示例#1
0
 def test_05_new_chain(self):
     """
     Chain 05: create a new chain in filtergroup,
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEquals(
         {'FORWARD': [], 'INPUT': [], 'NEWCHAIN': [], 'OUTPUT': []},
         filter.data)
示例#2
0
 def test_09_insert_rule_works(self):
     """
     Chain 09: insert a rule into a nonempty chain works at start
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p esp -j ACCEPT")
     expect = ['-I INPUT -p esp -j ACCEPT',
               '-I INPUT -p udp -j ACCEPT',
               '-A INPUT -p tcp -j ACCEPT']
     self.assertEquals(expect, filter.data["INPUT"])
示例#3
0
 def test_12_remove_chain(self):
     """
     Chain 12: try to remove an existing chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEquals(
         {'FORWARD': [], 'INPUT': [], 'NEWCHAIN': [], 'OUTPUT': []},
         filter.data)
     filter.put_into_fgr("-X NEWCHAIN")
     self.assertEquals(
         {'FORWARD': [], 'INPUT': [], 'OUTPUT': []},
         filter.data)
示例#4
0
 def test_05_new_chain(self):
     """
     Chain 05: create a new chain in filtergroup,
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEquals(
         {
             'FORWARD': [],
             'INPUT': [],
             'NEWCHAIN': [],
             'OUTPUT': []
         }, filter.data)
示例#5
0
 def test_10_append_rule(self):
     """
     Chain 10: append a rule to a chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     self.assertEquals(['-A INPUT -p tcp -j ACCEPT'], filter.data["INPUT"])
     filter.put_into_fgr("-A INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-A INPUT -p esp -j ACCEPT")
     expect = ['-A INPUT -p tcp -j ACCEPT',
               '-A INPUT -p udp -j ACCEPT',
               '-A INPUT -p esp -j ACCEPT']
     self.assertEquals(expect, filter.data["INPUT"])
示例#6
0
 def test_02_prove_policies(self):
     """
     Chain 02: check 3 valid policies, 1 exception
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-P INPUT DROP")
     self.assertEquals(
         {
             'FORWARD': 'ACCEPT',
             'INPUT': 'DROP',
             'OUTPUT': 'ACCEPT'
         }, filter.poli)
     filter.put_into_fgr("-P FORWARD REJECT")
     self.assertEquals(
         {
             'FORWARD': 'REJECT',
             'INPUT': 'DROP',
             'OUTPUT': 'ACCEPT'
         }, filter.poli)
     filter.put_into_fgr("-P OUTPUT DROP")
     self.assertEquals(
         {
             'FORWARD': 'REJECT',
             'INPUT': 'DROP',
             'OUTPUT': 'DROP'
         }, filter.poli)
     self.assertRaises(ValueError, filter.put_into_fgr, "-P OUTPUT FAIL")
示例#7
0
 def test_08_insert_rule_fail(self):
     """
     Chain 08: insert a rule into a non_existing chain fails
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     #filter.put_into_fgr("-I INPUT -p tcp -j ACCEPT")
     self.assertRaises(ValueError, filter.put_into_fgr, "-I PUT -j ACCEPT")
示例#8
0
    def test_03_tables_names(self):
        """
        Chain 03: 3 cases OK, 1 Exception
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEquals(['-A INPUT -i sl0 -j ACCEPT '], filter.data["INPUT"])

        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t nat -A OUTPUT -j ACCEPT")
        self.assertEquals(['-A OUTPUT -j ACCEPT '], filter.data["OUTPUT"])

        #filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t nat -A FORWARD -j ACCEPT")
        self.assertEquals(['-A FORWARD -j ACCEPT '], filter.data["FORWARD"])

        self.assertRaises(ValueError, filter.put_into_fgr, "-t na -A INPUT")
示例#9
0
 def test_01_create_a_chain_object(self):
     """
     Chain 01: create a Filter group, f.e. filter
     """
     self.assertIsInstance(Chains("filter", ["INPUT", "FORWARD", "OUTPUT"]),
                           Chains)
     self.assertEquals({}, Chains("filter", []))
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     self.assertEquals("filter", filter.name)
     self.assertEquals(['INPUT', 'FORWARD', 'OUTPUT'], filter.tables)
     self.assertEquals("-", filter.policy)
     self.assertEquals(0, filter.length)
     self.assertEquals(
         {
             'FORWARD': 'ACCEPT',
             'INPUT': 'ACCEPT',
             'OUTPUT': 'ACCEPT'
         }, filter.poli)
示例#10
0
    def test_04_flush(self):
        """
        Chain 04: flush filter group, 2 rules and an invalid chain
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEquals(['-A INPUT -i sl0 -j ACCEPT '], filter.data["INPUT"])
        filter.put_into_fgr("-A OUTPUT -o sl1 -j ACCEPT")
        self.assertEquals(['-A OUTPUT -o sl1 -j ACCEPT'],
                          filter.data["OUTPUT"])

        filter.put_into_fgr("-F")
        self.assertEquals([], filter.data["INPUT"])
        self.assertEquals([], filter.data["OUTPUT"])

        self.assertRaises(ValueError, filter.put_into_fgr, "-t inval -F")
示例#11
0
    def test_03_tables_names(self):
        """
        Chain 03: 3 cases OK, 1 Exception
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEquals(['-A INPUT -i sl0 -j ACCEPT '], filter.data["INPUT"])

