def test_01_setup(self, dev, state_map): state = state_map.setdefault(dev) state.err = True state.fail_func = pytest.skip state.parent = dev state.tmpl = None state.name = None state.obj = None state.targets = [testlib.random_name() for x in range(2)] if self.FUNC is None: pytest.skip('{0}.FUNC must be defined'.format( self.__class__.__name__)) elif self.CLASS is None: pytest.skip('{0}.CLASS must be defined'.format( self.__class__.__name__)) elif self.PARAM is None: pytest.skip('{0}.PARAM must be defined'.format( self.__class__.__name__)) if isinstance(state.parent, Panorama): tmpl = Template(testlib.random_name()) state.parent.add(tmpl) v = Vsys('vsys2') tmpl.add(v) state.parent = v tmpl.create() state.tmpl = tmpl else: vsys_list = [ x.name for x in Vsys.refreshall(dev, add=False, name_only=True) ] if 'vsys2' not in vsys_list: pytest.skip('Firewall needs vsys2 to exist') cls_args = {} eth_args = {'mode': 'layer3'} if self.CLASS == Vlan: eth_args['mode'] = 'layer2' elif self.CLASS == Zone: cls_args['mode'] = 'layer3' state.name = testlib.get_available_interfaces(state.parent)[0] state.obj = EthernetInterface(state.name, **eth_args) state.parent.add(state.obj) if state.tmpl is None: dev.vsys = 'vsys2' instances = [ self.CLASS(state.targets[x], **cls_args) for x in range(2) ] for x in instances: state.parent.add(x) x.create() state.err = False
def create_dependencies(self, dev, state): state.tags = [ objects.Tag(testlib.random_name(), color='color{0}'.format(x), comments=testlib.random_name()) for x in range(1, 5) ] for x in state.tags: dev.add(x) x.create()
def test_01_setup(self, dev, state_map): state = state_map.setdefault(dev) state.err = True state.fail_func = pytest.skip state.parent = dev state.tmpl = None state.name = None state.obj = None state.targets = [testlib.random_name() for x in range(2)] if self.FUNC is None: pytest.skip('{0}.FUNC must be defined'.format( self.__class__.__name__)) elif self.CLASS is None: pytest.skip('{0}.CLASS must be defined'.format( self.__class__.__name__)) elif self.PARAM is None: pytest.skip('{0}.PARAM must be defined'.format( self.__class__.__name__)) if isinstance(state.parent, Panorama): tmpl = Template(testlib.random_name()) state.parent.add(tmpl) v = Vsys('vsys2') tmpl.add(v) state.parent = v tmpl.create() state.tmpl = tmpl else: vsys_list = [x.name for x in Vsys.refreshall(dev, add=False, name_only=True)] if 'vsys2' not in vsys_list: pytest.skip('Firewall needs vsys2 to exist') cls_args = {} eth_args = {'mode': 'layer3'} if self.CLASS == Vlan: eth_args['mode'] = 'layer2' elif self.CLASS == Zone: cls_args['mode'] = 'layer3' state.name = testlib.get_available_interfaces(state.parent)[0] state.obj = EthernetInterface(state.name, **eth_args) state.parent.add(state.obj) if state.tmpl is None: dev.vsys = 'vsys2' instances = [self.CLASS(state.targets[x], **cls_args) for x in range(2)] for x in instances: state.parent.add(x) x.create() state.err = False
def setup_state_obj(self, dev, state): state.obj = objects.Tag( testlib.random_name(), color='color1', comments='My new tag', ) dev.add(state.obj)
def create_dependencies(self, dev, state): state.tag = None state.services = [ objects.ServiceObject( testlib.random_name(), "tcp" if x % 2 == 0 else "udp", destination_port=2000 + x, description="Service {0}".format(x), ) for x in range(4) ] for x in state.services: dev.add(x) x.create() state.tag = objects.Tag(testlib.random_name(), "color5") dev.add(state.tag) state.tag.create()
def setup_state_obj(self, dev, state): state.obj = objects.ServiceGroup( testlib.random_name(), [x.name for x in state.services[:2]], tag=state.tag.name, ) dev.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.Vlan( testlib.random_name(), state.eths[0], state.vlan_interface.uid, ) fw.add(state.obj)
def test_11_batch(self, fw, state_map): fw.userid.clear_registered_ip() #Fresh start fw.userid.batch_start() users = [(testlib.random_name(), testlib.random_ip()) for i in range(5)] fw.userid.logins(users) ips = [testlib.random_ip() for x in range(5)] tags = [testlib.random_name() for y in range(5)] fw.userid.register(ips, tags) fw.userid.unregister(ips[2], tags[4]) fw.userid.get_registered_ip(ips[0:3], tags[2:4]) new_ips = [testlib.random_ip() for x in range(3)] new_tags = [testlib.random_name() for y in range(3)] fw.userid.audit_registered_ip(dict([(ip, tuple(new_tags)) for ip in new_ips])) fw.userid.get_registered_ip() fw.userid.unregister(new_ips, new_tags) fw.userid.batch_end()
