def _is_safelisted(self, conn, hostname):
"""Check if safelisting conditions are met"""
# Is safelistng enabled?
if not self.safelist_enabled:
return False
# Is DNS recording coming from allowed NS server.
if conn.get("src") not in self.known_dns and conn.get("dst") not in self.known_dns:
return False
# Is hostname safelisted.
if not is_safelisted_domain(hostname):
return False
return True
def test_is_safelisted_domain():
from lib.cuckoo.common.safelist import is_safelisted_domain
assert is_safelisted_domain("java.com") is True
assert is_safelisted_domain("java2.com") is False
assert is_safelisted_domain("crl.microsoft.com") is True