示例#1
0
 def test_06_new_existing_chain_fails(self):
     """
     Chain 06: create an exsiting chain should fail
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-N INPUT")
示例#2
0
 def test_08_insert_rule_fail(self):
     """
     Chain 08: insert a rule into a non_existing chain fails
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-I PUT -j ACCEPT")
示例#3
0
 def test_13_illegal_command(self):
     """
     Chain 13: try an ilegal command
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-Y USERCHAIN")
示例#4
0
 def test_06_new_existing_chain_fails(self):
     """
     Chain 06: create an exsiting chain should fail
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-N INPUT")
示例#5
0
 def test_11_remove_predef_chain(self):
     """
     Chain 11: try to remove a prefined chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-X INPUT")
示例#6
0
 def test_02_prove_policies(self):
     """
     Chain 02: check 3 valid policies, 1 exception
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-P INPUT DROP")
     self.assertEqual(
         {
             'FORWARD': 'ACCEPT',
             'INPUT': 'DROP',
             'OUTPUT': 'ACCEPT'
         }, filter.poli)
     filter.put_into_fgr("-P FORWARD REJECT")
     self.assertEqual(
         {
             'FORWARD': 'REJECT',
             'INPUT': 'DROP',
             'OUTPUT': 'ACCEPT'
         }, filter.poli)
     filter.put_into_fgr("-P OUTPUT DROP")
     self.assertEqual(
         {
             'FORWARD': 'REJECT',
             'INPUT': 'DROP',
             'OUTPUT': 'DROP'
         }, filter.poli)
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-P OUTPUT FAIL")
示例#7
0
 def test_13_illegal_command(self):
     """
     Chain 13: try an ilegal command
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-Y USERCHAIN")
示例#8
0
 def test_11_remove_predef_chain(self):
     """
     Chain 11: try to remove a prefined chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-X INPUT")
示例#9
0
 def test_08_insert_rule_fail(self):
     """
     Chain 08: insert a rule into a non_existing chain fails
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-I PUT -j ACCEPT")
示例#10
0
 def test_05_new_chain(self):
     """
     Chain 05: create a new chain in filtergroup,
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEqual(
         {'FORWARD': [], 'INPUT': [], 'NEWCHAIN': [], 'OUTPUT': []},
         filter.data)
示例#11
0
 def test_09_insert_rule_works(self):
     """
     Chain 09: insert a rule into a nonempty chain works at start
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p esp -j ACCEPT")
     expect = ['-I INPUT -p esp -j ACCEPT',
               '-I INPUT -p udp -j ACCEPT',
               '-A INPUT -p tcp -j ACCEPT']
     self.assertEqual(expect, filter.data["INPUT"])
示例#12
0
 def test_12_remove_chain(self):
     """
     Chain 12: try to remove an existing chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEqual(
         {'FORWARD': [], 'INPUT': [], 'NEWCHAIN': [], 'OUTPUT': []},
         filter.data)
     filter.put_into_fgr("-X NEWCHAIN")
     self.assertEqual(
         {'FORWARD': [], 'INPUT': [], 'OUTPUT': []},
         filter.data)
示例#13
0
 def test_05_new_chain(self):
     """
     Chain 05: create a new chain in filtergroup,
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEqual(
         {
             'FORWARD': [],
             'INPUT': [],
             'NEWCHAIN': [],
             'OUTPUT': []
         }, filter.data)
示例#14
0
 def test_10_append_rule(self):
     """
     Chain 10: append a rule to a chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     self.assertEqual(['-A INPUT -p tcp -j ACCEPT'], filter.data["INPUT"])
     filter.put_into_fgr("-A INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-A INPUT -p esp -j ACCEPT")
     expect = ['-A INPUT -p tcp -j ACCEPT',
               '-A INPUT -p udp -j ACCEPT',
               '-A INPUT -p esp -j ACCEPT']
     self.assertEqual(expect, filter.data["INPUT"])
示例#15
0
    def test_04_flush(self):
        """
        Chain 04: flush filter group, 2 rules and an invalid chain
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEqual(['-A INPUT -i sl0 -j ACCEPT '], filter.data["INPUT"])
        filter.put_into_fgr("-A OUTPUT -o sl1 -j ACCEPT")
        self.assertEqual(['-A OUTPUT -o sl1 -j ACCEPT'], filter.data["OUTPUT"])

        filter.put_into_fgr("-F")
        self.assertEqual([], filter.data["INPUT"])
        self.assertEqual([], filter.data["OUTPUT"])

        with self.assertRaises(ConverterError):
            filter.put_into_fgr("-t inval -F")
示例#16
0
    def test_03_tables_names(self):
        """
        Chain 03: 3 cases OK, 1 Exception
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEqual(['-A INPUT -i sl0 -j ACCEPT '], filter.data["INPUT"])