def create_dependencies(self, dev, state): state.tag = None state.services = [ objects.ServiceObject( testlib.random_name(), 'tcp' if x % 2 == 0 else 'udp', destination_port=2000 + x, description='Service {0}'.format(x)) for x in range(4) ] for x in state.services: dev.add(x) x.create() state.tag = objects.Tag(testlib.random_name(), 'color5') dev.add(state.tag) state.tag.create()
def create_dependencies(self, pano, state): state.profiles = [] for x in range(2): state.profiles.append(device.PasswordProfile( testlib.random_name(), x, x, x, x)) pano.add(state.profiles[x]) state.profiles[0].create_similar()
def test_02_update_hostname(self, dev, state_map): state = state_map.setdefault(dev) if not state.got_device_config: pytest.xfail('failed to get device config') # Change the hostname self.toggle_object_variable(state.dco, 'hostname', testlib.random_name())
def setup_state_obj(self, dev, state): state.obj = objects.AddressObject( testlib.random_name(), value=testlib.random_ip(), type='ip-netmask', description='This is a test', ) dev.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.Zone( testlib.random_name(), 'layer2', state.eths[0], enable_user_identification=False, include_acl=testlib.random_ip('/24'), exclude_acl=testlib.random_ip('/24'), ) fw.add(state.obj)
def create_dependencies(self, fw, state): state.profiles = [] for x in range(2): state.profiles.append(device.PasswordProfile( testlib.random_name(), x, x, x, x)) fw.add(state.profiles[x]) fw.create_type(device.PasswordProfile)
def create_dependencies(self, dev, state): state.aos = [ objects.AddressObject(testlib.random_name(), testlib.random_ip()) for x in range(4) ] for x in state.aos: dev.add(x) x.create()
def setup_state_obj(self, fw, state): state.obj = network.IpsecTunnel( testlib.random_name(), tunnel_interface=state.ti.name, type='auto-key', ak_ike_gateway=state.ike_gw.name, ak_ipsec_crypto_profile='default', ) fw.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.IpsecCryptoProfile( testlib.random_name(), ah_authentication=['md5', 'sha256'], dh_group='group1', lifetime_hours=4, lifesize_gb=2, ) fw.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.IpsecTunnel( testlib.random_name(), tunnel_interface=state.ti.name, type='auto-key', ak_ike_gateway=state.ike_gw.name, ak_ipsec_crypto_profile='default', ) fw.add(state.obj)
def setup_state_obj(self, dev, state): state.obj = objects.ServiceObject( testlib.random_name(), protocol="tcp", source_port="1025-65535", destination_port="80,443,8080", description="My service object", ) dev.add(state.obj)
def setup_state_obj(self, dev, state): state.obj = objects.ServiceObject( testlib.random_name(), protocol='tcp', source_port='1025-65535', destination_port='80,443,8080', description='My service object', ) dev.add(state.obj)
def test_11_batch(self, fw, state_map): fw.userid.clear_registered_ip() # Fresh start fw.userid.batch_start() users = [(testlib.random_name(), testlib.random_ip()) for i in range(5)] fw.userid.logins(users) ips = [testlib.random_ip() for x in range(5)] tags = [testlib.random_name() for y in range(5)] fw.userid.register(ips, tags) fw.userid.unregister(ips[2], tags[4]) fw.userid.get_registered_ip(ips[0:3], tags[2:4]) new_ips = [testlib.random_ip() for x in range(3)] new_tags = [testlib.random_name() for y in range(3)] fw.userid.audit_registered_ip( dict([(ip, tuple(new_tags)) for ip in new_ips])) fw.userid.get_registered_ip() fw.userid.unregister(new_ips, new_tags) fw.userid.batch_end()
def setup_state_obj(self, fw, state): state.obj = network.IkeCryptoProfile( testlib.random_name(), authentication=['sha256', ], dh_group=['group1', ], lifetime_minutes=42, ) fw.add(state.obj) state.obj.set_encryption('3des')
