def testPackagesLogic(self):
processor.parse(self._load('data/testParsePackages.txt'), self.c)
packages.build(
self._load_YAML('data/manifest.yml')['packages'], self.c)
pack = self._query('SELECT * FROM package')
expected = ((1, 'dns', 'last'), (2, 'dhssh', 'test'),
(2, 'dns', '(test)'), (2, 'dns', 'last'),
(2, 'ldapclient', None), (2, 'syslogclient', None),
(3, 'dns', 'last'), (5, 'dhssh', 'test'), (5, 'tac', 'a'),
(5, 'tac', 'b'), (6, 'dhssh', 'test'), (6, 'dns', None),
(6, 'wwwpub', None), (8, 'dhssh',
'test'), (8, 'syslogclient', None),
(8, 'tac', None), (9, 'dhssh', 'test'), (9, 'syslogclient',
None),
(10, 'dhssh', 'test'), (10, 'ldapclient',
None), (10, 'syslogclient', None),
(11, 'dhssh', 'test'), (11, 'syslogclient',
None), (15, 'switch', None))
self.assertEquals(
len(pack), len(expected),
"Wrong number of packages in database: got %d, expected %d" %
(len(pack), len(expected)))
for i, (node_id, package, option) in enumerate(expected):
self.assertEquals(pack[i].node_id, node_id)
self.assertEquals(pack[i].name, package)
self.assertEquals(pack[i].option, option)
def testServerClientRule(self):
lines = self._load('data/testServerClientRules.txt')
processor.parse(lines, self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = self._query(
"""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level"""
)[0]
self.assertEquals(
rule[0],
'jumpgate1.event.dreamhack.se',
"Wrong source host")
self.assertEquals(
rule[1],
'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[2], 'event', "Wrong flow")
self.assertEquals(
rule[3],
'2022/tcp',
"Wrong destination port/protocol")
def testServerClientRuleNat(self):
lines = self._load('data/testServerClientRulesNat.txt')
processor.parse(lines, self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 3, "Wrong number of firewall rules")
non_nat_rule1, nat_rule, non_nat_rule2 = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level""")
self.assertEquals(non_nat_rule1[0], 'jumpgate1.event.dreamhack.se',
"Wrong source host")
self.assertEquals(non_nat_rule1[1], 'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(non_nat_rule1[2], 'event', "Wrong flow")
self.assertEquals(non_nat_rule1[3], '2022/tcp',
"Wrong destination port/protocol")
self.assertEquals(nat_rule[0], 'nat.event.dreamhack.se',
"Wrong source host")
self.assertEquals(nat_rule[1], 'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(nat_rule[2], 'event', "Wrong flow")
self.assertEquals(nat_rule[3], '2022/tcp',
"Wrong destination port/protocol")
self.assertEquals(non_nat_rule2[0], 'jumpgate2.event.dreamhack.se',
"Wrong source host")
self.assertEquals(non_nat_rule2[1], 'ddns1.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(non_nat_rule2[2], 'event', "Wrong flow")
self.assertEquals(non_nat_rule2[3], '2022/tcp',
"Wrong destination port/protocol")
def testWorldRule(self):
processor.parse(self._load('data/testWorldRule.txt'), self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level""")[0]
self.assertEquals(rule[0], 'ANY', "Wrong source host")
self.assertEquals(rule[1], 'www.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[2], 'event', "Wrong flow")
self.assertEquals(rule[3], '80/tcp', "Wrong destination port/protocol")
def testLocalRule(self):
processor.parse(self._load('data/testLocalRule.txt'), self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = rules[0]
self.assertEquals(rule[0], 1, "Wrong rule id")
self.assertEquals(rule[2], 'EVENT@TECH-SRV-6-JUMPNET',
"Wrong source host")
self.assertEquals(rule[3], '77.80.231.128/28',
"Wrong source IPv4 address")
self.assertEquals(rule[5], 'speedtest1mgmt.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(rule[11], '69/udp',
"Wrong destination port/protocol")
def testPublicRule(self):
processor.parse(self._load('data/testPublicRule.txt'), self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 8, "Wrong number of firewall rules")
rules = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM
firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'""")
self.assertEquals(len(rules), 2, "Wrong number of firewall rules")
rule = self._query("""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'
AND service_dst_ports = '123/udp,123/tcp'""")
self.assertEquals(len(rule), 1, "Wrong number of firewall rules")
def testLocalRule(self):
processor.parse(self._load('data/testLocalRule.txt'), self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 1, "Wrong number of firewall rules")
rule = rules[0]
self.assertEquals(rule[0], 1, "Wrong rule id")
self.assertEquals(rule[2], 'EVENT@TECH-SRV-6-JUMPNET',
"Wrong source host")
self.assertEquals(
rule[3],
'77.80.231.128/28',
"Wrong source IPv4 address")
self.assertEquals(
rule[5],
'speedtest1mgmt.event.dreamhack.se',
"Wrong destination host")
self.assertEquals(
rule[11],
'69/udp',
"Wrong destination port/protocol")
def testPackagesLogic(self):
processor.parse(self._load('data/testParsePackages.txt'), self.c)
packages.build(self._load_YAML('data/manifest.yml')['packages'], self.c)
pack = self._query('SELECT * FROM package')
expected = (
(1, 'dns', 'last'),
(2, 'dhssh', 'test'),
(2, 'dns', '(test)'),
(2, 'dns', 'last'),
(2, 'ldapclient', None),
(2, 'syslogclient', None),
(3, 'dns', 'last'),
(5, 'dhssh', 'test'),
(5, 'tac', 'a'),
(5, 'tac', 'b'),
(6, 'dhssh', 'test'),
(6, 'dns', None),
(6, 'wwwpub', None),
(8, 'dhssh', 'test'),
(8, 'syslogclient', None),
(8, 'tac', None),
(9, 'dhssh', 'test'),
(9, 'syslogclient', None),
(10, 'dhssh', 'test'),
(10, 'ldapclient', None),
(10, 'syslogclient', None),
(11, 'dhssh', 'test'),
(11, 'ldapclient', None),
(11, 'syslogclient', None),
(15, 'switch', None))
self.assertEquals(len(pack), len(expected),
"Wrong number of packages in database: got %d, expected %d" % (
len(pack), len(expected)))
for i, (node_id, package, option) in enumerate(expected):
self.assertEquals(pack[i].node_id, node_id)
self.assertEquals(pack[i].name, package)
self.assertEquals(pack[i].option, option)
def testPublicRule(self):
processor.parse(self._load('data/testPublicRule.txt'), self.c)
packages.build(self.packages, self.c)
firewall.build(self.packages, self.c)
rules = self._query('SELECT * FROM firewall_rule_ip_level')
self.assertEquals(len(rules), 8, "Wrong number of firewall rules")
rules = self._query(
"""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM
firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'"""
)
self.assertEquals(len(rules), 2, "Wrong number of firewall rules")
rule = self._query(
"""SELECT
from_node_name, to_node_name, flow_name, service_dst_ports
FROM firewall_rule_ip_level
WHERE from_node_name = 'EVENT@DREAMHACK'
AND service_dst_ports = '123/udp,123/tcp'"""
)
self.assertEquals(len(rule), 1, "Wrong number of firewall rules")