        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t nat -A OUTPUT -j ACCEPT")
        self.assertEquals(['-A OUTPUT -j ACCEPT '], filter.data["OUTPUT"])

        #filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t nat -A FORWARD -j ACCEPT")
        self.assertEquals(['-A FORWARD -j ACCEPT '], filter.data["FORWARD"])

        self.assertRaises(ValueError, filter.put_into_fgr, "-t na -A INPUT")
示例#12
0
 def test_09_insert_rule_works(self):
     """
     Chain 09: insert a rule into a nonempty chain works at start
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p esp -j ACCEPT")
     expect = [
         '-I INPUT -p esp -j ACCEPT', '-I INPUT -p udp -j ACCEPT',
         '-A INPUT -p tcp -j ACCEPT'
     ]
     self.assertEquals(expect, filter.data["INPUT"])
示例#13
0
    def test_04_flush(self):
        """
        Chain 04: flush filter group, 2 rules and an invalid chain
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEquals(['-A INPUT -i sl0 -j ACCEPT '],
                          filter.data["INPUT"])
        filter.put_into_fgr("-A OUTPUT -o sl1 -j ACCEPT")
        self.assertEquals(['-A OUTPUT -o sl1 -j ACCEPT'],
                          filter.data["OUTPUT"])

        filter.put_into_fgr("-F")
        self.assertEquals([], filter.data["INPUT"])
        self.assertEquals([], filter.data["OUTPUT"])

        self.assertRaises(ValueError, filter.put_into_fgr, "-t inval -F")
示例#14
0
 def test_10_append_rule(self):
     """
     Chain 10: append a rule to a chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     self.assertEquals(['-A INPUT -p tcp -j ACCEPT'], filter.data["INPUT"])
     filter.put_into_fgr("-A INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-A INPUT -p esp -j ACCEPT")
     expect = [
         '-A INPUT -p tcp -j ACCEPT', '-A INPUT -p udp -j ACCEPT',
         '-A INPUT -p esp -j ACCEPT'
     ]
     self.assertEquals(expect, filter.data["INPUT"])
示例#15
0
 def test_02_prove_policies(self):
     """
     Chain 02: check 3 valid policies, 1 exception
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-P INPUT DROP")
     self.assertEquals(
         {'FORWARD': 'ACCEPT', 'INPUT': 'DROP', 'OUTPUT': 'ACCEPT'},
         filter.poli)
     filter.put_into_fgr("-P FORWARD REJECT")
     self.assertEquals(
         {'FORWARD': 'REJECT', 'INPUT': 'DROP', 'OUTPUT': 'ACCEPT'},
         filter.poli)
     filter.put_into_fgr("-P OUTPUT DROP")
     self.assertEquals(
         {'FORWARD': 'REJECT', 'INPUT': 'DROP', 'OUTPUT': 'DROP'},
         filter.poli)
     self.assertRaises(ValueError, filter.put_into_fgr, "-P OUTPUT FAIL")
示例#16
0
 def test_12_remove_chain(self):
     """
     Chain 12: try to remove an existing chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEquals(
         {
             'FORWARD': [],
             'INPUT': [],
             'NEWCHAIN': [],
             'OUTPUT': []
         }, filter.data)
     filter.put_into_fgr("-X NEWCHAIN")
     self.assertEquals({
         'FORWARD': [],
         'INPUT': [],
         'OUTPUT': []
     }, filter.data)
示例#17
0
 def test_13_illegal_command(self):
     """
     Chain 13: try an ilegal command
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     self.assertRaises(ValueError, filter.put_into_fgr, "-Y USERCHAIN")
示例#18
0
 def test_11_remove_predef_chain(self):
     """
     Chain 11: try to remove a prefined chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     self.assertRaises(ValueError, filter.put_into_fgr, "-X INPUT")
示例#19
0
 def test_06_new_existing_chain_fails(self):
     """
     Chain 06: create an exsiting chain should fail
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     self.assertRaises(ValueError, filter.put_into_fgr, "-N INPUT")