def setup_state_obj(self, dev, state): state.obj = objects.AddressGroup( testlib.random_name(), dynamic_value="'{0}' or '{1}'".format( state.tags[0].name, state.tags[1].name), description='This is my description', tag=state.tags[2].name, ) dev.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.IpsecCryptoProfile( testlib.random_name(), ah_authentication=['md5', 'sha256'], dh_group='group1', lifetime_hours=4, lifesize_gb=2, ) fw.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.Zone( testlib.random_name(), 'layer2', state.eths[0], enable_user_identification=False, include_acl=testlib.random_ip('/24'), exclude_acl=testlib.random_ip('/24'), ) fw.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.VirtualWire( testlib.random_name(), tag=random.randint(1, 4000), interface1=state.eths[0], interface2=state.eths[1], multicast=True, pass_through=False, ) fw.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.StaticRoute( testlib.random_name(), destination=testlib.random_ip('/32'), nexthop_type='ip-address', nexthop=testlib.random_ip(), admin_dist=random.randint(10, 240), metric=random.randint(1, 65535), ) state.vr.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.VirtualWire( testlib.random_name(), tag=random.randint(1, 4000), interface1=state.eths[0], interface2=state.eths[1], multicast=True, pass_through=False, ) fw.add(state.obj)
def test_09_audit_registered_ip(self, fw, state_map): state = state_map.setdefault(fw) original = set(fw.userid.get_registered_ip()) new_ips = [testlib.random_ip() for x in range(5)] new_tags = [testlib.random_name() for i in range(8)] ip_tags_pairs = dict([(ip, tuple(new_tags)) for ip in new_ips]) fw.userid.audit_registered_ip(ip_tags_pairs) state.multi_register_02 = [new_ips, new_tags] new_set = set(fw.userid.get_registered_ip()) assert len(new_set) < len(original) assert new_set == set(new_ips)
def setup_state_obj(self, fw, state): state.obj = network.StaticRoute( testlib.random_name(), testlib.random_ip('/32'), 'ip-address', testlib.random_ip(), state.eth, random.randint(10, 240), random.randint(1, 65535), ) state.vr.add(state.obj)
def create_dependencies(self, fw, state): state.management_profiles = [] state.eth = testlib.get_available_interfaces(fw)[0] state.management_profiles = [ network.ManagementProfile(testlib.random_name(), ping=bool(x)) for x in range(2)] for x in state.management_profiles: fw.add(x) state.management_profiles[0].create_similar()
def test_09_audit_registered_ip(self, fw, state_map): state = state_map.setdefault(fw) original = set(fw.userid.get_registered_ip()) new_ips = [testlib.random_ip() for x in range(5)] new_tags = [testlib.random_name() for i in range(8)] ip_tags_pairs = dict([(ip, tuple(new_tags)) for ip in new_ips]) fw.userid.audit_registered_ip(ip_tags_pairs) state.multi_register_02 = [new_ips, new_tags] new_set = set(fw.userid.get_registered_ip()) assert len(new_set) < len(original) assert new_set == set(new_ips)
def setup_state_obj(self, fw, state): state.obj = network.StaticRoute( testlib.random_name(), testlib.random_ip('/32'), 'ip-address', testlib.random_ip(), state.eth, random.randint(10, 240), random.randint(1, 65535), ) state.vr.add(state.obj)
def test_01_setup(self, dev, state_map): state = state_map.setdefault(dev) state.err = True state.fail_func = pytest.skip state.parent = dev state.name = None state.delete_parent = False state.obj = None if self.CLASS is None: pytest.skip('{0}.CLASS must be defined'.format( self.__class__.__name__)) elif self.VSYS_PARAM is None: pytest.skip('{0}.VSYS_PARAM must be defined'.format( self.__class__.__name__)) if isinstance(state.parent, Panorama): tmpl = Template(testlib.random_name()) state.parent.add(tmpl) state.parent = tmpl state.parent.add(Vsys('vsys1')) state.parent.add(Vsys('vsys2')) state.parent.add(Vsys('vsys3')) state.parent.create() state.delete_parent = True else: vsys_list = [ x.name for x in Vsys.refreshall(dev, add=False, name_only=True) ] if not all('vsys{0}'.format(x) in vsys_list for x in range(1, 4)): pytest.skip('Firewall needs vsys1 - vsys3 to exist') args = {} if self.CLASS == EthernetInterface: state.name = testlib.get_available_interfaces(state.parent)[0] args = {'mode': 'layer3'} else: state.name = testlib.random_name() state.obj = self.CLASS(state.name, **args) state.parent.add(state.obj) state.err = False
def setup_state_obj(self, fw, state): ip = testlib.random_ipv6('') state.obj = network.StaticRouteV6( testlib.random_name(), destination=ip + '/64', nexthop_type='ipv6-address', nexthop=ip + '1', interface=state.eth, admin_dist=random.randint(100, 200), metric=random.randint(1, 65535), ) state.vr.add(state.obj)
def create_dependencies(self, fw, state): state.management_profiles = [] state.eth = testlib.get_available_interfaces(fw)[0] state.management_profiles = [ network.ManagementProfile(testlib.random_name(), ping=bool(x)) for x in range(2) ] for x in state.management_profiles: fw.add(x) state.management_profiles[0].create_similar()
