def configure_mitm(self):
"""Install MITM proxy and configure iptable rules for each intercept."""
# Note we'll implement interface configuration for later.
# It will be too complex to maintain track of available intercept interfaces
self.check_output("iptables -t nat -F")
self.check_output("ip6tables -t nat -F")
if "mitmproxy" not in self.check_output("pip3 freeze | grep mitmproxy"):
apt_install(self, "python3-dev python3-pip libffi-dev libssl-dev")
self.check_output("pip3 install mitmproxy")
for _, val in self.intercepts.items():
v4 = val.get("v4", "")
if v4:
v4 = [i.strip() for i in v4.split(";")]
self.check_output(
f"iptables -t nat -A PREROUTING -i eth1 -p tcp --destination {v4[-1]} -j REDIRECT --to-port 8080"
)
self.check_output(
f"iptables -t nat -A PREROUTING -i {v4[0]} -p tcp --source {v4[-1]} -j REDIRECT --to-port 8080"
)
v6 = val.get("v6", "")
if v6:
v6 = [i.strip() for i in v6.split(";")]
self.check_output(
f"ip6tables -t nat -A PREROUTING -i eth1 -p tcp --destination {v6[-1]} -j REDIRECT --to-port 8080"
)
self.check_output(
f"ip6tables -t nat -A PREROUTING -i {v6[0]} -p tcp --source {v6[-1]} -j REDIRECT --to-port 8080"
)
self.is_configured = True
def setup(self, config=None):
# potential cleanup so this wan device works
self.sendline("killall iperf ab hping3")
self.expect(self.prompt)
self.sendline("\niptables -t nat -X")
self.expect("iptables -t")
self.expect(self.prompt)
self.sendline("sysctl net.ipv4.ip_forward=1")
self.expect(self.prompt)
self.sendline("iptables -t nat -F; iptables -t nat -X")
self.expect(self.prompt)
self.sendline("iptables -F; iptables -X")
self.expect(self.prompt)
self.sendline(
"iptables -t nat -A PREROUTING -p tcp --dport 222 -j DNAT --to-destination %s:22"
% self.lan_gateway)
self.expect(self.prompt)
self.sendline(
"iptables -t nat -A POSTROUTING -o %s -p tcp --dport 22 -j MASQUERADE"
% self.iface_dut)
self.expect(self.prompt)
self.sendline("echo 0 > /proc/sys/net/ipv4/tcp_timestamps")
self.expect(self.prompt)
self.sendline("echo 0 > /proc/sys/net/ipv4/tcp_sack")
self.expect(self.prompt)
self.sendline("pkill --signal 9 -f dhclient.*%s" % self.iface_dut)
self.expect(self.prompt)
apt_install(self, "ndisc6")
if 0 == self.expect(["Reading package", pexpect.TIMEOUT], timeout=60):
self.expect(self.prompt, timeout=60)
else:
logger.error("Failed to download packages, things might not work")
self.sendcontrol("c")
self.expect(self.prompt)
def voice_configure(voice_devices_list, sip_server, config):
"""
Initialize the Voice test setup.
Parameters:
voice_devices_list(list of obj): list of voice devices
sip_server(obj): sipserver device
config(obj): config object
"""
try:
kill_process(sip_server, port=5060)
apt_install(sip_server, "tshark")
dns_setup_sipserver(sip_server, config)
for voice_device in voice_devices_list:
if hasattr(voice_device, "profile"):
boot_list = nested_lookup(
"on_boot", voice_device.profile.get(voice_device.name, {}))
for profile_boot in boot_list:
profile_boot()
if "softphone" in voice_device.name:
voice_device.phone_config(
sip_server.get_interface_ipaddr(sip_server.iface_dut))
except Exception as e:
kill_process(sip_server, port=5060)
raise VoiceSetupConfigureFailure(e)
def _install_pkgs():
apt_install(self,
pkgs,
dpkg_options='-o DPkg::Options::="--force-confnew"')
# self.sendline(
# % pkgs
# if 0 == self.expect(["Reading package", pexpect.TIMEOUT], timeout=60):
self.pkgs_installed = True
def install_asterisk(self):
"""Install asterisk from internet."""
deprecate(
"Warning!",
message="install_asterisk() is deprecated",
category=UserWarning,
)
self.install_essentials()
apt_install(self, "asterisk", timeout=300)
def modify_sip_config(self, oper="", user=""):
"""
Add or Delete users in sip.conf.
