def test_040_localCaptivePortalToSecondRack(self): global defaultRackCaptivePortal remote_control.run_command("rm -f /tmp/policy_test_040*") defaultRackCaptivePortal = uvmContext.appManager().instantiate("captive-portal", default_policy_id) assert (defaultRackCaptivePortal != None) defaultRackCaptivePortalData = defaultRackCaptivePortal.getSettings() # turn default capture rule on and basic login defaultRackCaptivePortalData['captureRules']['list'][0]['enabled'] = True defaultRackCaptivePortalData['authenticationType']="LOCAL_DIRECTORY" defaultRackCaptivePortalData['pageType'] = "BASIC_LOGIN" defaultRackCaptivePortal.setSettings(defaultRackCaptivePortalData) # Create local directory user 'test20' uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) # check host table and remove username for host IP userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip) userHost['username'] = "" userHost['usernameCaptivePortal'] = "" uvmContext.hostTable().setHostTableEntry(remote_control.client_ip,userHost) # userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip) # print(userHost) nukeRules() appendRule(createPolicySingleConditionRule("USERNAME","[authenticated]", secondRackId)) # check that basic captive page is shown result = remote_control.run_command("wget -4 -t 2 --timeout=5 -a /tmp/policy_test_040.log -O /tmp/policy_test_040.out http://www.google.com/") assert (result == 0) search = remote_control.run_command("grep -q 'username and password' /tmp/policy_test_040.out") assert (search == 0) # check if local directory login and password works ipfind = remote_control.run_command("grep 'Location' /tmp/policy_test_040.log",stdout=True) ip = re.findall( r'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(?:[0-9:]{0,6})', ipfind ) captureIP = ip[0] print('Capture IP address is %s' % captureIP) appid = str(defaultRackCaptivePortal.getAppSettings()["id"]) # print('appid is %s' % appid # debug line) result = remote_control.run_command("wget -q -O /dev/null -t 2 --timeout=5 \'http://" + captureIP + "/capture/handler.py/authpost?username=test20&password=passwd&nonce=9abd7f2eb5ecd82b&method=GET&appid=" + appid + "&host=" + captureIP + "&uri=/\'") assert (result == 0) # verify the username is assigned to the IP userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip) assert (userHost['username'] == "test20") userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip) # firewall on rack 2 is blocking all, we should not get the test.untangle.com page result = remote_control.run_command("wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040a.log -O /tmp/policy_test_040a.out http://www.google.com/") search = remote_control.run_command("grep -q 'Hi!' /tmp/policy_test_040a.out") assert (search != 0) # Or the captive page search = remote_control.run_command("grep -q 'username and password' /tmp/policy_test_040a.out") assert (search != 0) # Logout result = remote_control.run_command("wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040b.log -O /tmp/policy_test_040b.out http://" + captureIP + "/capture/logout") assert (result == 0) search = remote_control.run_command("grep -q 'logged out' /tmp/policy_test_040b.out") assert (search == 0) # remove captive portal and test user uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) uvmContext.appManager().destroy( defaultRackCaptivePortal.getAppSettings()["id"] ) defaultRackCaptivePortal = None
def test_040_windowsL2TPlocalDirectory(self): wan_IP = uvmContext.networkManager().getFirstWanAddress() if (l2tpClientHostResult != 0): raise unittest.SkipTest("l2tpClientHostResult not available") if (not wan_IP in l2tpServerHosts): raise unittest.SkipTest("No paried L2TP client available") uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) appData = self._app.getSettings() appData = createL2TPconfig(appData, "LOCAL_DIRECTORY") self._app.setSettings(appData) timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command( "rasdial.exe %s %s %s" % (wan_IP, l2tpLocalUser, l2tpLocalPassword), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = self._app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_IP), host=l2tpClientHost) uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) assert (found) # Use same user with different password new_user_password = "******" uvmContext.localDirectory().setUsers( createLocalDirectoryUser(userpassword=new_user_password)) appData = createL2TPconfig(appData, "LOCAL_DIRECTORY") self._app.setSettings(appData) timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command( "rasdial.exe %s %s %s" % (wan_IP, l2tpLocalUser, new_user_password), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = self._app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_IP), host=l2tpClientHost) uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) assert (found)
