def test_rabbitmq(self): #清空环境 for i in self.clr_env: fun.cmd(i, 'gw_s') agent_config = fun.cmd('cat /etc/jsac/agentjsac.config', 'gw_s') print(agent_config) agent_list = agent_config.split('\n') for i in agent_list: str_domain = re.findall( "DeviceDomain = (\w*\d*.\w*\d*.\w*\d*.\w*\d*.\w*\d*)", i) if str_domain: domain = str_domain print(domain) #下发配置 fun.send('ManageExchange', 'AddAclPolicy', domain, base_path) #检查配置下发是否成功 re = fun.cmd(self.case_step['step1'][0], 'gw_s') print(re) assert self.case_step['step1'][1] in re '''
def teardown_method(self): self.clr_met = clr_env.clear_met for i in self.clr_met: fun.cmd(i, 'gw') fun.iperf_kill()
def teardown_method(self): clr_env.clear_env('gw') clr_env.clear_met_acl('gw') fun.cmd(self.case_step["step1"][0], 'c') fun.cmd(self.case_step["step1"][0], 's')
def test_vlan_bond_a1(self): # 开启switch开关并检查是否开启成功 for key in self.case1_step1: fun.cmd(self.case1_step1[key][0], 'gw') re = fun.cmd(self.case1_step1[key][1], 'gw') assert self.case1_step1[key][2] in re # 下发vlan配置 fun.send(rbmExc, message.setvlan['SetVlan'], rbmDomain, base_path) # 检查配置下发是否成功 for key in self.case1_step2: re = fun.wait_data(self.case1_step2[key][0], 'gw', self.case1_step2[key][1], 'vlan', 100) assert self.case1_step2[key][1] in re # 测试从设备端ping vlanA设备正常 resA_cmd = 'ping ' + vlanAOpeIp + ' -c 4' print('从设备端ping vlanA设备的命令是:{}'.format(resA_cmd)) resA = fun.cmd(resA_cmd, 'gw') print('从设备端ping vlanA的结果为:{}'.format(resA)) assert '0% packet loss' in resA # 测试从vlanA ping设备正常 dutA_cmd = 'ping ' + gwInternetIp + ' -c 4' print('从vlanA ping设备的命令是:{}'.format(dutA_cmd)) dutA = fun.cmd(dutA_cmd, 'vlanA') print('从vlanA ping设备的结果为:{}'.format(dutA)) assert '0% packet loss' in dutA # 测试从设备端ping vlanB设备正常 resB_cmd = 'ping ' + vlanBOpeIp + ' -c 4' print('从设备端ping vlanB设备的命令是:{}'.format(resB_cmd)) resB = fun.cmd(resB_cmd, 'gw') print('从设备端ping vlanB设备的结果为:{}'.format(resB)) assert '0% packet loss' in resB # 测试从vlanB ping设备正常 dutB_cmd = 'ping ' + gwInternetIp + ' -c 4' print('从vlanB ping设备的命令是:{}'.format(dutB_cmd)) dutB = fun.cmd(dutB_cmd, 'vlanB') print('从vlanB ping设备的结果为:{}'.format(dutB)) assert '0% packet loss' in dutB # 还原环境,移除vlan的配置,且关闭vlan的开关 # 关闭switch开关并检查是否关闭成功 for key in self.case1_step11: fun.cmd(self.case1_step11[key][0], 'gw') re = fun.cmd(self.case1_step11[key][1], 'gw') assert self.case1_step11[key][2] in re # 清空vlan配置 fun.send(rbmExc, message.delvlan['SetVlan'], rbmDomain, base_path) # 检查配置下发是否成功 for key in self.case1_step2: re = fun.wait_data(self.case1_step2[key][0], 'gw', self.case1_step2[key][1], 'vlan', 100, flag='不存在') assert self.case1_step2[key][1] not in re
def setup_method(self): clr_env.data_check_setup_met() fun.cmd(f"rm -rf /opt/pkt/*pcap", 'gw') re = fun.cmd(f"ls /opt/pkt/", 'gw') print('setup_method_re:', re) assert 'pcap' not in re
def test_selabel_cipso_type_right_and_left(self): # 下发配置并检查结果 for key in self.case2_step: fun.cmd(self.case2_step[key][0], 'gw') re = fun.cmd(self.case2_step[key][1], 'gw') assert self.case2_step[key][2] in re
