def test_ban(self): ''' Create a ban and remove it. ''' ban = IPTablesCommandBanEntry(BAN_IP) ban.ban(interface=INTERFACE) status, output = commands.getstatusoutput("/sbin/iptables -L -n") self.assertEqual(status, 0, msg="Failed to run iptables command: %s" % output) self.assertIn(BAN_IP, output, msg="IP address not banned") ban.unban(interface=INTERFACE) status, output = commands.getstatusoutput("/sbin/iptables -L -n") self.assertNotIn(BAN_IP, output, msg="IP address was not unbanned")
def test_whitelist_notwhitelisted(self): ''' Test the unwhitelisting of an IP to ensure it isn't whitelisted ''' lock = threading.Lock() ban_fetcher = BanFetcher(BINDSTRING, INTERFACE, BAN_BACKEND, ["10.0.220.1", "10.0.222.1/24"], lock) # An address that should be banned self.assertTrue(ban_fetcher.subscription( ("swabber_bans", "10.0.220.2")), msg="Unwhitelisted IP was whitelisted") # clean up after ourselves ban = IPTablesCommandBanEntry("10.0.220.2") ban.unban(interface=INTERFACE)
def test_clean(self): ''' Test the cleaning of bans after a very short time window ''' ban_len = 1 ban = IPTablesCommandBanEntry(BAN_IP) ban.ban(INTERFACE) time.sleep(ban_len*2) cleaner = BanCleaner(ban_len, BAN_BACKEND, threading.Lock(), INTERFACE) cleaner.clean_bans(INTERFACE) status, output = commands.getstatusoutput("/sbin/iptables -L -n") self.assertEqual(status, 0, msg="Failed to run iptables command: %s" % output) self.assertNotIn(BAN_IP, output, msg="Ban was not reset by cleaner")
def test_clean(self): ''' Test the cleaning of bans after a very short time window ''' ban_len = 1 ban = IPTablesCommandBanEntry(BAN_IP) ban.ban(INTERFACE) time.sleep(ban_len * 2) cleaner = BanCleaner(ban_len, BAN_BACKEND, threading.Lock(), INTERFACE) cleaner.clean_bans(INTERFACE) status, output = commands.getstatusoutput("/sbin/iptables -L -n") self.assertEqual(status, 0, msg="Failed to run iptables command: %s" % output) self.assertNotIn(BAN_IP, output, msg="Ban was not reset by cleaner")
def test_whitelist_notwhitelisted(self): ''' Test the unwhitelisting of an IP to ensure it isn't whitelisted ''' lock = threading.Lock() ban_fetcher = BanFetcher(BINDSTRING, INTERFACE, BAN_BACKEND, ["10.0.220.1", "10.0.222.1/24"], lock) # An address that should be banned self.assertTrue( ban_fetcher.subscription(("swabber_bans", "10.0.220.2")), msg="Unwhitelisted IP was whitelisted") # clean up after ourselves ban = IPTablesCommandBanEntry("10.0.220.2") ban.unban(interface=INTERFACE)