:param oper: add or delete operation
:type oper: string
:param user: enter the user number to add/delete
:type user: string
:return: output: return a tuple with bool and defined message
:rtype output: tuple
"""
deprecate(
"Warning!",
message="modify_sip_config() is deprecated",
category=UserWarning,
)
apt_install(self, "python3")
py_steps = [
"import configparser",
"def modify():",
" config = configparser.ConfigParser(strict=False)",
' config.read("/etc/asterisk/sip.conf")',
' sip_conf = {"type": "friend", "regexten": "' + user +
'", "secret": "1234", "qualify": "no", "nat": '
'"force_rport", "host": "dynamic", "canreinvite": '
'"no", "context": "default", "dial": "SIP/' + user + '"}',
' if "' + oper + '" == "add":',
' config.add_section("' + user + '")',
" for keys, values in sip_conf.items():",
' out = config.set("' + user + '", keys, values)',
' elif "' + oper + '" == "delete":',
' out = config.remove_section("' + user + '")',
' with open("/etc/asterisk/sip.conf", "w") as configfile:',
" config.write(configfile)",
" return out",
"print(modify())",
]
self.sendline("cat > sip_config.py << EOF\n%s\nEOF" %
"\n".join(py_steps))
self.expect("EOF")
self.expect_prompt()
self.sendline("python3 sip_config.py")
self.expect_prompt(timeout=10)
if "Traceback" in self.before:
output = False, "File error :\n%s" % self.before
elif "True" in self.before or "None" in self.before:
output = True, "Operation " + oper + " is successful"
else:
output = False, "Operation " + oper + " is failed"
self.sendline("cat /etc/asterisk/sip.conf")
self.expect_prompt()
self.sendline("rm sip_config.py")
self.expect_prompt()
return output
def runTest(self):
board = self.dev.board
lan = self.dev.lan
installers.apt_install(lan, "wget")
urls = [
'www.amazon.com',
'www.apple.com',
'www.baidu.com',
'www.bing.com',
'www.cnn.com',
'www.ebay.com',
'www.facebook.com',
'www.google.com',
'www.imdb.com',
'www.imgur.com',
'www.instagram.com',
'www.linkedin.com',
'www.microsoft.com',
'www.nbcnews.com',
'www.netflix.com',
'www.pinterest.com',
'www.reddit.com',
'www.twitter.com',
'www.wikipedia.org',
'www.yahoo.com',
]
#urls = 2 * urls # browse more
random.shuffle(urls)
user = '******'
cmd = "wget -Hp http://%(url)s " + \
"-e robots=off " + \
"-P /tmp/webbrowse-test " + \
"-T 10 " + \
"--header='Accept: text/html' " + \
"-U '%(user)s' " + \
"2>&1 | tail -1"
for url in urls:
lan.sendline("mkdir -p /tmp/webbrowse-test")
print("\n%s" % url)
tmp = cmd % {'url': url, 'user': user}
lan.sendline(tmp)
try:
lan.expect('Downloaded:', timeout=20)
except Exception:
lan.sendcontrol('c')
lan.expect(prompt)
lan.sendline("rm -rf /tmp/webbrowse-test")
lan.expect(prompt)
board.touch()
def runTest(self):
"""Run Test to Create light web traffic."""