def setup_class(self): # 获取参数 fun.ssh_gw.connect() fun.ssh_c.connect() fun.ssh_s.connect() self.clr_env = clr_env.clear_env self.case1_step1 = index.case1_step1 self.case1_step2 = index.case1_step2 self.case2_step1 = index.case2_step1 self.case2_step2 = index.case2_step2 self.case3_step1 = index.case3_step1 self.case3_step2 = index.case3_step2 self.case4_step1 = index.case4_step1 self.case4_step2 = index.case4_step2 self.pkt1_cfg = index.pkt1_cfg self.pkt2_cfg = index.pkt2_cfg self.pkt3_cfg = index.pkt3_cfg self.pkt4_cfg = index.pkt4_cfg self.cap_pcap1 = self.pkt1_cfg["capture"][3] self.cap_pcap2 = self.pkt2_cfg["capture"][3] self.cap_pcap3 = self.pkt3_cfg["capture"][3] self.cap_pcap4 = self.pkt4_cfg["capture"][3] clr_env.clear_env() fun.cmd('rm -rf /opt/pkt/test_acl_mode_*', 's')
def test_nginx_test_a1(self): # 清空环境 for i in self.clr_env: fun.cmd(i, 'gw') for i in range(100): # fun.cmd('systemctl reload nginx_fstack', 'gw') fun.send(rbmExc, message.addsmtp['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.send(rbmExc, message.addpop3['AddAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') ff = fun.cmd('ff_netstat -an', 'gw') print('ff结果为:{}'.format(ff)) assert proxy_ip in ff fun.send(rbmExc, message.mailcheck1['SetMailCheck'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') # 配置清空 fun.send(rbmExc, message.delsmtp['DelAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.send(rbmExc, message.delpop3['DelAgent'], rbmDomain, base_path) fun.wait_data('ps -ef |grep nginx', 'gw', 'nginx: worker process') fun.nginx_worker('ps -ef |grep nginx', 'gw', 'nginx: worker process') print('已经执行了{}次'.format(i + 1))
def teardown_method(self): clr_env.clear_env('gw') clr_env.clear_met_acl('gw') fun.cmd(self.case1_step7["step2"][0], 'gw') fun.send(rbmExc, message.verifymod_DelAuthCert['DelAuthCert'], domain_rmb, base_path) clr_env.verifymod_teardown_met(base_path)
def test_case1(self): # 网关设备的nginx查询有问题,返回None # re = fun.cmd('systemctl status agentjsac', 'gw') # assert re != None # re = fun.cmd('ps -ef |grep agentjsac', 'gw') # assert re != None # re = fun.cmd('netstat -anp', 'gw') # assert re != None # re = fun.cmd('systemctl status nginx_kernel', 'gw') # assert re != None # re = fun.cmd('ps -ef |grep nginx', 'gw') # assert re != None # 隔离的前置机查询nginx没有问题 re = fun.cmd('systemctl status agentjsac', 'FrontDut') assert re != None re = fun.cmd('ps -ef |grep agentjsac', 'FrontDut') assert re != None re = fun.cmd('netstat -anp', 'FrontDut') assert re != None re = fun.cmd('systemctl status nginx_kernel', 'FrontDut') assert re != None re = fun.cmd('ps -ef |grep nginx', 'FrontDut') assert re != None
def teardown_method(self): self.clr_met = clr_env.clear_met for i in self.clr_met: fun.cmd(i, 'gw') fun.pid_kill(self.cap_pcap)
def test_acl_CURD_a3(self): # 下发配置并检查结果 for key in self.case3_step: fun.cmd(self.case3_step[key][0], 'gw') re = fun.cmd(self.case3_step[key][1], 'gw') assert self.case3_step[key][2] in re
def teardown_method(self): clr_env.clear_env('gw') clr_env.clear_met_acl('gw') fun.cmd("rm -f /opt/*txt*", 'c') re1 = fun.cmd("ls /opt/ |grep txt", 'c') print('客户端txt文件查询结果是:', re1) assert self.case_step2["step1"][0] not in re1
