def testServerClientRule(self):
lines = self._load('data/testServerClientRules.txt')
processor.parse(lines, self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = self._query(
"""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level"""
)[0]
self.assertEquals(
rule[0],
'jumpgate1.event.dreamhack.se',
"Wrong source host")
self.assertEquals(
rule[1],
'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[2], 'event', "Wrong flow")
self.assertEquals(
rule[3],
'2022/tcp',
"Wrong destination port/protocol")
def testPackagesLogic(self):
processor.parse(self._load('data/testParsePackages.txt'), self.c)
packages.build(
self._load_YAML('data/manifest.yml')['packages'], self.c)
pack = self._query('SELECT * FROM package')
expected = ((1, 'dns', 'last'), (2, 'dhssh', 'test'),
(2, 'dns', '(test)'), (2, 'dns', 'last'),
(2, 'ldapclient', None), (2, 'syslogclient', None),
(3, 'dns', 'last'), (5, 'dhssh', 'test'), (5, 'tac', 'a'),
(5, 'tac', 'b'), (6, 'dhssh', 'test'), (6, 'dns', None),
(6, 'wwwpub', None), (8, 'dhssh',
'test'), (8, 'syslogclient', None),
(8, 'tac', None), (9, 'dhssh', 'test'), (9, 'syslogclient',
None),
(10, 'dhssh', 'test'), (10, 'ldapclient',
None), (10, 'syslogclient', None),
(11, 'dhssh', 'test'), (11, 'syslogclient',
None), (15, 'switch', None))
self.assertEquals(
len(pack), len(expected),
"Wrong number of packages in database: got %d, expected %d" %
(len(pack), len(expected)))
for i, (node_id, package, option) in enumerate(expected):
self.assertEquals(pack[i].node_id, node_id)
self.assertEquals(pack[i].name, package)
self.assertEquals(pack[i].option, option)
def testParseMasterNetwork(self):
processor.parse(self._load('data/testParseMasterNetwork.txt'), self.c)
networks = self._query('SELECT * FROM network')
self.assertEquals(len(networks), 1, "Missing master network")
self.assertEquals(networks[0].node_id, 1, "Wrong node id")
self.assertEquals(networks[0].name, 'EVENT@DREAMHACK',
"Wrong network name")
def testParseNetworkAndHost(self):
processor.parse(self._load('data/testParseNetworkAndHost.txt'), self.c)
self.assertEquals(
self._query('SELECT COUNT(*) as nbr_of_nodes FROM node')[0][0], 2,
"Wrong number of nodes")
host = self._query('SELECT * FROM host')[0]
self.assertEquals(host.node_id, 2, "Wrong node id")
self.assertEquals(host.name, 'ddns1.event.dreamhack.se',
"Wrong hostname")
self.assertEquals(host.ipv4_addr, 1297147849, "Wrong IPv4 long")
self.assertEquals(host.ipv4_addr_txt, '77.80.231.201',
"Wrong IPv4 address")
self.assertEquals(host.ipv6_addr_txt, '2001:67c:24d8:921::201',
"Wrong IPv6 address")
self.assertEquals(host.network_id, 1, "Wrong network id")
options = self._query('SELECT * FROM option')
self.assertEquals(len(options), 16, "Wrong number of options")
correct_options = set(
['ipv4f', 'ipv4r', 'ipv6f', 'ipv6f', 'p', 's', 'c', 'othernet'])
parsed_options = set([str(o[2]) for o in options])
self.assertEquals(len(correct_options.union(parsed_options)), 8,
"Missing or additional options")
def testServerClientRuleNat(self):
lines = self._load('data/testServerClientRulesNat.txt')
processor.parse(lines, self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 3, "Wrong number of firewall rules")
non_nat_rule1, nat_rule, non_nat_rule2 = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level""")
