def test_tcp_conflicting_rules_outgoing(self):
rules = Rules(conflicting_rules)
binary_packet = BinaryPacket()
# Test edge 1
binary_packet.dest_ip = '123.34.128.0' # This should be blocked
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
# Test middle
binary_packet.dest_ip = '123.34.225.225' # This should be blocked
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
# Test edge 2
binary_packet.dest_ip = '123.34.255.255' # This should be blocked
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
# Now test targeted allowed IP
binary_packet.dest_ip = '123.34.220.255' # This should be ALLOWED
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_PASS, result)
def test_tcp_block_any_port_outgoing(self):
rules = Rules(block_any_port)
binary_packet = BinaryPacket()
binary_packet.dest_ip = '255.255.255.254' # The rule shouldn't apply here
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_PASS, result)
binary_packet.dest_ip = '255.255.255.255' # The rule should apply here
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
def test_tcp_block_single_port_incoming(self):
rules = Rules(block_single_port)
binary_packet = BinaryPacket()
binary_packet.tcp_source = 52 # The rule shouldn't apply here
packet = Packet(pkt_dir=PKT_DIR_INCOMING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_PASS, result)
binary_packet.tcp_source = 53 # The rule should apply here
packet = Packet(pkt_dir=PKT_DIR_INCOMING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
def tcp_block_outgoing(self):
rules = Rules(country_block_rules)
binary_packet = BinaryPacket()
for US_ip in self.US_ip_examples:
binary_packet.dest_ip = US_ip # This should be blocked
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=self.geoDB)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
def test_tcp_block_port_range_outgoing(self):
rules = Rules(block_port_range_rules)
binary_packet = BinaryPacket()
port_unblocked_range = range(0, 1000) + range(2001, 3001)
port_blocked_range = range(1000, 2001)
for port in port_unblocked_range:
binary_packet.tcp_dest = port # The rule shouldn't apply here
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_PASS, result)
for port in port_blocked_range:
binary_packet.tcp_dest = port # The rule should apply here
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
def test_tcp_drop_external_ip_outgoing(self):
rules = Rules(external_ip_drop_rules)
binary_packet = BinaryPacket()
binary_packet.dest_ip = '128.32.244.17' # This should be blocked
binary_packet = binary_packet.get_tcp_packet()
packet = Packet(pkt_dir=PKT_DIR_OUTGOING, pkt=binary_packet, geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
def test_tcp_drop_external_ip_prefix_incoming(self):
rules = Rules(external_ip_prefix_drop_rules)
binary_packet = BinaryPacket()
# Test edge 1
binary_packet.source_ip = '123.34.128.0' # This should be blocked
packet = Packet(pkt_dir=PKT_DIR_INCOMING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
# Test middle
binary_packet.source_ip = '123.34.200.194' # This should be blocked
packet = Packet(pkt_dir=PKT_DIR_INCOMING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)
# Test edge 2
binary_packet.source_ip = '123.34.255.255' # This should be blocked
packet = Packet(pkt_dir=PKT_DIR_INCOMING, pkt=binary_packet.get_tcp_packet(), geoDB=None)
result = rules.result_for_pkt(packet)
self.assertEqual(RULE_RESULT_DROP, result)