def teardown_class(self): #回收环境 for i in clr_env.clear_env: fun.cmd(i,'gw') for i in fun.mac: fun.ssh_close(i)
def test_selabel_a2(self): # 下发配置并检查结果 for key in self.case2_step: fun.cmd(self.case2_step[key][0], 'gw') re = fun.cmd(self.case2_step[key][1], 'gw') assert self.case2_step[key][2] in re
def test_selabel_cipso_doi_left(self): # 下发配置并检查结果 for key in self.case2_step: fun.cmd(self.case2_step[key][0], 'gw') re = fun.cmd(self.case2_step[key][1], 'gw') assert self.case2_step[key][2] in re print('doi为0、-1时无法添加,doi为1时可以添加')
def teardown_class(self): # 回收环境 clr_env.clear_env() fun.cmd('ipmac -c', 'gw') fun.send(rbmExc, message.delvlan['SetVlan'], rbmDomain, base_path) fun.rbm_close() fun.ssh_close('gw')
def teardown_class(self): #回收环境 for i in clr_env.clear_env: fun.cmd(i,'gw') fun.rbm_close() fun.ssh_close('gw')
def verifymod_teardown_met(base_path): start = time.time() fun.send(rbmExc, message.verifymod_switch_stop['ManageAuthServer'], rbmDomain, base_path) fun.cmd('ipauth-jsac --clear', 'gw') print( "=========================== verifymod_teardown_met 结束 耗时:{}s ==================================" .format(time.time() - start))
def test_selabel_cipso_doi_right(self): # 下发配置并检查结果 for key in self.case3_step: fun.cmd(self.case3_step[key][0], 'gw') re = fun.cmd(self.case3_step[key][1], 'gw') assert self.case3_step[key][2] in re print('doi为4294967295时添加成功')
def teardown_method(self): self.clr_met = clr_env.clear_met for i in self.clr_met: fun.cmd(i, 'gw') # 判断抓包程序是否停止,如果进程还在则停止 fun.pid_kill(self.cap_pcap1)
def test_selabel_cipso_level_right_left(self): # # 下发配置并检查结果 for key in self.case3_step: fun.cmd(self.case3_step[key][0], 'gw') re = fun.cmd(self.case3_step[key][1], 'gw') assert self.case3_step[key][2] in re print('无法添加标记字段level的右边界256及左边界-1')
def setup_method(self): self.clr_met = clr_env.clear_met for i in self.clr_met: fun.cmd(i, 'gw') fun.cmd(f"rm -rf /opt/pkt/*pcap", 'gw') re = fun.cmd(f"ls /opt/pkt/ | grep pcap", 'gw') print('re:', re)
def test_acl_CURD_a4(self): # 下发配置并检查结果 for key in self.case4_step: fun.cmd(self.case4_step[key][0], 'gw') print('self.case4_step[key][0]: ', self.case4_step[key][0]) re = fun.cmd(self.case4_step[key][1], 'gw') print('self.case4_step[key][1]: ', self.case4_step[key][1]) print('re: ', re) assert self.case4_step[key][2] in re
def test_report_acl_labelRejectPac_count(self): # 开启acl命中统计开关并检查结果 fun.send(Exc_rmb, message.set_ReportAclCount_open['EnableAclCount'], domain_rmb, base_path) for key in self.case2_step1: print('ip:', baseinfo.gwManageIp) re = fun.cmd(self.case2_step1[key][0], 'gw') print('re:', re) assert self.case2_step1[key][1] in re # 下发acl策略并检查结果-----查询失败问题待调查 fun.send(Exc_rmb, message.AddAclPolicy_labelRejectPac['AddAclPolicy'], domain_rmb, base_path) # for key in self.case2_step2: # print('ip:',baseinfo.gwManageIp) # re = fun.cmd(self.case2_step2[key][0],'gw',thread=1) # print('key:',self.case2_step2[key][0]) # print('re:',re) # assert self.case2_step2[key][1] in re # 客户端发送正常请求报文 c_iface, c_num, c_pcap = self.pkt2_cfg["send"][0], self.pkt2_cfg[ "send"][1], self.pkt2_cfg["send"][2] send_cmd = fun.pkt_send(c_iface, c_num, c_pcap) print('send_cmd:', send_cmd) fun.cmd(send_cmd, 