self.assertEquals(non_nat_rule1[0], 'jumpgate1.event.dreamhack.se',
"Wrong source host")
self.assertEquals(non_nat_rule1[1], 'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(non_nat_rule1[2], 'event', "Wrong flow")
self.assertEquals(non_nat_rule1[3], '2022/tcp',
"Wrong destination port/protocol")
self.assertEquals(nat_rule[0], 'nat.event.dreamhack.se',
"Wrong source host")
self.assertEquals(nat_rule[1], 'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(nat_rule[2], 'event', "Wrong flow")
self.assertEquals(nat_rule[3], '2022/tcp',
"Wrong destination port/protocol")
self.assertEquals(non_nat_rule2[0], 'jumpgate2.event.dreamhack.se',
"Wrong source host")
self.assertEquals(non_nat_rule2[1], 'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(non_nat_rule2[2], 'event', "Wrong flow")
self.assertEquals(non_nat_rule2[3], '2022/tcp',
"Wrong destination port/protocol")
def testSwitchLocationWithMixedLayout(self):
seatmap = self._load_JSON("data/seatsB19_C19.json")
processor.parse(self._load("data/testTableB19_C19.txt"), self.c)
location.add_coordinates(seatmap, self.c)
switches = self._query("SELECT * FROM switch_coordinates")
self.assertEquals(len(switches), 5, "Wrong number of switches in database")
self.assertEquals(switches[0].name, "c19-a.event.dreamhack.local", "Wrong switch name")
self.assertEquals(switches[0].x, 4, "Wrong x coordinate")
self.assertEquals(switches[0].y, 129.66666666666666, "Wrong y coordinate")
self.assertEquals(switches[0].table_name, "C19", "Wrong table name")
self.assertEquals(switches[1].name, "c19-b.event.dreamhack.local", "Wrong switch name")
self.assertEquals(switches[1].x, 4, "Wrong x coordinate")
self.assertEquals(switches[1].y, 77, "Wrong y coordinate")
self.assertEquals(switches[1].table_name, "C19", "Wrong table name")
self.assertEquals(switches[2].name, "c19-c.event.dreamhack.local", "Wrong switch name")
self.assertEquals(switches[2].x, 4, "Wrong x coordinate")
self.assertEquals(switches[2].y, 24.333333333333332, "Wrong y coordinate")
self.assertEquals(switches[2].table_name, "C19", "Wrong table name")
self.assertEquals(switches[3].name, "b19-a.event.dreamhack.local", "Wrong switch name")
self.assertEquals(switches[3].x, 118.5, "Wrong x coordinate")
self.assertEquals(switches[3].y, 4, "Wrong y coordinate")
self.assertEquals(switches[3].table_name, "B19", "Wrong table name")
self.assertEquals(switches[4].name, "b19-b.event.dreamhack.local", "Wrong switch name")
self.assertEquals(switches[4].x, 39.5, "Wrong x coordinate")
self.assertEquals(switches[4].y, 4, "Wrong y coordinate")
self.assertEquals(switches[4].table_name, "B19", "Wrong table name")
def testParseMasterNetwork(self):
processor.parse(self._load('data/testParseMasterNetwork.txt'), self.c)
networks = self._query('SELECT * FROM network')
self.assertEquals(len(networks), 1, "Missing master network")
self.assertEquals(networks[0].node_id, 1, "Wrong node id")
self.assertEquals(networks[0].name, 'EVENT@DREAMHACK',
"Wrong network name")
def testParseNetworkAndHostNoVlan(self):
processor.parse(
self._load('data/testParseNetworkAndHostNoVlan.txt'), self.c)
host = self._query('SELECT * FROM host')[0]
self.assertEquals(host.ipv4_addr, 1297147849, "Wrong IPv4 long")