def test_040_windowsL2TPlocalDirectory(self): wan_IP = uvmContext.networkManager().getFirstWanAddress() if (l2tpClientHostResult != 0): raise unittest.SkipTest("l2tpClientHostResult not available") if (not wan_IP in l2tpServerHosts): raise unittest.SkipTest("No paried L2TP client available") uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) createL2TPconfig("LOCAL_DIRECTORY") timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_IP,l2tpLocalUser,l2tpLocalPassword), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_IP), host=l2tpClientHost) uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) assert(found) # Use same user with different password new_user_password = "******" uvmContext.localDirectory().setUsers(createLocalDirectoryUser(userpassword=new_user_password)) createL2TPconfig("LOCAL_DIRECTORY") timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_IP,l2tpLocalUser,new_user_password), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_IP), host=l2tpClientHost) uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) assert(found)
def test_070_createClientVPNTunnelLocalUserPass(self): global appData, vpnServerResult, vpnClientResult if (vpnClientResult != 0 or vpnServerResult != 0): raise unittest.SkipTest("No paried VPN client available") pre_events_connect = global_functions.get_app_metric_value(app,"connect") running = remote_control.run_command("pidof openvpn", host=global_functions.VPN_CLIENT_IP,) loopLimit = 5 while ((running == 0) and (loopLimit > 0)): # OpenVPN is running, wait 5 sec to see if openvpn is done loopLimit -= 1 time.sleep(5) running = remote_control.run_command("pidof openvpn", host=global_functions.VPN_CLIENT_IP) if loopLimit == 0: # try killing the openvpn session as it is probably stuck remote_control.run_command("sudo pkill openvpn", host=global_functions.VPN_CLIENT_IP) time.sleep(2) running = remote_control.run_command("pidof openvpn", host=global_functions.VPN_CLIENT_IP) if running == 0: raise unittest.SkipTest("OpenVPN test machine already in use") appData = app.getSettings() appData["serverEnabled"]=True siteName = appData['siteName'] appData['exports']['list'].append(create_export("192.0.2.0/24")) # append in case using LXC appData['remoteClients']['list'][:] = [] appData['remoteClients']['list'].append(setUpClient()) #enable user/password authentication, set to local directory appData['authUserPass']=True appData["authenticationType"]="LOCAL_DIRECTORY" app.setSettings(appData) clientLink = app.getClientDistributionDownloadLink(vpnClientName,"zip") #create Local Directory User for authentication uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) #download, unzip, move config to correct directory result = configureVPNClientForConnection(clientLink) assert(result == 0) #create credentials file containing username/password remote_control.run_command("echo " + ovpnlocaluser + " > /tmp/authUserPassFile; echo " + ovpnPasswd + " >> /tmp/authUserPassFile", host=global_functions.VPN_CLIENT_IP) #connect to openvpn using the file remote_control.run_command("cd /etc/openvpn; sudo nohup openvpn --config " + siteName + ".conf --auth-user-pass /tmp/authUserPassFile >/dev/null 2>&1 &", host=global_functions.VPN_CLIENT_IP) timeout = waitForClientVPNtoConnect() # fail if tunnel doesn't connect assert(timeout > 0) # ping the test host behind the Untangle from the remote testbox result = remote_control.run_command("ping -c 2 " + remote_control.client_ip, host=global_functions.VPN_CLIENT_IP) listOfClients = app.getActiveClients() print("address " + listOfClients['list'][0]['address']) print("vpn address 1 " + listOfClients['list'][0]['poolAddress']) host_result = remote_control.run_command("host test.untangle.com", stdout=True) match = re.search(r'address \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}', host_result) ip_address_testuntangle = (match.group()).replace('address ','') # stop the vpn tunnel on remote box remote_control.run_command("sudo pkill openvpn", host=global_functions.VPN_CLIENT_IP) # openvpn takes time to shut down time.sleep(3) assert(result==0) assert(listOfClients['list'][0]['address'] == global_functions.VPN_CLIENT_IP) events = global_functions.get_events('OpenVPN','Connection Events',None,1) assert(events != None) found = global_functions.check_events( events.get('list'), 5, 'remote_address', global_functions.VPN_CLIENT_IP, 'client_name', vpnClientName ) assert( found ) # Check to see if the faceplate counters have incremented. post_events_connect = global_functions.get_app_metric_value(app, "connect") assert(pre_events_connect < post_events_connect) #remove Local Directory User uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
