def test_lookup_target(self): """Test look up of a target in the table""" # Default deny routetable = RouteTable(None) action, __, __ = routetable.lookup_target("10.0.0.1", 3200) self.assertEqual(RouteTable.ROUTE_DENY, action) # Explicit deny inside an allowed range table = [ "allow,ni,10.0.0.1,3200-3202,password", "deny,raw,10.0.0.1,3201," ] routetable = RouteTable(table) action, mode, password = routetable.lookup_target("10.0.0.1", 3200) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("password", password) action, mode, password = routetable.lookup_target("10.0.0.1", 3201) self.assertEqual(RouteTable.ROUTE_DENY, action) self.assertEqual(RouteTable.MODE_RAW, mode) self.assertEqual(None, password) action, mode, password = routetable.lookup_target("10.0.0.1", 3202) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("password", password)
def test_build_table(self): """Test build table""" # Expansion of port ranges table = ["allow,ni,10.0.0.1,3200-3209,"] routetable = RouteTable(table) for port in xrange(3200, 3209): self.assertIn(("10.0.0.1", port), routetable.table) self.assertEqual((RouteTable.ROUTE_ALLOW, RouteTable.MODE_NI, None), routetable.table[("10.0.0.1", port)]) # Explicit deny inside an allowed range table = ["allow,ni,10.0.0.1,3200-3202,password", "deny,raw,10.0.0.1,3201,"] routetable = RouteTable(table) self.assertEqual(3, len(routetable.table)) self.assertIn(("10.0.0.1", 3200), routetable.table) self.assertIn(("10.0.0.1", 3201), routetable.table) self.assertIn(("10.0.0.1", 3202), routetable.table) self.assertEqual((RouteTable.ROUTE_ALLOW, RouteTable.MODE_NI, "password"), routetable.table[("10.0.0.1", 3200)]) self.assertEqual((RouteTable.ROUTE_DENY, RouteTable.MODE_RAW, None), routetable.table[("10.0.0.1", 3201)]) self.assertEqual((RouteTable.ROUTE_ALLOW, RouteTable.MODE_NI, "password"), routetable.table[("10.0.0.1", 3202)]) # Invalid entries table = ["accept,ni,10.0.0.1,3200,password", "allow,proto,10.0.0.1,3200,password", "allow,ni,10.0.0.1,3200", {"action": "allow"}, {"action": "allow", "mode": "ni"}, {"action": "allow", "mode": "ni", "target": "10.0.0.1"}, {"action": "allow", "mode": "ni", "target": "10.0.0.1", "port": 3200}, {"action": "accept", "mode": "ni", "target": "10.0.0.1", "port": 3200, "password": "******"}, {"action": "allow", "mode": "proto", "target": "10.0.0.1", "port": 3200, "password": "******"}, ] routetable = RouteTable(table) self.assertEqual(0, len(routetable.table))
def test_parse_route_entry(self): """Test parsing of route table entries""" routetable = RouteTable(None) entry = "allow,ni,10.0.0.1,3200-3209,password" action, mode, target, port, password = routetable.parse_route_entry( entry) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("10.0.0.1", target) self.assertEqual("3200-3209", port) self.assertEqual("password", password) entry = "deny,raw,10.0.0.2,3205," action, mode, target, port, password = routetable.parse_route_entry( entry) self.assertEqual(RouteTable.ROUTE_DENY, action) self.assertEqual(RouteTable.MODE_RAW, mode) self.assertEqual("10.0.0.2", target) self.assertEqual("3205", port) self.assertEqual(None, password) entry = "deny,any,10.0.0.2,3205," action, mode, target, port, password = routetable.parse_route_entry( entry) self.assertEqual(RouteTable.MODE_ANY, mode) entry = { "action": "allow", "mode": "ni", "target": "10.0.0.1", "port": "3200-3209", "password": "******" } action, mode, target, port, password = routetable.parse_route_entry( entry) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("10.0.0.1", target) self.assertEqual("3200-3209", port) self.assertEqual("password", password) entry = { "action": "deny", "mode": "raw", "target": "10.0.0.2", "port": 3205, "password": None } action, mode, target, port, password = routetable.parse_route_entry( entry) self.assertEqual(RouteTable.ROUTE_DENY, action) self.assertEqual(RouteTable.MODE_RAW, mode) self.assertEqual("10.0.0.2", target) self.assertEqual(3205, port) self.assertEqual(None, password)
def test_lookup_target(self): """Test look up of a target in the table""" # Default deny routetable = RouteTable(None) action, __, __ = routetable.lookup_target("10.0.0.1", 3200) self.assertEqual(RouteTable.ROUTE_DENY, action) # Explicit deny inside an allowed range table = ["allow,ni,10.0.0.1,3200-3202,password", "deny,raw,10.0.0.1,3201,"] routetable = RouteTable(table) action, mode, password = routetable.lookup_target("10.0.0.1", 3200) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("password", password) action, mode, password = routetable.lookup_target("10.0.0.1", 3201) self.assertEqual(RouteTable.ROUTE_DENY, action) self.assertEqual(RouteTable.MODE_RAW, mode) self.assertEqual(None, password) action, mode, password = routetable.lookup_target("10.0.0.1", 3202) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("password", password)
def test_parse_route_entry(self): """Test parsing of route table entries""" routetable = RouteTable(None) entry = "allow,ni,10.0.0.1,3200-3209,password" action, mode, target, port, password = routetable.parse_route_entry(entry) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("10.0.0.1", target) self.assertEqual("3200-3209", port) self.assertEqual("password", password) entry = "deny,raw,10.0.0.2,3205," action, mode, target, port, password = routetable.parse_route_entry(entry) self.assertEqual(RouteTable.ROUTE_DENY, action) self.assertEqual(RouteTable.MODE_RAW, mode) self.assertEqual("10.0.0.2", target) self.assertEqual("3205", port) self.assertEqual(None, password) entry = "deny,any,10.0.0.2,3205," action, mode, target, port, password = routetable.parse_route_entry(entry) self.assertEqual(RouteTable.MODE_ANY, mode) entry = {"action": "allow", "mode": "ni", "target": "10.0.0.1", "port": "3200-3209", "password": "******"} action, mode, target, port, password = routetable.parse_route_entry(entry) self.assertEqual(RouteTable.ROUTE_ALLOW, action) self.assertEqual(RouteTable.MODE_NI, mode) self.assertEqual("10.0.0.1", target) self.assertEqual("3200-3209", port) self.assertEqual("password", password) entry = {"action": "deny", "mode": "raw", "target": "10.0.0.2", "port": 3205, "password": None} action, mode, target, port, password = routetable.parse_route_entry(entry) self.assertEqual(RouteTable.ROUTE_DENY, action) self.assertEqual(RouteTable.MODE_RAW, mode) self.assertEqual("10.0.0.2", target) self.assertEqual(3205, port) self.assertEqual(None, password)