self.assertEquals(host.ipv4_addr_txt, '77.80.231.201', "Wrong IPv4 address")
self.assertEquals(host.ipv6_addr_txt, None, "Has an IPv6 address")
self.assertEquals(host.network_id, 1, "Wrong network id")
def testParseNetworkAndHostNoVlan(self):
processor.parse(
self._load('data/testParseNetworkAndHostNoVlan.txt'), self.c)
host = self._query('SELECT * FROM host')[0]
self.assertEquals(host.ipv4_addr, 1297147849, "Wrong IPv4 long")
self.assertEquals(host.ipv4_addr_txt, '77.80.231.201', "Wrong IPv4 address")
self.assertEquals(host.ipv6_addr_txt, None, "Has an IPv6 address")
self.assertEquals(host.network_id, 1, "Wrong network id")
def setUp(self):
super(TestFirewall, self).setUp()
manifest = self._load_YAML('data/manifest.yml')
self.packages = manifest['packages']
networks.add_all(self.c)
processor.parse(self._load('data/masterNetwork.txt'), self.c)
firewall.add_services(manifest['services'], self.c)
firewall.add_flows(manifest['flows'], self.c)
firewall.add_flows([x.lower() for x in processor.get_domains()], self.c)
def setUp(self):
super(TestFirewall, self).setUp()
manifest = self._load_YAML('data/manifest.yml')
self.packages = manifest['packages']
networks.add_all(self.c)
processor.parse(self._load('data/masterNetwork.txt'), self.c)
firewall.add_services(manifest['services'], self.c)
firewall.add_flows(manifest['flows'], self.c)
firewall.add_flows([x.lower() for x in processor.get_domains()],
self.c)
def testWorldRule(self):
processor.parse(self._load('data/testWorldRule.txt'), self.c)
firewall.build(self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level""")[0]
self.assertEquals(rule[0], 'ANY', "Wrong source host")
self.assertEquals(rule[1], 'www.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[2], 'event', "Wrong flow")
self.assertEquals(rule[3], '80/tcp', "Wrong destination port/protocol")
def testAddCoordinates(self):
seatmap = self._load_JSON("data/seatsB19.json")
processor.parse(self._load('data/testTableB19.txt'), self.c)
location.add_coordinates(seatmap, self.c)
tables = self._query('SELECT * FROM table_coordinates')
self.assertEquals(len(tables), 1, "Wrong number of tables in database")
self.assertEquals(tables[0].name, "B19", "Wrong table name")
self.assertEquals(tables[0].hall, "B", "Wrong hall name")
self.assertEquals(tables[0].x2, 0, "Wrong x2 coordinate")
self.assertEquals(tables[0].y1, 8, "Wrong y1 coordinate")
self.assertEquals(tables[0].y2, 0, "Wrong y2 coordinate")
self.assertEquals(tables[0].x_start, 0, "Wrong x_start coordinate")
self.assertEquals(tables[0].y_start, 0, "Wrong y_start coordinate")
self.assertEquals(tables[0].width, 152, "Wrong width")
self.assertEquals(tables[0].height, 8, "Wrong height")
self.assertEquals(tables[0].horizontal, 1, "Wrong horizontal flag")
def testLocalRule(self):
processor.parse(self._load('data/testLocalRule.txt'), self.c)
firewall.build(self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = rules[0]
self.assertEquals(rule[0], 1, "Wrong rule id")
self.assertEquals(rule[2], 'EVENT@TECH-SRV-6-JUMPNET',
"Wrong source host")
self.assertEquals(rule[3], '77.80.231.128/28',
"Wrong source IPv4 address")
self.assertEquals(rule[5], 'speedtest1mgmt.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[11], '69/udp',
"Wrong destination port/protocol")
