Пример #1
0
 def testPackagesLogic(self):
     processor.parse(self._load('data/testParsePackages.txt'), self.c)
     packages.build(
         self._load_YAML('data/manifest.yml')['packages'], self.c)
     pack = self._query('SELECT * FROM package')
     expected = ((1, 'dns', 'last'), (2, 'dhssh', 'test'),
                 (2, 'dns', '(test)'), (2, 'dns', 'last'),
                 (2, 'ldapclient', None), (2, 'syslogclient', None),
                 (3, 'dns', 'last'), (5, 'dhssh', 'test'), (5, 'tac', 'a'),
                 (5, 'tac', 'b'), (6, 'dhssh', 'test'), (6, 'dns', None),
                 (6, 'wwwpub', None), (8, 'dhssh',
                                       'test'), (8, 'syslogclient', None),
                 (8, 'tac', None), (9, 'dhssh', 'test'), (9, 'syslogclient',
                                                          None),
                 (10, 'dhssh', 'test'), (10, 'ldapclient',
                                         None), (10, 'syslogclient', None),
                 (11, 'dhssh', 'test'), (11, 'syslogclient',
                                         None), (15, 'switch', None))
     self.assertEquals(
         len(pack), len(expected),
         "Wrong number of packages in database: got %d, expected %d" %
         (len(pack), len(expected)))
     for i, (node_id, package, option) in enumerate(expected):
         self.assertEquals(pack[i].node_id, node_id)
         self.assertEquals(pack[i].name, package)
         self.assertEquals(pack[i].option, option)
Пример #2
0
    def testServerClientRule(self):
        lines = self._load('data/testServerClientRules.txt')
        processor.parse(lines, self.c)
        packages.build(self.packages, self.c)
        firewall.build(self.packages, self.c)
        rules = self._query('SELECT * FROM firewall_rule_ip_level')
        self.assertEquals(len(rules), 1, "Wrong number of firewall rules")

        rule = self._query(
            """SELECT
               from_node_name, to_node_name, flow_name, service_dst_ports
               FROM firewall_rule_ip_level"""
        )[0]
        self.assertEquals(
            rule[0],
            'jumpgate1.event.dreamhack.se',
            "Wrong source host")
        self.assertEquals(
            rule[1],
            'ddns1.event.dreamhack.se',
            "Wrong destination host")
        self.assertEquals(rule[2], 'event', "Wrong flow")
        self.assertEquals(
            rule[3],
            '2022/tcp',
            "Wrong destination port/protocol")
Пример #3
0
    def testServerClientRuleNat(self):
        lines = self._load('data/testServerClientRulesNat.txt')
        processor.parse(lines, self.c)
        packages.build(self.packages, self.c)
        firewall.build(self.packages, self.c)
        rules = self._query('SELECT * FROM firewall_rule_ip_level')
        self.assertEquals(len(rules), 3, "Wrong number of firewall rules")

        non_nat_rule1, nat_rule, non_nat_rule2 = self._query("""SELECT
               from_node_name, to_node_name, flow_name, service_dst_ports
               FROM firewall_rule_ip_level""")
        self.assertEquals(non_nat_rule1[0], 'jumpgate1.event.dreamhack.se',
                          "Wrong source host")
        self.assertEquals(non_nat_rule1[1], 'ddns1.event.dreamhack.se',
                          "Wrong destination host")
        self.assertEquals(non_nat_rule1[2], 'event', "Wrong flow")
        self.assertEquals(non_nat_rule1[3], '2022/tcp',
                          "Wrong destination port/protocol")

        self.assertEquals(nat_rule[0], 'nat.event.dreamhack.se',
                          "Wrong source host")
        self.assertEquals(nat_rule[1], 'ddns1.event.dreamhack.se',
                          "Wrong destination host")
        self.assertEquals(nat_rule[2], 'event', "Wrong flow")
        self.assertEquals(nat_rule[3], '2022/tcp',
                          "Wrong destination port/protocol")

        self.assertEquals(non_nat_rule2[0], 'jumpgate2.event.dreamhack.se',
                          "Wrong source host")
        self.assertEquals(non_nat_rule2[1], 'ddns1.event.dreamhack.se',
                          "Wrong destination host")
        self.assertEquals(non_nat_rule2[2], 'event', "Wrong flow")
        self.assertEquals(non_nat_rule2[3], '2022/tcp',
                          "Wrong destination port/protocol")
Пример #4
0
    def testWorldRule(self):
        processor.parse(self._load('data/testWorldRule.txt'), self.c)
        packages.build(self.packages, self.c)
        firewall.build(self.packages, self.c)
        rules = self._query('SELECT * FROM firewall_rule_ip_level')
        self.assertEquals(len(rules), 1, "Wrong number of firewall rules")

        rule = self._query("""SELECT
               from_node_name, to_node_name, flow_name, service_dst_ports
               FROM firewall_rule_ip_level""")[0]
        self.assertEquals(rule[0], 'ANY', "Wrong source host")
        self.assertEquals(rule[1], 'www.event.dreamhack.se',
                          "Wrong destination host")
        self.assertEquals(rule[2], 'event', "Wrong flow")
        self.assertEquals(rule[3], '80/tcp', "Wrong destination port/protocol")
Пример #5
0
    def testLocalRule(self):
        processor.parse(self._load('data/testLocalRule.txt'), self.c)
        packages.build(self.packages, self.c)
        firewall.build(self.packages, self.c)
        rules = self._query('SELECT * FROM firewall_rule_ip_level')
        self.assertEquals(len(rules), 1, "Wrong number of firewall rules")

