def test_time_rotation_index_decoding(self, socket_mock):
handler = {'name':'name', 'log_dir':'/tmp', 'rotate_log':True}
sl = bsc.SocketStreamCapturer(handler, ['', 9000], 'udp')
# We expect an error when we input a bad time index value
nose.tools.assert_raises(
ValueError,
sl._decode_time_rotation_index,
'this is not a valid value'
)
assert 2 == sl._decode_time_rotation_index('tm_mday')
def test_packet_log(self, socket_mock, pcap_open_mock, pcap_stream_mock):
socket_mock.return_value = mock.MagicMock()
pcap_open_mock.return_value = pcap.PCapStream()
# Verify UDP packet log
handler = {'name':'name', 'log_dir':'/tmp'}
sl = bsc.SocketStreamCapturer([handler], ['', 9000], 'udp')
logger = sl.capture_handlers[0]['logger']
sl.socket.recv.return_value = 'udp_data'
sl.capture_packet()
sl.socket.recv.assert_called_with(sl._buffer_size)
logger.write.assert_called_with('udp_data')
# Verify Ethernet log
sl = bsc.SocketStreamCapturer([handler], ['etho0', 0], 'ethernet')
logger = sl.capture_handlers[0]['logger']
logger.write.reset_mock()
sl.socket.recv.return_value = 'eth_data'
sl.capture_packet()
logger.write.assert_called_with('eth_data')
def test_packet_log(self, socket_mock, pcap_open_mock, pcap_stream_mock):
socket_mock.return_value = mock.MagicMock()
pcap_open_mock.return_value = pcap.PCapStream()
# Verify UDP packet log
handler = {"name": "name", "log_dir": "/tmp"}
sl = bsc.SocketStreamCapturer([handler], ["", 9000], "udp")
logger = sl.capture_handlers[0]["logger"]
sl.socket.recv.return_value = "udp_data"
sl.capture_packet()
sl.socket.recv.assert_called_with(sl._buffer_size)
logger.write.assert_called_with("udp_data")
# Verify Ethernet log
sl = bsc.SocketStreamCapturer([handler], ["etho0", 0], "ethernet")
logger = sl.capture_handlers[0]["logger"]
logger.write.reset_mock()
sl.socket.recv.return_value = "eth_data"
sl.capture_packet()
logger.write.assert_called_with("eth_data")
def test_get_log_file(self, socket_mock, pcap_open_mock):
h = {
'name':'name',
'log_dir': '/tmp',
'path':'foobarbaz/%j/',
'file_name_pattern': 'extrafolder/%j/%Y-%m-%d-%H-%M-randomUDPtestData-{name}.pcap'
}
sl = bsc.SocketStreamCapturer(h, ['', 9000], 'udp')
handler = sl.capture_handlers[0]
# Check log path generation with user specified handler-specific path
# and file_name_pattern. This includes strftime substitution and handler
# metadata substitution.
log_path = sl._get_log_file(handler)
expected_path = os.path.join(h['log_dir'], h['path'], h['file_name_pattern'])
expected_path = time.strftime(expected_path, time.gmtime())
expected_path = expected_path.format(**handler)
assert log_path == expected_path
h = {'name':'name', 'log_dir': '/tmp'}
sl = bsc.SocketStreamCapturer(h, ['', 9000], 'udp')
handler = sl.capture_handlers[0]
def test_packet_log_mutliple_handlers(self, socket_mock, pcap_open_mock, pcap_stream_mock):
h1 = {'name':'h1', 'log_dir':'/tmp'}
h2 = {'name':'h2', 'log_dir':'/tmp'}
sl = bsc.SocketStreamCapturer([h1, h2], ['', 9000], 'udp')
sl.capture_handlers[0]['logger'] = mock.MagicMock()
sl.capture_handlers[1]['logger'] = mock.MagicMock()
logger1 = sl.capture_handlers[0]['logger']
logger2 = sl.capture_handlers[1]['logger']
sl.socket.recv.return_value = 'udp_data'
sl.capture_packet()
assert logger1.write.call_count == 1
assert logger2.write.call_count == 1
def test_capture_with_data_manip(self, socket_mock, pcap_open_mock, pcap_stream_mock):
transform_mock = mock.Mock(side_effect=['transformed data'])
handler = {
'name': 'name',
'log_dir': '/tmp',
'pre_write_transforms': [transform_mock]
}
sl = bsc.SocketStreamCapturer([handler], ['', 9000], 'udp')
logger = sl.capture_handlers[0]['logger']
sl.socket.recv.return_value = 'udp_data'
sl.capture_packet()
assert transform_mock.called
logger.write.assert_called_with('transformed data')
def test_packet_log_mutliple_handlers(self, socket_mock, pcap_open_mock,
pcap_stream_mock):
h1 = {"name": "h1", "log_dir": "/tmp"}
h2 = {"name": "h2", "log_dir": "/tmp"}