def testSwitchLocationWithMixedLayout(self):
seatmap = self._load_JSON("data/seatsB19_C19.json")
processor.parse(self._load('data/testTableB19_C19.txt'), self.c)
location.add_coordinates(seatmap, self.c)
switches = self._query('SELECT * FROM switch_coordinates')
self.assertEquals(len(switches), 5, "Wrong number of switches in database")
self.assertEquals(
switches[0].name,
"c19-a.event.dreamhack.local",
"Wrong switch name")
self.assertEquals(switches[0].x, -2, "Wrong x coordinate")
self.assertEquals(switches[0].y, 24, "Wrong y coordinate")
self.assertEquals(switches[0].table_name, "C19", "Wrong table name")
self.assertEquals(
switches[1].name,
"c19-b.event.dreamhack.local",
"Wrong switch name")
self.assertEquals(switches[1].x, -2, "Wrong x coordinate")
self.assertEquals(switches[1].y, 78, "Wrong y coordinate")
self.assertEquals(switches[1].table_name, "C19", "Wrong table name")
self.assertEquals(
switches[2].name,
"c19-c.event.dreamhack.local",
"Wrong switch name")
self.assertEquals(switches[2].x, -2, "Wrong x coordinate")
self.assertEquals(switches[2].y, 130, "Wrong y coordinate")
self.assertEquals(switches[2].table_name, "C19", "Wrong table name")
self.assertEquals(
switches[3].name,
"b19-a.event.dreamhack.local",
"Wrong switch name")
self.assertEquals(switches[3].x, 40, "Wrong x coordinate")
self.assertEquals(switches[3].y, -4, "Wrong y coordinate")
self.assertEquals(switches[3].table_name, "B19", "Wrong table name")
self.assertEquals(
switches[4].name,
"b19-b.event.dreamhack.local",
"Wrong switch name")
self.assertEquals(switches[4].x, 118, "Wrong x coordinate")
self.assertEquals(switches[4].y, -4, "Wrong y coordinate")
self.assertEquals(switches[4].table_name, "B19", "Wrong table name")
def testSwitchLocation(self):
seatmap = self._load_JSON("data/seatsB19.json")
processor.parse(self._load('data/testTableB19.txt'), self.c)
location.add_coordinates(seatmap, self.c)
switches = self._query('SELECT * FROM switch_coordinates')
self.assertEquals(len(switches), 2,
"Wrong number of switches in database")
self.assertEquals(switches[0].name, "b19-a.event.dreamhack.local",
"Wrong switch name")
self.assertEquals(switches[0].x, 118.5, "Wrong x coordinate")
self.assertEquals(switches[0].y, 4, "Wrong y coordinate")
self.assertEquals(switches[0].table_name, "B19", "Wrong table name")
self.assertEquals(switches[1].name, "b19-b.event.dreamhack.local",
"Wrong switch name")
self.assertEquals(switches[1].x, 39.5, "Wrong x coordinate")
self.assertEquals(switches[1].y, 4, "Wrong y coordinate")
self.assertEquals(switches[1].table_name, "B19", "Wrong table name")
def testPublicRule(self):
processor.parse(self._load('data/testPublicRule.txt'), self.c)
firewall.build(self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 8, "Wrong number of firewall rules")
rules = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM
firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'""")
self.assertEquals(len(rules), 2, "Wrong number of firewall rules")
rule = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'
AND service_dst_ports = '123/udp,123/tcp'""")
self.assertEquals(len(rule), 1, "Wrong number of firewall rules")
def testServerClientRule(self):
lines = self._load('data/testServerClientRules.txt')
processor.parse(lines, self.c)
