/8'),
        'unmanaged': ipset('0.0.0.0/0') - ipset('10.0.0.0/8') - ipset('20.0.0.0/8'),
    }
    routes = {
        ('ten', 'ten'): ['fw1.ten'],
        ('ten', 'twenty'): ['fw1.ten', 'fw1.twenty'],
        ('ten', 'unmanaged'): ['fw1.ten'],
        ('twenty', 'ten'): ['fw1.ten', 'fw1.twenty'],
        ('twenty', 'twenty'): ['fw1.twenty'],
        ('twenty', 'unmanaged'): ['fw1.twenty'],
        ('unmanaged', 'ten'): ['fw1.ten'],
        ('unmanaged', 'twenty'): ['fw1.twenty'],
        ('unmanaged', 'unmanaged'): [],
    }
    sources = {
        'fw1.ten': RULES_10,
        'fw1.twenty': RULES_20,
    }
    res = process.combine(address_spaces, routes, sources)
    res['http'].sort()
    eq_(res, {
        'http': sorted([
            Rule(src=ipset('10.10.0.0/16'), dst=ipset('10.20.0.0/16', '30.20.0.0/16'),
                 app='http', name='10->10+10->30'), 
            Rule(src=ipset('20.10.0.0/16'), dst=ipset('20.20.0.0/16', '30.20.0.0/16'),
                 app='http', name='20->20+20->30'), 
            Rule(src=ipset('30.10.0.0/16'), dst=ipset('10.20.0.0/16', '20.20.0.0/16'),
                 app='http', name='30->10+30->20'),
            # note that only the intersection of these flows makes it through
            Rule(src=ipset('10.20.0.0/16'), dst=ipset('20.20.0.0/16'),
                 app='http', name='10->20'), 
            Rule(src=ipset('20.20.0.0/16'), dst=ipset('10.20.0.0/16'),
                 app='http', name='20->10'), 
        ]),
    })

Esempio n. 16

File: test_combine_process.py Progetto: Mozilla-GitHub-Standards/8452a6bfb814a61489ef97f2d7722c76a97d67cdf49a71b5477816b9766d9871

def test_other_app():
    ord_rules = {
        'ordonly': [
            Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), 'ordonly', 'ordonly'),
        ],
        'inboth': [
            Rule(ipset('1.1.8.8'), ipset('1.1.9.9'), 'inboth', 'inboth_ord'),
        ],
        '@@other': [
            Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), '@@other', 'ordother'),
        ],
    }
    lga_rules = {
        'lgaonly': [
            Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), 'lgaonly', 'lgaonly'),
        ],
        'inboth': [
            Rule(ipset('65.1.8.8'), ipset('65.1.9.9'), 'inboth', 'inboth_lga'),
        ],
        '@@other': [
            Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), '@@other', 'lgaother'),
        ],
    }
    address_spaces = {
        'ord': ipset('0.0.0.0/2'),
        'lga': ipset('64.0.0.0/2'),
    }
    sources = {'fw1.ord': ord_rules, 'fw1.lga': lga_rules}
    with no_simplify():
        result = process.combine(address_spaces, routes, sources)
        for apprules in result.itervalues():
            apprules.sort()
        eq_(
            result, {
                'ordonly':
                sorted([
                    Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), 'ordonly',
                         'ordonly'),
                    Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), 'ordonly',
                         'lgaother'),
                ]),
                'lgaonly':
                sorted([
                    Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), 'lgaonly',
                         'lgaonly'),
                    Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), 'lgaonly',
                         'ordother'),
                ]),
                'inboth':
                sorted([
                    Rule(ipset('1.1.8.8'), ipset('1.1.9.9'), 'inboth',
                         'inboth_ord'),
                    Rule(ipset('65.1.8.8'), ipset('65.1.9.9'), 'inboth',
                         'inboth_lga'),
                ]),
                '@@other':
                sorted([
                    Rule(ipset('1.1.0.0'), ipset('1.1.9.9'), '@@other',
                         'ordother'),
                    Rule(ipset('65.1.0.0'), ipset('65.1.9.9'), '@@other',
                         'lgaother'),
                ]),
            })