        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t nat -A OUTPUT -j ACCEPT")
        self.assertEqual(['-A OUTPUT -j ACCEPT '], filter.data["OUTPUT"])

        filter.put_into_fgr("-t nat -A FORWARD -j ACCEPT")
        self.assertEqual(['-A FORWARD -j ACCEPT '], filter.data["FORWARD"])

        with self.assertRaises(ConverterError):
            filter.put_into_fgr("-t na -A INPUT")
示例#17
0
 def test_01_create_a_chain_object(self):
     """
     Chain 01: create a Filter group, f.e. filter
     """
     self.assertIsInstance(Chains("filter", ["INPUT", "FORWARD", "OUTPUT"]),
                           Chains)
     self.assertEqual({}, Chains("filter", []))
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     self.assertEqual("filter", filter.name)
     self.assertEqual(['INPUT', 'FORWARD', 'OUTPUT'], filter.tables)
     self.assertEqual("-", filter.policy)
     self.assertEqual(0, filter.length)
     self.assertEqual(
         {
             'FORWARD': 'ACCEPT',
             'INPUT': 'ACCEPT',
             'OUTPUT': 'ACCEPT'
         }, filter.poli)
示例#18
0
    def test_04_flush(self):
        """
        Chain 04: flush filter group, 2 rules and an invalid chain
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEqual(['-A INPUT -i sl0 -j ACCEPT '],
                         filter.data["INPUT"])
        filter.put_into_fgr("-A OUTPUT -o sl1 -j ACCEPT")
        self.assertEqual(['-A OUTPUT -o sl1 -j ACCEPT'],
                         filter.data["OUTPUT"])

        filter.put_into_fgr("-F")
        self.assertEqual([], filter.data["INPUT"])
        self.assertEqual([], filter.data["OUTPUT"])

        with self.assertRaises(ConverterError):
            filter.put_into_fgr("-t inval -F")
示例#19
0
 def test_02_prove_policies(self):
     """
     Chain 02: check 3 valid policies, 1 exception
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-P INPUT DROP")
     self.assertEqual(
         {'FORWARD': 'ACCEPT', 'INPUT': 'DROP', 'OUTPUT': 'ACCEPT'},
         filter.poli)
     filter.put_into_fgr("-P FORWARD REJECT")
     self.assertEqual(
         {'FORWARD': 'REJECT', 'INPUT': 'DROP', 'OUTPUT': 'ACCEPT'},
         filter.poli)
     filter.put_into_fgr("-P OUTPUT DROP")
     self.assertEqual(
         {'FORWARD': 'REJECT', 'INPUT': 'DROP', 'OUTPUT': 'DROP'},
         filter.poli)
     with self.assertRaises(ConverterError):
         filter.put_into_fgr("-P OUTPUT FAIL")
示例#20
0
 def test_09_insert_rule_works(self):
     """
     Chain 09: insert a rule into a nonempty chain works at start
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-I INPUT -p esp -j ACCEPT")
     expect = [
         '-I INPUT -p esp -j ACCEPT', '-I INPUT -p udp -j ACCEPT',
         '-A INPUT -p tcp -j ACCEPT'
     ]
     self.assertEqual(expect, filter.data["INPUT"])
示例#21
0
 def test_10_append_rule(self):
     """
     Chain 10: append a rule to a chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-A INPUT -p tcp -j ACCEPT")
     self.assertEqual(['-A INPUT -p tcp -j ACCEPT'], filter.data["INPUT"])
     filter.put_into_fgr("-A INPUT -p udp -j ACCEPT")
     filter.put_into_fgr("-A INPUT -p esp -j ACCEPT")
     expect = [
         '-A INPUT -p tcp -j ACCEPT', '-A INPUT -p udp -j ACCEPT',
         '-A INPUT -p esp -j ACCEPT'
     ]
     self.assertEqual(expect, filter.data["INPUT"])
示例#22
0
 def test_12_remove_chain(self):
     """
     Chain 12: try to remove an existing chain
     """
     filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
     filter.put_into_fgr("-N NEWCHAIN")
     self.assertEqual(
         {
             'FORWARD': [],
             'INPUT': [],
             'NEWCHAIN': [],
             'OUTPUT': []
         }, filter.data)
     filter.put_into_fgr("-X NEWCHAIN")
     self.assertEqual({
         'FORWARD': [],
         'INPUT': [],
         'OUTPUT': []
     }, filter.data)
示例#23
0
    def test_03_tables_names(self):
        """
        Chain 03: 3 cases OK, 1 Exception
        """
        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t filter -A INPUT -i sl0 -j ACCEPT")
        self.assertEqual(['-A INPUT -i sl0 -j ACCEPT '], filter.data["INPUT"])

        filter = Chains("filter", ["INPUT", "FORWARD", "OUTPUT"])
        filter.put_into_fgr("-t nat -A OUTPUT -j ACCEPT")
        self.assertEqual(['-A OUTPUT -j ACCEPT '], filter.data["OUTPUT"])

        filter.put_into_fgr("-t nat -A FORWARD -j ACCEPT")
        self.assertEqual(['-A FORWARD -j ACCEPT '], filter.data["FORWARD"])

        with self.assertRaises(ConverterError):
            filter.put_into_fgr("-t na -A INPUT")