firewall.build(self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
# TODO(bluecmd) Forgive nl for I have sinned.
# Write unit tests for pkg=
rule = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level""")[0]
self.assertEquals(rule[0], 'jumpgate1.event.dreamhack.se',
"Wrong source host")
self.assertEquals(rule[1], 'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[2], 'event', "Wrong flow")
self.assertEquals(rule[3], '2022/tcp',
"Wrong destination port/protocol")
def testWorldRule(self):
processor.parse(self._load('data/testWorldRule.txt'), self.c)
firewall.build(self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = self._query(
"""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level"""
)[0]
self.assertEquals(rule[0], 'ANY', "Wrong source host")
self.assertEquals(
rule[1],
'www.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[2], 'event', "Wrong flow")
self.assertEquals(
rule[3],
'80/tcp',
"Wrong destination port/protocol")
def testLocalRule(self):
processor.parse(self._load('data/testLocalRule.txt'), self.c)
firewall.build(self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = rules[0]
self.assertEquals(rule[0], 1, "Wrong rule id")
self.assertEquals(rule[2], 'EVENT@TECH-SRV-6-JUMPNET',
"Wrong source host")
self.assertEquals(
rule[3],
'77.80.231.128/28',
"Wrong source IPv4 address")
self.assertEquals(
rule[5],
'speedtest1mgmt.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(
rule[11],
'69/udp',
"Wrong destination port/protocol")
def testParseNetworkAndHost(self):
processor.parse(self._load('data/testParseNetworkAndHost.txt'), self.c)
self.assertEquals(
self._query('SELECT COUNT(*) as nbr_of_nodes FROM node')[0][0],
2,
"Wrong number of nodes")
host = self._query('SELECT * FROM host')[0]
self.assertEquals(host.node_id, 2, "Wrong node id")
self.assertEquals(
host.name,
'ddns1.event.dreamhack.se',
"Wrong hostname")
self.assertEquals(host.ipv4_addr, 1297147849, "Wrong IPv4 long")
self.assertEquals(host.ipv4_addr_txt, '77.80.231.201', "Wrong IPv4 address")
self.assertEquals(
host.ipv6_addr_txt,
'2001:67c:24d8:921::201',
"Wrong IPv6 address")
self.assertEquals(host.network_id, 1, "Wrong network id")
options = self._query('SELECT * FROM option')
self.assertEquals(len(options), 16, "Wrong number of options")
correct_options = set(
['ipv4f',
'ipv4r',
'ipv6f',
'ipv6f',
'p',
's',
'c',
'othernet'])
parsed_options = set([str(o[2]) for o in options])
self.assertEquals(
len(correct_options.union(parsed_options)),
8,
"Missing or additional options")
def testPublicRule(self):
processor.parse(self._load('data/testPublicRule.txt'), self.c)
firewall.build(self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 8, "Wrong number of firewall rules")
rules = self._query(
"""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM
firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'"""
)
self.assertEquals(len(rules), 2, "Wrong number of firewall rules")
rule = self._query(
"""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'
AND service_dst_ports = '123/udp,123/tcp'"""
)
self.assertEquals(len(rule), 1, "Wrong number of firewall rules")
def testPackagesLogic(self):
processor.parse(self._load('data/testParsePackages.txt'), self.c)
packages.build(self._load_YAML('data/manifest.yml')['packages'], self.c)
pack = self._query('SELECT * FROM package')
expected = (
(1, 'dns', 'last'),
(2, 'dhssh', 'test'),
(2, 'dns', '(test)'),
(2, 'dns', 'last'),
(2, 'ldapclient', None),
(2, 'syslogclient', None),
(3, 'dns', 'last'),
(5, 'dhssh', 'test'),
(5, 'tac', 'a'),
(5, 'tac', 'b'),
(6, 'dhssh', 'test'),
(6, 'dns', None),
(6, 'wwwpub', None),
(8, 'dhssh', 'test'),
(8, 'syslogclient', None),
(8, 'tac', None),
(9, 'dhssh', 'test'),
(9, 'syslogclient', None),
(10, 'dhssh', 'test'),
(10, 'ldapclient', None),
(10, 'syslogclient', None),
(11, 'dhssh', 'test'),
(11, 'ldapclient', None),
(11, 'syslogclient', None),
(15, 'switch', None))
self.assertEquals(len(pack), len(expected),
"Wrong number of packages in database: got %d, expected %d" % (
len(pack), len(expected)))
for i, (node_id, package, option) in enumerate(expected):
self.assertEquals(pack[i].node_id, node_id)
self.assertEquals(pack[i].name, package)
self.assertEquals(pack[i].option, option)