board = self.dev.board
lan = self.dev.lan
installers.apt_install(lan, "wget")
urls = [
"www.amazon.com",
"www.apple.com",
"www.baidu.com",
"www.bing.com",
"www.cnn.com",
"www.ebay.com",
"www.facebook.com",
"www.google.com",
"www.imdb.com",
"www.imgur.com",
"www.instagram.com",
"www.linkedin.com",
"www.microsoft.com",
"www.nbcnews.com",
"www.netflix.com",
"www.pinterest.com",
"www.reddit.com",
"www.twitter.com",
"www.wikipedia.org",
"www.yahoo.com",
]
random.shuffle(urls)
user = (
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0"
)
cmd = ("wget -Hp http://%(url)s " + "-e robots=off " +
"-P /tmp/webbrowse-test " + "-T 10 " +
"--header='Accept: text/html' " + "-U '%(user)s' " +
"2>&1 | tail -1")
for url in urls:
lan.sendline("mkdir -p /tmp/webbrowse-test")
print("\n%s" % url)
tmp = cmd % {"url": url, "user": user}
lan.sendline(tmp)
try:
lan.expect("Downloaded:", timeout=20)
except Exception:
lan.sendcontrol("c")
lan.expect(prompt)
lan.sendline("rm -rf /tmp/webbrowse-test")
lan.expect(prompt)
board.touch()
def dns_setup_sipserver(sip_server, config):
"""
To setup dns with auth records.
Parameters:
sip_server(obj): sipserver device
"""
try:
if sip_server:
sip_server.prefer_ipv4()
sip_server.sendline('echo "nameserver 8.8.8.8" > /etc/resolv.conf')
apt_install(sip_server, "dnsmasq")
sip_server.setup_dnsmasq(config)
add_dns_auth_record(sip_server, sip_server.name)
except Exception as e:
raise Exception("Unable to initialize dns, failed due to the error : ",
e)
def install_aftr(self):
"""To check the aftr installation.
:raise Exception : installation fails , throws exception
"""
# check for aftr executable
attempt = 0
while attempt < 2:
self.sendline("ls /root/aftr/aftr")
if (self.expect(["No such file or directory", pexpect.TIMEOUT],
timeout=2) == 0):
self.expect(self.prompt)
apt_install(self, "build-essential")
# check for configure script.
self.sendline("ls /root/aftr/configure")
if (self.expect(["No such file or directory", pexpect.TIMEOUT],
timeout=2) == 0):
self.expect(self.prompt)
# need to download the tar file and extract it.
install_wget(self)
self.aftr_url = (self.aftr_local if self.aftr_local
is not None else self.aftr_url)
self.sendline("curl %s -o /root/aftr.tbz" % self.aftr_url)
self.expect(self.prompt, timeout=60)
self.sendline(
"tar -C /root -xvjf /root/aftr.tbz; mv /root/rt28354 /root/aftr"
)
self.expect(self.prompt, timeout=30)
self.sendline("cd /root/aftr")
self.expect(self.prompt)
self.sendline("./configure")
self.expect(self.prompt, timeout=30)
self.sendline("make; cd")
self.expect(self.prompt, timeout=30)
attempt += 1
else:
self.is_installed = True
self.expect(self.prompt)
break
if not self.is_installed:
raise Exception("failed to install AFTR.")
def install_asterisk(self):
"""Install asterisk from internet."""
self.install_essentials()
apt_install(self, 'asterisk', timeout=300)
def install_essentials(self):
"""Install asterisk essentials."""