        rule = rules[0]
        self.assertEquals(rule[0], 1, "Wrong rule id")
        self.assertEquals(rule[2], 'EVENT@TECH-SRV-6-JUMPNET',
                          "Wrong source host")
        self.assertEquals(rule[3], '77.80.231.128/28',
                          "Wrong source IPv4 address")
        self.assertEquals(rule[5], 'speedtest1mgmt.event.dreamhack.se',
                          "Wrong destination host")
        self.assertEquals(rule[11], '69/udp',
                          "Wrong destination port/protocol")
Пример #6
0
    def testPublicRule(self):
        processor.parse(self._load('data/testPublicRule.txt'), self.c)
        packages.build(self.packages, self.c)
        firewall.build(self.packages, self.c)
        rules = self._query('SELECT * FROM firewall_rule_ip_level')
        self.assertEquals(len(rules), 8, "Wrong number of firewall rules")

        rules = self._query("""SELECT
               from_node_name, to_node_name, flow_name, service_dst_ports
               FROM
               firewall_rule_ip_level
               WHERE from_node_name = 'EVENT@DREAMHACK'""")
        self.assertEquals(len(rules), 2, "Wrong number of firewall rules")

        rule = self._query("""SELECT
               from_node_name, to_node_name, flow_name, service_dst_ports
               FROM firewall_rule_ip_level
               WHERE from_node_name = 'EVENT@DREAMHACK'
               AND service_dst_ports = '123/udp,123/tcp'""")
        self.assertEquals(len(rule), 1, "Wrong number of firewall rules")
Пример #7
0
    def testLocalRule(self):
        processor.parse(self._load('data/testLocalRule.txt'), self.c)
        packages.build(self.packages, self.c)
        firewall.build(self.packages, self.c)
        rules = self._query('SELECT * FROM firewall_rule_ip_level')
        self.assertEquals(len(rules), 1, "Wrong number of firewall rules")

        rule = rules[0]
        self.assertEquals(rule[0], 1, "Wrong rule id")
        self.assertEquals(rule[2], 'EVENT@TECH-SRV-6-JUMPNET',
            "Wrong source host")
        self.assertEquals(
            rule[3],
            '77.80.231.128/28',
            "Wrong source IPv4 address")
        self.assertEquals(
            rule[5],
            'speedtest1mgmt.event.dreamhack.se',
            "Wrong destination host")
        self.assertEquals(
            rule[11],
            '69/udp',
            "Wrong destination port/protocol")
Пример #8
0
 def testPackagesLogic(self):
   processor.parse(self._load('data/testParsePackages.txt'), self.c)
   packages.build(self._load_YAML('data/manifest.yml')['packages'], self.c)
   pack = self._query('SELECT * FROM package')
   expected = (
           (1, 'dns', 'last'),
           (2, 'dhssh', 'test'),
           (2, 'dns', '(test)'),
           (2, 'dns', 'last'),
           (2, 'ldapclient', None),
           (2, 'syslogclient', None),
           (3, 'dns', 'last'),
           (5, 'dhssh', 'test'),
           (5, 'tac', 'a'),
           (5, 'tac', 'b'),
           (6, 'dhssh', 'test'),
           (6, 'dns', None),
           (6, 'wwwpub', None),
           (8, 'dhssh', 'test'),
           (8, 'syslogclient', None),
           (8, 'tac', None),
           (9, 'dhssh', 'test'),
           (9, 'syslogclient', None),
           (10, 'dhssh', 'test'),
           (10, 'ldapclient', None),
           (10, 'syslogclient', None),
           (11, 'dhssh', 'test'),
           (11, 'ldapclient', None),
           (11, 'syslogclient', None),
           (15, 'switch', None))
   self.assertEquals(len(pack), len(expected),
           "Wrong number of packages in database: got %d, expected %d" % (
               len(pack), len(expected)))
   for i, (node_id, package, option) in enumerate(expected):
       self.assertEquals(pack[i].node_id, node_id)
       self.assertEquals(pack[i].name, package)
       self.assertEquals(pack[i].option, option)
Пример #9
0
    def testPublicRule(self):
        processor.parse(self._load('data/testPublicRule.txt'), self.c)
        packages.build(self.packages, self.c)
        firewall.build(self.packages, self.c)
        rules = self._query('SELECT * FROM firewall_rule_ip_level')
        self.assertEquals(len(rules), 8, "Wrong number of firewall rules")

        rules = self._query(
            """SELECT
               from_node_name, to_node_name, flow_name, service_dst_ports
               FROM
               firewall_rule_ip_level
               WHERE from_node_name = 'EVENT@DREAMHACK'"""
        )
        self.assertEquals(len(rules), 2, "Wrong number of firewall rules")

        rule = self._query(
            """SELECT
               from_node_name, to_node_name, flow_name, service_dst_ports
               FROM firewall_rule_ip_level
               WHERE from_node_name = 'EVENT@DREAMHACK'
               AND service_dst_ports = '123/udp,123/tcp'"""
        )
        self.assertEquals(len(rule), 1, "Wrong number of firewall rules")