sl = bsc.SocketStreamCapturer([h1, h2], ["", 9000], "udp")
sl.capture_handlers[0]["logger"] = mock.MagicMock()
sl.capture_handlers[1]["logger"] = mock.MagicMock()
logger1 = sl.capture_handlers[0]["logger"]
logger2 = sl.capture_handlers[1]["logger"]
sl.socket.recv.return_value = "udp_data"
sl.capture_packet()
assert logger1.write.call_count == 1
assert logger2.write.call_count == 1
def test_capture_with_data_manip(self, socket_mock, pcap_open_mock,
pcap_stream_mock):
transform_mock = mock.Mock(side_effect=["transformed data"])
handler = {
"name": "name",
"log_dir": "/tmp",
"pre_write_transforms": [transform_mock],
}
sl = bsc.SocketStreamCapturer([handler], ["", 9000], "udp")
logger = sl.capture_handlers[0]["logger"]
sl.socket.recv.return_value = "udp_data"
sl.capture_packet()
assert transform_mock.called
logger.write.assert_called_with("transformed data")
def test_logger_conf_dump(self, socket_mock):
handler = {'name': 'name', 'log_dir': '/tmp', 'rotate_log': True}
addr = ['', 9000]
conn_type = 'udp'
sl = bsc.SocketStreamCapturer(handler, addr, conn_type)
conf_dump = sl.dump_handler_config_data()
handler = sl.capture_handlers[0]
expected_log_file_path = sl._get_log_file(handler)
assert len(conf_dump) == 1
assert conf_dump[0]['handler']['name'] == 'name'
assert conf_dump[0]['handler']['log_dir'] == '/tmp'
assert conf_dump[0]['handler']['rotate_log'] == True
assert conf_dump[0]['log_file_path'] == expected_log_file_path
assert conf_dump[0]['conn_type'] == conn_type
assert conf_dump[0]['address'] == addr
def test_logger_conf_dump(self, socket_mock):
handler = {"name": "name", "log_dir": "/tmp", "rotate_log": True}
addr = ["", 9000]
conn_type = "udp"
sl = bsc.SocketStreamCapturer(handler, addr, conn_type)
conf_dump = sl.dump_handler_config_data()
handler = sl.capture_handlers[0]
expected_log_file_path = sl._get_log_file(handler)
assert len(conf_dump) == 1
assert conf_dump[0]["handler"]["name"] == "name"
assert conf_dump[0]["handler"]["log_dir"] == "/tmp"
assert conf_dump[0]["handler"]["rotate_log"] == True
assert conf_dump[0]["log_file_path"] == expected_log_file_path
assert conf_dump[0]["conn_type"] == conn_type
assert conf_dump[0]["address"] == addr
def test_mocked_eth_socket(self, socket_mock):
socket_family = getattr(gevent.socket, 'AF_PACKET',
gevent.socket.AF_INET)
proto = bsc.ETH_PROTOCOL
handler = {'name': 'name', 'log_dir': '/tmp'}
bsc.RAW_SOCKET_FD = 'foobar'
sl = bsc.SocketStreamCapturer([handler], ['eho0', 0], 'ethernet')
# We need to test a different load if the rawsocket package is used
if not bsc.RAW_SOCKET_FD:
socket_mock.socket.assert_called_with(socket_family,
gevent.socket.SOCK_RAW,
socket.htons(proto))
else:
socket_mock.fromfd.assert_called_with(bsc.RAW_SOCKET_FD,
socket_family,
gevent.socket.SOCK_RAW,
socket.htons(proto))
assert sl.conn_type == 'ethernet'
bsc.RAW_SOCKET_FD = None
def test_log_rotation(self, socket_mock, pcap_open_mock, pcap_stream_mock):
pcap_open_mock.return_value = pcap.PCapStream()
handler = {'name':'name', 'log_dir':'/tmp', 'rotate_log':True}
sl = bsc.SocketStreamCapturer(handler, ['', 9000], 'udp')
handler = sl.capture_handlers[0]
log_path = sl._get_log_file(handler)
pcap_open_mock.assert_called_with(
log_path,
mode='a'
)
# New name so our open call changes from above. This means we can
# ensure that the log rotation opens a new logger as expected.
sl_new_name = 'newname'
handler['name'] = sl_new_name
# We expect the rotation to set the last log rotation time. To test
# we'll set it to None and expect it to be set after
handler['log_rot_time'] = None
sl._rotate_log(handler)
# We expect the log rotation to close the existing logger
assert pcap_stream_mock.return_value.close.call_count == 1
# Since we change the name and rotated the log we expect this
# updated value to be present in the new file name and the call
# to open the new stream.
log_path = sl._get_log_file(handler)
assert sl_new_name in log_path
pcap_open_mock.assert_called_with(
log_path,
mode='a'
)
