def testCreateHole(self):
client_id = new_client_id()
hole = Hole(client_id)
self.failUnlessEqual(hole.expiration, DEFAULT_EXPIRATION)
hole = Hole(client_id, expiration=10 * SECOND)
self.failUnlessEqual(hole.expiration, 10 * SECOND)
def testExpirationTime(self):
self.failUnlessIdentical(self.holes.getNextExpiration(), None)
client_id1 = new_client_id()
hole1 = Hole(client_id1, expiration=5 * SECOND)
self.holes.add(hole1)
# self.holes.now() always returns 0, so the next expiration is always
# 0 + earliest_hole.expiration
next_expiration = self.holes.getNextExpiration()
self.failUnlessEqual(next_expiration, hole1.expiration)
client_id2 = new_client_id()
hole2 = Hole(client_id2, expiration=10 * SECOND)
self.holes.add(hole2)
next_expiration = self.holes.getNextExpiration()
self.failUnlessEqual(next_expiration, hole1.expiration)
client_id3 = new_client_id()
hole3 = Hole(client_id3, expiration=1 * SECOND)
self.holes.add(hole3)
next_expiration = self.holes.getNextExpiration()
self.failUnlessEqual(next_expiration, hole3.expiration)
now = 1
self.holes.test_now = now
self.holes._hole_expired_call.cancel()
self.holes._holeExpired()
next_expiration = self.holes.getNextExpiration()
self.failUnlessEqual(next_expiration, hole1.expiration - now)
self.holes.remove(client_id1)
next_expiration = self.holes.getNextExpiration()
self.failUnlessEqual(next_expiration, hole2.expiration - now)
self.holes.remove(client_id2)
next_expiration = self.holes.getNextExpiration()
self.failUnlessIdentical(next_expiration, None)
def testExpirationTimeCatchUp(self):
client_id1 = new_client_id()
hole1 = Hole(client_id1, expiration=5 * SECOND)
self.holes.add(hole1)
client_id2 = new_client_id()
hole2 = Hole(client_id2, expiration=10 * SECOND)
self.holes.add(hole2)
client_id3 = new_client_id()
hole3 = Hole(client_id3, expiration=11 * SECOND)
self.holes.add(hole3)
now = 10
self.holes.test_now = now
self.holes._hole_expired_call.cancel()
self.holes._holeExpired()
next_expiration = self.holes.getNextExpiration()
self.failUnlessEqual(next_expiration, hole3.expiration - now)
self.holes.remove(client_id3)
next_expiration = self.holes.getNextExpiration()
self.failUnlessIdentical(next_expiration, None)
def testLog(self):
logger = FakeLogger()
client_id = new_client_id()
logger.logHTTP(client_id, "1.2.3.4", 80,
"www.example.net", "/index.html")
self.failUnlessEqual(len(logger.requests), 1)
url, encoded_data = logger.requests[0]
data_dict = parse_qs(encoded_data)
data = json.loads(data_dict["data"][0])
del data["timestamp"]
self.failUnlessEqual(url, "http://localhost/log/client/" + client_id[0])
self.failUnlessEqual(data, {"client_id": client_id[0],
"destination": "1.2.3.4", "port": 80,
"http_host": "www.example.net",
"http_resource": "/index.html"})
def testAddRemoveHoles(self):
client_id1 = new_client_id()
hole1 = Hole(client_id1)
hole1_copy = Hole(client_id1)
# add an hole
self.holes.add(hole1)
# can't add twice
self.failUnlessRaises(HoleError, self.holes.add, hole1_copy)
self.failUnlessEqual(self.holes.getNumHoles(), 1)
# check for existence
tmp = self.holes.find(client_id1)
self.failUnlessEqual(hole1.client_id, tmp.client_id)
# remove the hole
self.holes.remove(client_id1)
# can't remove twice
self.failUnlessRaises(HoleError, self.holes.remove, client_id1)
self.failUnlessEqual(self.holes.getNumHoles(), 0)