'c') print('tcpreplay命令发送成功') # jsac.agentjsac.info.log文件查看命中统计数 fun.wait_data( f"grep -n ReportAclCount /var/log/jsac.agentjsac.info.log |tail -1", 'gw', self.case2_step3['step1'][0], '检查拒绝数', 300, flag='存在') for key in self.case2_step3: re = fun.cmd( "grep -n LabelRejectPac /var/log/jsac.agentjsac.info.log |tail -1 ", 'gw') print('re:', re) assert self.case2_step3[key][0] in re # 关闭acl命中统计开关并检查结果 fun.send(Exc_rmb, message.set_ReportAclCount_close['EnableAclCount'], domain_rmb, base_path) for key in self.case2_step4: re = fun.cmd(self.case2_step4[key][0], 'gw') print('re:', re) assert self.case2_step4[key][1] in re # 移除掉acl策略并检查结果 fun.send(Exc_rmb, message.DelAclPolicy_HitCount['DelAclPolicy'], domain_rmb, base_path)
def teardown_method(self): clr_env.clear_env() fun.pid_kill(self.cap_pcap1, 'python', 's') fun.pid_kill(self.cap_pcap3, 'python', 's') fun.pid_kill(self.cap_pcap4, 'python', 's') fun.pid_kill(self.cap_pcap5, 'python', 's') fun.cmd(f"rm -rf /opt/pkt/*pcap", 'gw') re = fun.cmd(f"ls /opt/pkt/", 'gw') print('teardown_method_re:', re)
def teardown_method(self): self.clr_met = clr_env.clear_met for i in self.clr_met: fun.cmd(i, 'gw') fun.pid_kill(self.cap_pcap1, 'pyhton', 's') fun.pid_kill(self.hping3_1, 'hping3', 'c') fun.pid_kill(self.http_1, 'python2.7', 's') fun.pid_kill(self.cap_pcap2, 'pyhton', 's') fun.pid_kill(self.hping3_2, 'hping3', 'c') fun.pid_kill(self.http_2, 'python2.7', 's')
def teardown_method(self): self.clr_met = clr_env.clear_met for i in self.clr_met: fun.cmd(i, 'gw') fun.cmd(f"rm -rf /opt/pkt/*pcap", 'gw') re = fun.cmd(f"ls /opt/pkt/ | grep pcap", 'gw') print('re:', re) fun.pid_kill(self.cap_pcap1,'pyhton','s') fun.pid_kill(self.cap_pcap2, 'pyhton', 's') fun.pid_kill(self.cap_pcap3,'pyhton','s')
def teardown_method(self): self.clr_met = clr_env.clear_met for i in self.clr_met: fun.cmd(i, 'gw') fun.pid_kill(self.cap_pcap1) fun.pid_kill(self.cap_pcap2) fun.pid_kill(self.cap_pcap3) fun.pid_kill(self.cap_pcap4) fun.pid_kill(self.cap_pcap5) fun.pid_kill(self.cap_pcap6) fun.pid_kill(self.cap_pcap7) fun.pid_kill(self.cap_pcap8)
def test_selabel_vxlan_level_255(self): # # # 下发配置并检查结果 for key in self.case1_step: fun.cmd(self.case1_step[key][0], 'gw') re = fun.cmd(self.case1_step[key][1], 'gw') assert self.case1_step[key][2] in re # # 服务端抓取报文 cap_iface, cap_filter, cap_num, cap_pcap = self.pkt1_cfg['capture'][0], self.pkt1_cfg['capture'][1], \ self.pkt1_cfg['capture'][2], self.pkt1_cfg['capture'][3] pre_cfg = fun.pkt_capture(cap_iface, cap_filter, cap_num, cap_pcap) fun.cmd(pre_cfg, 's', thread=1) print('step wait') time.sleep(20) # # 发送报文 c_iface, c_num, c_pcap = self.pkt1_cfg["send"][0], self.pkt1_cfg[ "send"][1], self.pkt1_cfg["send"][2] send_cmd = fun.pkt_send(c_iface, c_num, c_pcap) fun.cmd(send_cmd, 'c') # 检查报文是否存在 pcap_file = fun.search('/opt/pkt', 'pcap', 's') assert cap_pcap in pcap_file # 读包 read_name, read_id = self.pkt1_cfg["read"][0], self.pkt1_cfg["read"][1] read_cmd = fun.vxlan_read(read_name, read_id) print(read_cmd) read_re = fun.cmd(read_cmd, 's') print(read_re) # 获取期望结果 exp = self.pkt1_cfg["expect"][0] assert exp == read_re