def __init__(self,_name=''): Xfrm.__init__(self,_name) # finite-state-machine for recognizing node sequences self.fsm = FSM(8,True) # reduction rules are represented by a set of parrallel arrays self.offS = [] self.offE = [] self.props = [] self.sc = [] self.act = []
def test_create_tunnel_policy_ipv6(self): Xfrm.create_policy(ip_network('2009::0/64'), ip_network('2009::0/64'), 0, 0, socket.IPPROTO_TCP, XFRM_POLICY_OUT, socket.IPPROTO_AH, XFRM_MODE_TRANSPORT, ip_address('2001::1'), ip_address('2001::2'), index=1)
def test_create_tunnel_policy(self): Xfrm.create_policy(ip_network('10.0.0.0/24'), ip_network('10.0.1.0/24'), 0, 0, socket.IPPROTO_TCP, XFRM_POLICY_OUT, socket.IPPROTO_AH, XFRM_MODE_TUNNEL, ip_address('192.168.1.1'), ip_address('192.168.1.2'), index=1)
def test_create_transport_policy(self): Xfrm.create_policy(ip_network('192.168.1.1/32'), ip_network('192.168.2.1/32'), 0, 0, socket.IPPROTO_TCP, XFRM_POLICY_OUT, socket.IPPROTO_AH, XFRM_MODE_TRANSPORT, ip_address('192.168.1.1'), ip_address('192.168.1.2'), index=1)
def __init__(self,_name=''): Xfrm.__init__(self,_name) # debug toggles self.trace = False self.trace_best = False # mappings, x and y sequences -> index self.xdct = SeqDct(vcb.spell_sc,'xdct') self.ydct = SeqDct(srseq_tostr,'ydct') # The parse maps self.srmap = [] self.srmap.append(SrMap("prelude",False,self.xdct,self.ydct)) self.srmap.append(SrMap("chain",False,self.xdct,self.ydct)) self.srmap.append(SrMap("subv",False,self.xdct,self.ydct)) self.srmap.append(SrMap("vobj",True,self.xdct,self.ydct)) self.srmap.append(SrMap("postlude",True,self.xdct,self.ydct))
def tearDown(self): subprocess.call('ip xfrm policy', shell=True) subprocess.call('ip xfrm state', shell=True) Xfrm.flush_policies() Xfrm.flush_sas()
def test_delete_ipsec_sa(self): self.test_create_tunnel_ipsec_sa() Xfrm.delete_sa(ip_address('192.168.1.2'), socket.IPPROTO_ESP, b'1234')
def test_create_tunnel_ipsec_sa(self): Xfrm.create_sa(ip_network('192.168.1.1/32'), ip_network('192.168.1.2/32'), 0, 0, b'1234', socket.IPPROTO_TCP, socket.IPPROTO_ESP, Mode.TUNNEL, ip_address('192.168.1.1'), ip_address('192.168.1.2'), b'cbc(aes)', b'1' * 16, b'hmac(md5)', b'1' * 16)
def setUp(self): Xfrm.flush_policies() Xfrm.flush_sas()
def setUp(self): self.xfrm = Xfrm() self.xfrm.flush_policies() self.xfrm.flush_sas()
class TestXfrm(unittest.TestCase): def setUp(self): self.xfrm = Xfrm() self.xfrm.flush_policies() self.xfrm.flush_sas() def test_create_transport_policy(self): ipsec_conf = IpsecConfiguration( my_port=0, peer_port=80, ip_proto=TrafficSelector.IpProtocol.TCP, ipsec_proto=Proposal.Protocol.AH, mode=Mode.TRANSPORT, index=0) ike_conf = IkeConfiguration(protect=[ipsec_conf]) self.xfrm.create_policies(ip_address('192.168.1.1'), ip_address('192.168.1.2'), ike_conf) def test_create_tunnel_policy(self): ipsec_conf = IpsecConfiguration( my_subnet=ip_network('192.168.1.0/24'), peer_subnet=ip_network('10.0.0.0/8'), my_port=0, peer_port=80, ip_proto=TrafficSelector.IpProtocol.TCP, ipsec_proto=Proposal.Protocol.AH, mode=Mode.TUNNEL, index=1) ike_conf = IkeConfiguration(protect=[ipsec_conf]) self.xfrm.create_policies(ip_address('192.168.1.1'), ip_address('192.168.1.2'), ike_conf) def test_create_transport_ipsec_sa(self): self.xfrm.create_sa( ip_address('192.168.1.1'), ip_address('192.168.1.2'), TrafficSelector(TrafficSelector.Type.TS_IPV4_ADDR_RANGE, TrafficSelector.IpProtocol.TCP, 0, 0, ip_address('192.168.1.1'), ip_address('192.168.1.1')), TrafficSelector(TrafficSelector.Type.TS_IPV4_ADDR_RANGE, TrafficSelector.IpProtocol.TCP, 0, 0, ip_address('192.168.1.2'), ip_address('192.168.1.2')), Proposal.Protocol.ESP, b'1234', Transform.EncrId.ENCR_AES_CBC, b'1' * 16, Transform.IntegId.AUTH_HMAC_MD5_96, b'1' * 16, Mode.TRANSPORT) def test_create_tunnel_ipsec_sa(self): self.xfrm.create_sa( ip_address('192.168.1.1'), ip_address('192.168.1.2'), TrafficSelector(TrafficSelector.Type.TS_IPV4_ADDR_RANGE, TrafficSelector.IpProtocol.TCP, 0, 0, ip_address('192.168.1.1'), ip_address('192.168.1.1')), TrafficSelector(TrafficSelector.Type.TS_IPV4_ADDR_RANGE, TrafficSelector.IpProtocol.TCP, 0, 0, ip_address('192.168.1.2'), ip_address('192.168.1.2')), Proposal.Protocol.ESP, b'1234', Transform.EncrId.ENCR_AES_CBC, b'1' * 16, Transform.IntegId.AUTH_HMAC_MD5_96, b'1' * 16, Mode.TUNNEL) self.xfrm.delete_sa(ip_address('192.168.1.2'), Proposal.Protocol.ESP, b'1234') def test_get_policies(self): self.test_create_transport_policy() policies = self.xfrm._get_policies() for header, payload, attributes in policies: payload.to_dict() def tearDown(self): self.xfrm.flush_policies() self.xfrm.flush_sas()