apt_install(self, 'build-essential')
apt_install(self, 'libncurses5-dev')
apt_install(self, 'libjansson-dev')
apt_install(self, 'uuid-dev')
apt_install(self, 'libxml2-dev')
apt_install(self, 'libsqlite3-dev')
apt_install(self, 'tshark')
def install_pkgs(self):
if self.pkgs_installed:
return
self.sendline(
'echo "Acquire::ForceIPv4 "true";" > /etc/apt/apt.conf.d/99force-ipv4'
)
self.expect(self.prompt)
set_iface_again = False
if (not self.wan_no_eth0 and not self.wan_dhcp
and not self.install_pkgs_after_dhcp
and not getattr(self, "standalone_provisioner", False)):
set_iface_again = True
self.sendline("ifconfig %s down" % self.iface_dut)
self.expect(self.prompt)
pkgs = "isc-dhcp-server xinetd tinyproxy curl apache2-utils nmap psmisc vim-common tftpd-hpa pppoe isc-dhcp-server procps iptables lighttpd psmisc dnsmasq xxd dante-server rsyslog snmp"
def _install_pkgs():
apt_install(self,
pkgs,
dpkg_options='-o DPkg::Options::="--force-confnew"')
# self.sendline(
# % pkgs
# if 0 == self.expect(["Reading package", pexpect.TIMEOUT], timeout=60):
self.pkgs_installed = True
# TODO: use netns for all this?
undo_default_route = None
self.sendline("ping -4 -c1 deb.debian.org")
i = self.expect(
[
"ping: unknown host", "connect: Network is unreachable",
pexpect.TIMEOUT
] + self.prompt,
timeout=10,
)
if 0 == i:
# TODO: don't reference eth0, but the uplink iface
self.sendline(
"echo SYNC; ip route list | grep 'via.*dev eth0' | awk '{print $3}'"
)
self.expect_exact("SYNC\r\n")
if 0 == self.expect([r"(\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})\r\n"] +
self.prompt,
timeout=5):
possible_default_gw = self.match.group(1)
self.sendline("ip route add default via %s" %
possible_default_gw)
self.expect(self.prompt)
self.sendline("ping -c1 deb.debian.org")
self.expect(self.prompt)
undo_default_route = possible_default_gw
apt_install(
self,
pkgs,
dpkg_options='-o DPkg::Options::="--force-confnew"')
# self.sendline(
# % pkgs
# if 0 == self.expect(["Reading package", pexpect.TIMEOUT], timeout=60):
elif 1 == i:
if self.install_pkgs_after_dhcp:
_install_pkgs()
else:
self.install_pkgs_after_dhcp = True
return
elif 2 == i:
self.sendcontrol("c")
self.expect(self.prompt)
else:
_install_pkgs()
if undo_default_route is not None:
self.sendline("ip route del default via %s" % undo_default_route)
self.expect(self.prompt)
if set_iface_again:
self.sendline("ifconfig %s %s" % (self.iface_dut, self.gw_ng))
self.expect(self.prompt)
self.sendline("ifconfig %s up" % self.iface_dut)
self.expect(self.prompt)
if self.static_route is not None:
self.sendline("ip route add %s" % self.static_route)
self.expect(self.prompt)
def sipserver_install(self):
"""Install kamailio from internet."""
self.mysql.install()
rtpproxy_install(self)
apt_install(self, "kamailio", timeout=300)
apt_install(self, "kamailio-mysql-modules", timeout=300)
def install_asterisk(self):
'''
install asterisk from internet
'''
self.install_essentials()
apt_install(self, 'asterisk', timeout=300)
def install_essentials(self):
'''
install asterisk essentials
'''
apt_install(self, 'build-essential')
apt_install(self, 'libncurses5-dev')
apt_install(self, 'libjansson-dev')
apt_install(self, 'uuid-dev')
apt_install(self, 'libxml2-dev')
apt_install(self, 'libsqlite3-dev')
def install_essentials(self):
"""Install asterisk essentials."""
apt_install(self, "build-essential")
apt_install(self, "libncurses5-dev")
apt_install(self, "libjansson-dev")
apt_install(self, "uuid-dev")
apt_install(self, "libxml2-dev")
apt_install(self, "libsqlite3-dev")
apt_install(self, "tshark")
def rtpproxy_install(dev):
"""Install rtpproxy"""
apt_install(dev, "rtpproxy", timeout=60)
def install(self):
"""Install mysql server."""
apt_install(self.handle, "default-mysql-server", timeout=300)