def test_042_windowsL2TPAlias(self): wan_IP = uvmContext.networkManager().getFirstWanAddress() device_in_office = global_functions.is_in_office_network(wan_IP) # L2TP Alias only works at the office network. if not device_in_office: raise unittest.SkipTest("Not on office network, skipping") if (l2tpClientHostResult != 0): raise unittest.SkipTest("l2tpClientHostResult not available") # Add reserve IP address to WAN only if WAN is static. netsettings = copy.deepcopy(orig_netsettings) ip_alias_set = False for i in range(len(netsettings['interfaces']['list'])): if netsettings['interfaces']['list'][i][ 'configType'] == "ADDRESSED": if netsettings['interfaces']['list'][i][ 'v4ConfigType'] == "STATIC": if netsettings['interfaces']['list'][i][ 'v4StaticAddress'] == wan_IP: netsettings['interfaces']['list'][i]['v4Aliases'][ 'list'].append( create_alias( l2tpAliasIP, netsettings['interfaces'] ['list'][i]['v4StaticNetmask'], netsettings['interfaces']['list'][i] ['v4StaticPrefix'])) uvmContext.networkManager().setNetworkSettings( netsettings) ip_alias_set = True break if not ip_alias_set: raise unittest.SkipTest("Unable to set alias IP") wan_addresses = [wan_IP, l2tpAliasIP] # Set Local Directory users uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) orig_app_settings = self._app.getSettings() newAppSettings = copy.deepcopy(orig_app_settings) newAppSettings = createL2TPconfig(newAppSettings, "LOCAL_DIRECTORY") # Set aliases for L2TP wan_alias = [] for idx, val in enumerate(wan_addresses): wan_alias.append({ 'address': val, 'javaClass': 'com.untangle.app.ipsec_vpn.VirtualListen', 'id': idx }) newAppSettings['virtualListenList']['list'] = wan_alias # Set the settings self._app.setSettings(newAppSettings) # Test both aliases for connectivity for wan_addr in wan_addresses: timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command( "rasdial.exe %s %s %s" % (wan_addr, l2tpLocalUser, l2tpLocalPassword), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = self._app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_addr), host=l2tpClientHost) uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) assert (found) # Use same user with different password new_user_password = "******" uvmContext.localDirectory().setUsers( createLocalDirectoryUser(userpassword=new_user_password)) timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command( "rasdial.exe %s %s %s" % (wan_addr, l2tpLocalUser, new_user_password), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = self._app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_addr), host=l2tpClientHost) # set original user and password uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) assert (found) # Clean up settings uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) netsettings['interfaces']['list'][i]['v4Aliases']['list'][:] = [] uvmContext.networkManager().setNetworkSettings(netsettings) self._app.setSettings(orig_app_settings)
def test_042_windowsL2TPAlias(self): wan_IP = uvmContext.networkManager().getFirstWanAddress() if (l2tpClientHostResult != 0): raise unittest.SkipTest("l2tpClientHostResult not available") if (not wan_IP in l2tpServerHosts): raise unittest.SkipTest("No paried L2TP client available") orig_net_set = uvmContext.networkManager().getNetworkSettings() orig_app_settings = self._app.getSettings() wan_addresses = [] # Check if we have more than one WAN intf for aliases for intf in orig_net_set['interfaces']['list']: if (intf['isWan']): intf_status = uvmContext.networkManager().getInterfaceStatus(intf['interfaceId']) wan_addresses.append(intf_status['v4Address']) if (not len(wan_addresses) > 1): raise unittest.SkipTest("Not enough WAN Interfaces to test L2TP Aliases") if (l2tpClientHostResult != 0): raise unittest.SkipTest("l2tpClientHostResult not available") # Set Local Directory users uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) newAppSettings = copy.deepcopy(orig_app_settings) newAppSettings = createL2TPconfig(newAppSettings,"LOCAL_DIRECTORY") # Set aliases for L2TP wan_alias = [] for idx, val in enumerate(wan_addresses): wan_alias.append({'address': val, 'javaClass': 'com.untangle.app.ipsec_vpn.VirtualListen', 'id': idx}) newAppSettings['virtualListenList']['list'] = wan_alias # Set the settings self._app.setSettings(newAppSettings) # Test both aliases for connectivity for wan_addr in wan_addresses: timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_addr,l2tpLocalUser,l2tpLocalPassword), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = self._app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_addr), host=l2tpClientHost) uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) assert(found) # Use same user with different password new_user_password = "******" uvmContext.localDirectory().setUsers(createLocalDirectoryUser(userpassword=new_user_password)) timeout = 480 found = False # Send command for Windows VPN connect. vpnServerResult = remote_control.run_command("rasdial.exe %s %s %s" % (wan_addr,l2tpLocalUser,new_user_password), host=l2tpClientHost) if vpnServerResult == 0: while not found and timeout > 0: timeout -= 1 time.sleep(1) virtUsers = self._app.getVirtualUsers() for user in virtUsers['list']: if user['clientUsername'] == l2tpLocalUser: found = True # Send command for Windows VPN disconnect. vpnServerResult = remote_control.run_command("rasdial.exe %s /d" % (wan_addr), host=l2tpClientHost) # set original user and password uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) assert(found) # Clean up settings uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) self._app.setSettings(orig_app_settings)
def test_070_createClientVPNTunnelLocalUserPass(self): global appData, vpnServerResult, vpnClientResult if (vpnClientResult != 0 or vpnServerResult != 0): raise unittest.SkipTest("No paried VPN client available") pre_events_connect = global_functions.get_app_metric_value( app, "connect") running = remote_control.run_command( "pidof openvpn", host=global_functions.VPN_CLIENT_IP, ) loopLimit = 5 while ((running == 0) and (loopLimit > 0)): # OpenVPN is running, wait 5 sec to see if openvpn is done loopLimit -= 1 time.sleep(5) running = remote_control.run_command( "pidof openvpn", host=global_functions.VPN_CLIENT_IP) if loopLimit == 0: # try killing the openvpn session as it is probably stuck remote_control.run_command("sudo pkill openvpn", host=global_functions.VPN_CLIENT_IP) time.sleep(2) running = remote_control.run_command( "pidof openvpn", host=global_functions.VPN_CLIENT_IP) if running == 0: raise unittest.SkipTest("OpenVPN test machine already in use") appData = app.getSettings() appData["serverEnabled"] = True siteName = appData['siteName'] appData['exports']['list'].append( create_export("192.0.2.0/24")) # append in case using LXC appData['remoteClients']['list'][:] = [] appData['remoteClients']['list'].append(setUpClient()) #enable user/password authentication, set to local directory appData['authUserPass'] = True appData["authenticationType"] = "LOCAL_DIRECTORY" app.setSettings(appData) clientLink = app.getClientDistributionDownloadLink( vpnClientName, "zip") #create Local Directory User for authentication uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) #download, unzip, move config to correct directory result = configureVPNClientForConnection(clientLink) assert (result == 0) #create credentials file containing username/password remote_control.run_command("echo " + ovpnlocaluser + " > /tmp/authUserPassFile; echo " + ovpnPasswd + " >> /tmp/authUserPassFile", host=global_functions.VPN_CLIENT_IP) #connect to openvpn using the file remote_control.run_command( "cd /etc/openvpn; sudo nohup openvpn --config " + siteName + ".conf --auth-user-pass /tmp/authUserPassFile >/dev/null 2>&1 &", host=global_functions.VPN_CLIENT_IP) timeout = waitForClientVPNtoConnect() # fail if tunnel doesn't connect assert (timeout > 0) # ping the test host behind the Untangle from the remote testbox result = remote_control.run_command( "ping -c 2 " + remote_control.client_ip, host=global_functions.VPN_CLIENT_IP) listOfClients = app.getActiveClients() print("address " + listOfClients['list'][0]['address']) print("vpn address 1 " + listOfClients['list'][0]['poolAddress']) host_result = remote_control.run_command("host test.untangle.com", stdout=True) match = re.search(r'address \d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}', host_result) ip_address_testuntangle = (match.group()).replace('address ', '') # stop the vpn tunnel on remote box remote_control.run_command("sudo pkill openvpn", host=global_functions.VPN_CLIENT_IP) # openvpn takes time to shut down time.sleep(3) assert (result == 0) assert (listOfClients['list'][0]['address'] == global_functions.VPN_CLIENT_IP) events = global_functions.get_events('OpenVPN', 'Connection Events', None, 1) assert (events != None) found = global_functions.check_events(events.get('list'), 5, 'remote_address', global_functions.VPN_CLIENT_IP, 'client_name', vpnClientName) assert (found) # Check to see if the faceplate counters have incremented. post_events_connect = global_functions.get_app_metric_value( app, "connect") assert (pre_events_connect < post_events_connect) #remove Local Directory User uvmContext.localDirectory().setUsers(removeLocalDirectoryUser())
def test_040_localCaptivePortalToSecondRack(self): global defaultRackCaptivePortal remote_control.run_command("rm -f /tmp/policy_test_040*") defaultRackCaptivePortal = uvmContext.appManager().instantiate( "captive-portal", default_policy_id) assert (defaultRackCaptivePortal != None) defaultRackCaptivePortalData = defaultRackCaptivePortal.getSettings() # turn default capture rule on and basic login defaultRackCaptivePortalData['captureRules']['list'][0][ 'enabled'] = True defaultRackCaptivePortalData['authenticationType'] = "LOCAL_DIRECTORY" defaultRackCaptivePortalData['pageType'] = "BASIC_LOGIN" defaultRackCaptivePortal.setSettings(defaultRackCaptivePortalData) # Create local directory user 'test20' uvmContext.localDirectory().setUsers(createLocalDirectoryUser()) # check host table and remove username for host IP userHost = uvmContext.hostTable().getHostTableEntry( remote_control.client_ip) userHost['username'] = "" userHost['usernameCaptivePortal'] = "" uvmContext.hostTable().setHostTableEntry(remote_control.client_ip, userHost) # userHost = uvmContext.hostTable().getHostTableEntry(remote_control.client_ip) # print(userHost) nukeRules() appendRule( createPolicySingleConditionRule("USERNAME", "[authenticated]", secondRackId)) # check that basic captive page is shown result = remote_control.run_command( "wget -4 -t 2 --timeout=5 -a /tmp/policy_test_040.log -O /tmp/policy_test_040.out http://www.google.com/" ) assert (result == 0) search = remote_control.run_command( "grep -q 'username and password' /tmp/policy_test_040.out") assert (search == 0) # check if local directory login and password works ipfind = remote_control.run_command( "grep 'Location' /tmp/policy_test_040.log", stdout=True) ip = re.findall( r'[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}(?:[0-9:]{0,6})', ipfind) captureIP = ip[0] print('Capture IP address is %s' % captureIP) appid = str(defaultRackCaptivePortal.getAppSettings()["id"]) # print('appid is %s' % appid # debug line) result = remote_control.run_command( "wget -q -O /dev/null -t 2 --timeout=5 \'http://" + captureIP + "/capture/handler.py/authpost?username=test20&password=passwd&nonce=9abd7f2eb5ecd82b&method=GET&appid=" + appid + "&host=" + captureIP + "&uri=/\'") assert (result == 0) # verify the username is assigned to the IP userHost = uvmContext.hostTable().getHostTableEntry( remote_control.client_ip) assert (userHost['username'] == "test20") userHost = uvmContext.hostTable().getHostTableEntry( remote_control.client_ip) # firewall on rack 2 is blocking all, we should not get the test.untangle.com page result = remote_control.run_command( "wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040a.log -O /tmp/policy_test_040a.out http://www.google.com/" ) search = remote_control.run_command( "grep -q 'Hi!' /tmp/policy_test_040a.out") assert (search != 0) # Or the captive page search = remote_control.run_command( "grep -q 'username and password' /tmp/policy_test_040a.out") assert (search != 0) # Logout result = remote_control.run_command( "wget -q -O /dev/null -4 -t 2 --timeout=5 -a /tmp/policy_test_040b.log -O /tmp/policy_test_040b.out http://" + captureIP + "/capture/logout") assert (result == 0) search = remote_control.run_command( "grep -q 'logged out' /tmp/policy_test_040b.out") assert (search == 0) # remove captive portal and test user uvmContext.localDirectory().setUsers(removeLocalDirectoryUser()) uvmContext.appManager().destroy( defaultRackCaptivePortal.getAppSettings()["id"]) defaultRackCaptivePortal = None