def testFindNoHoles(self):
client_id = new_client_id()
self.failUnlessRaises(HoleError, self.holes.find, client_id)
def carry_on(result):
client_id1 = new_client_id()
# clean + 2 commits
self.failUnlessEqual(mangle.commits, 3)
self.failUnlessEqual(len(mangle._entries), 4)
# cattivo table must be reinitialized
self.failUnlessEqual(mangle._flush, ["cattivo"])
self.failUnlessEqual(mangle._deleted_chains, ["cattivo"])
self.failUnlessEqual(mangle._chains, ["cattivo"])
# authenticator entry
entry, chain = mangle._entries[0]
self.failUnlessEqual(chain, "cattivo")
self.failUnlessEqual(entry.source, None)
self.failIfEqual(entry.destination, None)
self.failUnlessEqual(entry.in_interface, None)
self.failUnlessEqual(entry.out_interface, None)
self.failUnlessEqual(len(entry.matches), 1)
self.failUnlessEqual(entry.matches[0].name, "tcp")
self.failUnlessEqual(entry.target.name, "ACCEPT")
# local traffic entry
entry, chain = mangle._entries[1]
self.failUnlessEqual(chain, "cattivo")
self.failUnlessEqual(entry.source, None)
self.failUnlessEqual(entry.destination, None)
self.failUnlessEqual(entry.in_interface, "lo")
self.failUnlessEqual(entry.out_interface, None)
self.failUnlessEqual(len(entry.matches), 0)
self.failUnlessEqual(entry.target.name, "ACCEPT")
# default tproxy entry
entry, chain = mangle._entries[2]
self.failUnlessEqual(chain, "cattivo")
self.failUnlessEqual(entry.source, None)
self.failUnlessEqual(entry.destination, None)
self.failUnlessEqual(entry.in_interface, None)
self.failUnlessEqual(entry.out_interface, None)
self.failUnlessEqual(len(entry.matches), 1)
self.failUnlessEqual(entry.matches[0].name, "tcp")
self.failUnlessEqual(entry.target.name, "TPROXY")
# jump in cattivo entry
entry, chain = mangle._entries[3]
self.failUnlessEqual(chain, "PREROUTING")
self.failUnlessEqual(entry.source, None)
self.failUnlessEqual(entry.in_interface, None)
self.failUnlessEqual(entry.out_interface, None)
self.failUnlessEqual(len(entry.matches), 0)
self.failUnlessEqual(entry.target.name, "cattivo")
self.firewall.addClient(client_id1)
self.failUnlessEqual(mangle.commits, 4)
self.failUnlessEqual(len(mangle._entries), 6)
entry, chain = mangle._entries[2]
self.failUnlessEqual(chain, "cattivo")
self.failUnlessEqual(entry.source, client_id1[0])
self.failUnlessEqual(entry.target.name, "NFLOG")
self.failUnlessEqual(len(entry.matches), 1)
self.failUnlessEqual(entry.matches[0].name, "tcp")
entry, chain = mangle._entries[3]
self.failUnlessEqual(chain, "cattivo")
self.failUnlessEqual(entry.source, client_id1[0])
self.failUnlessEqual(entry.target.name, "ACCEPT")
self.failUnlessEqual(len(entry.matches), 1)
self.failUnlessEqual(entry.matches[0].name, "tcp")
self.firewall.removeClient(client_id1)
self.failUnlessEqual(mangle.commits, 5)
entry, chain = mangle._deleted_entries[-2]
self.failUnlessEqual(chain, "cattivo")
self.failUnlessEqual(entry.source, client_id1[0])
self.failUnlessEqual(entry.target.name, "NFLOG")
self.failUnlessEqual(len(entry.matches), 1)
self.failUnlessEqual(entry.matches[0].name, "tcp")
entry, chain = mangle._deleted_entries[-1]
self.failUnlessEqual(chain, "cattivo")
self.failUnlessEqual(entry.source, client_id1[0])
self.failUnlessEqual(entry.target.name, "ACCEPT")
self.failUnlessEqual(len(entry.matches), 1)
self.failUnlessEqual(entry.matches[0].name, "tcp")
