def test_matching(self): """ Tests that attack sessions coming in quick succession are classified correctly. This test relates to issue #218 """ honeypot_id = 1 honeypot = Honeypot(id=honeypot_id) db_session = database_setup.get_session() db_session.add(honeypot) db_session.commit() raw_session_publisher = beeswarm.shared.zmq_context.socket(zmq.PUB) raw_session_publisher.bind(SocketNames.RAW_SESSIONS) # startup session database persistence_actor = SessionPersister(999, delay_seconds=2) persistence_actor.start() gevent.sleep(1) for x in xrange(0, 100): honeypot_session = HoneypotSession(source_ip='192.168.100.22', source_port=52311, protocol='pop3', users={}, destination_port=110) honeypot_session.try_auth('plaintext', username='******', password='******') honeypot_session.honeypot_id = honeypot_id raw_session_publisher.send('{0} {1} {2}'.format(Messages.SESSION_HONEYPOT, honeypot_id, json.dumps(honeypot_session.to_dict(), default=json_default, ensure_ascii=False))) gevent.sleep(5) sessions = db_session.query(Session).all() for session in sessions: self.assertEqual(session.classification_id, 'bruteforce') self.assertEqual(len(sessions), 100)