assert pcap_open_mock.call_count == 2
# We expect the rotation to fix our None assignment on the log_rot_time
# and we expect it to be replaced by a time struct object.
assert handler['log_rot_time'] != None
assert type(handler['log_rot_time']) == type(time.gmtime())
def test_mocked_eth_socket_with_rawsocket(self, socket_mock):
socket_family = getattr(gevent.socket, 'AF_PACKET',
gevent.socket.AF_INET)
rawsocket_is_installed = True if bsc.RAW_SOCKET_FD else False
if not rawsocket_is_installed:
rawsocket_fd = 'fake_rawsocket_fd'
bsc.RAW_SOCKET_FD = rawsocket_fd
else:
rawsocket_fd = bsc.RAW_SOCKET_FD
handler = {'name': 'name', 'log_dir': '/tmp'}
sl = bsc.SocketStreamCapturer([handler], ['eho0', 0], 'ethernet')
# We need to test a different load if the rawsocket package is used
socket_mock.fromfd.assert_called_with(rawsocket_fd, socket_family,
gevent.socket.SOCK_RAW,
socket.htons(bsc.ETH_PROTOCOL))
assert sl.conn_type == 'ethernet'
if not rawsocket_is_installed:
bsc.RAW_SOCKET_FD = None
def test_mocked_eth_socket(self, socket_mock):
socket_family = getattr(gevent.socket, "AF_PACKET",
gevent.socket.AF_INET)
proto = bsc.ETH_PROTOCOL
handler = {"name": "name", "log_dir": "/tmp"}
bsc.RAW_SOCKET_FD = "foobar"
sl = bsc.SocketStreamCapturer([handler], ["eho0", 0], "ethernet")
# We need to test a different load if the rawsocket package is used
if not bsc.RAW_SOCKET_FD:
socket_mock.socket.assert_called_with(socket_family,
gevent.socket.SOCK_RAW,
socket.htons(proto))
else:
socket_mock.fromfd.assert_called_with(
bsc.RAW_SOCKET_FD,
socket_family,
gevent.socket.SOCK_RAW,
socket.htons(proto),
)
assert sl.conn_type == "ethernet"
bsc.RAW_SOCKET_FD = None
def test_custon_log_rotation(self, socket_mock):
handler = {
'name': 'name',
'log_dir': '/tmp',
'rotate_log': True,
'rotate_log_index': 'months',
'rotate_log_delta': 2
}
sl = bsc.SocketStreamCapturer(handler, ['', 9000], 'udp')
h = sl.capture_handlers[0]
assert sl._should_rotate_log(h) == False
# Check the default 1 day log rotation case to make sure our config
# is being used
new_date = datetime.datetime.now() - datetime.timedelta(days=1)
h['log_rot_time'] = new_date.timetuple()
assert sl._should_rotate_log(h) == False
# Check a working case for our "rotate every 2 months" use case.
new_date = datetime.datetime.now() - datetime.timedelta(days=62)
h['log_rot_time'] = new_date.timetuple()
assert sl._should_rotate_log(h) == True
def test_custon_log_rotation(self, socket_mock):
handler = {
"name": "name",
"log_dir": "/tmp",
"rotate_log": True,
"rotate_log_index": "months",
"rotate_log_delta": 2,
}
sl = bsc.SocketStreamCapturer(handler, ["", 9000], "udp")
h = sl.capture_handlers[0]
assert sl._should_rotate_log(h) == False
# Check the default 1 day log rotation case to make sure our config
# is being used
new_date = datetime.datetime.now() - datetime.timedelta(days=1)
h["log_rot_time"] = new_date.timetuple()
assert sl._should_rotate_log(h) == False
# Check a working case for our "rotate every 2 months" use case.
new_date = datetime.datetime.now() - datetime.timedelta(days=62)
h["log_rot_time"] = new_date.timetuple()
assert sl._should_rotate_log(h) == True
def test_mocked_eth_socket_with_rawsocket(self, socket_mock):
socket_family = getattr(gevent.socket, "AF_PACKET",
gevent.socket.AF_INET)
rawsocket_is_installed = True if bsc.RAW_SOCKET_FD else False
if not rawsocket_is_installed:
rawsocket_fd = "fake_rawsocket_fd"
bsc.RAW_SOCKET_FD = rawsocket_fd
else:
rawsocket_fd = bsc.RAW_SOCKET_FD
handler = {"name": "name", "log_dir": "/tmp"}
sl = bsc.SocketStreamCapturer([handler], ["eho0", 0], "ethernet")
# We need to test a different load if the rawsocket package is used
socket_mock.fromfd.assert_called_with(
rawsocket_fd,
socket_family,
gevent.socket.SOCK_RAW,
socket.htons(bsc.ETH_PROTOCOL),
)
assert sl.conn_type == "ethernet"
if not rawsocket_is_installed:
bsc.RAW_SOCKET_FD = None
def test_mocked_udp_socket(self, socket_mock):
handler = {'name': 'name', 'log_dir': '/tmp'}
sl = bsc.SocketStreamCapturer([handler], ['', 9000], 'udp')
socket_mock.assert_called_with(gevent.socket.AF_INET,
gevent.socket.SOCK_DGRAM)
assert sl.conn_type == 'udp'
def test_mocked_udp_socket(self, socket_mock):
handler = {"name": "name", "log_dir": "/tmp"}
sl = bsc.SocketStreamCapturer([handler], ["", 9000], "udp")
socket_mock.assert_called_with(gevent.socket.AF_INET,
gevent.socket.SOCK_DGRAM)
assert sl.conn_type == "udp"