def test_05_add_ipv4_proxy_id(self, fw, state_map): state = self.sanity(fw, state_map) state.proxy_id = network.IpsecTunnelIpv4ProxyId( testlib.random_name(), local=testlib.random_netmask(), remote=testlib.random_netmask(), any_protocol=True, ) state.obj.add(state.proxy_id) state.proxy_id.create()
def setup_state_obj(self, fw, state): ip = testlib.random_ipv6('') state.obj = network.StaticRouteV6( testlib.random_name(), destination=ip + '/64', nexthop_type='ipv6-address', nexthop=ip + '1', interface=state.eth, admin_dist=random.randint(100, 200), metric=random.randint(1, 65535), ) state.vr.add(state.obj)
def test_05_add_ipv4_proxy_id(self, fw, state_map): state = self.sanity(fw, state_map) state.proxy_id = network.IpsecTunnelIpv4ProxyId( testlib.random_name(), local=testlib.random_netmask(), remote=testlib.random_netmask(), any_protocol=True, ) state.obj.add(state.proxy_id) state.proxy_id.create()
def create_dependencies(self, fw, state): state.eth_obj = None state.eth = testlib.get_available_interfaces(fw)[0] state.eth_obj = network.EthernetInterface(state.eth, 'layer3', testlib.random_ip('/24')) fw.add(state.eth_obj) state.eth_obj.create() state.vr = network.VirtualRouter(testlib.random_name(), interface=state.eth) fw.add(state.vr) state.vr.create()
def create_dependencies(self, fw, state): state.eth_obj = None state.eth = testlib.get_available_interfaces(fw)[0] state.eth_obj = network.EthernetInterface( state.eth, 'layer3', testlib.random_ip('/24'), ipv6_enabled=True) fw.add(state.eth_obj) state.eth_obj.create() state.vr = network.VirtualRouter( testlib.random_name(), interface=state.eth) fw.add(state.vr) state.vr.create()
def test_01_setup(self, dev, state_map): state = state_map.setdefault(dev) state.err = True state.fail_func = pytest.skip state.parent = dev state.name = None state.delete_parent = False state.obj = None if self.CLASS is None: pytest.skip('{0}.CLASS must be defined'.format( self.__class__.__name__)) elif self.VSYS_PARAM is None: pytest.skip('{0}.VSYS_PARAM must be defined'.format( self.__class__.__name__)) if isinstance(state.parent, Panorama): tmpl = Template(testlib.random_name()) state.parent.add(tmpl) state.parent = tmpl state.parent.add(Vsys('vsys1')) state.parent.add(Vsys('vsys2')) state.parent.add(Vsys('vsys3')) state.parent.create() state.delete_parent = True else: vsys_list = [x.name for x in Vsys.refreshall(dev, add=False, name_only=True)] if not all('vsys{0}'.format(x) in vsys_list for x in range(1, 4)): pytest.skip('Firewall needs vsys1 - vsys3 to exist') args = {} if self.CLASS == EthernetInterface: state.name = testlib.get_available_interfaces(state.parent)[0] args = {'mode': 'layer3'} else: state.name = testlib.random_name() state.obj = self.CLASS(state.name, **args) state.parent.add(state.obj) state.err = False
def setup_state_obj(self, fw, state): state.obj = network.IkeCryptoProfile( testlib.random_name(), authentication=[ 'sha256', ], dh_group=[ 'group1', ], lifetime_minutes=42, ) fw.add(state.obj) state.obj.set_encryption('3des')
def create_dependencies(self, fw, state): state.management_profiles = [] state.eth = testlib.get_available_interfaces(fw)[0] state.management_profiles = [ network.ManagementProfile(testlib.random_name(), ping=True, ssh=True, https=False) for x in range(2) ] for x in state.management_profiles: fw.add(x) x.create()
def create_dependencies(self, fw, state): state.eths = testlib.get_available_interfaces(fw, 2) state.eth_obj_v4 = network.EthernetInterface( state.eths[0], 'layer3', testlib.random_ip('/24')) fw.add(state.eth_obj_v4) state.eth_obj_v6 = network.EthernetInterface( state.eths[1], 'layer3', ipv6_enabled=True) fw.add(state.eth_obj_v6) state.eth_obj_v4.create_similar() state.vr = network.VirtualRouter(testlib.random_name(), state.eths) fw.add(state.vr) state.vr.create() if any((self.WITH_OSPF, self.WITH_AUTH_PROFILE, self.WITH_AREA, self.WITH_AREA_INTERFACE)): state.ospf = network.Ospf( True, testlib.random_ip()) state.vr.add(state.ospf) if self.WITH_AUTH_PROFILE: state.auth = network.OspfAuthProfile( testlib.random_name(), 'md5') state.ospf.add(state.auth) if self.WITH_AREA or self.WITH_AREA_INTERFACE: state.area = network.OspfArea(testlib.random_ip()) state.ospf.add(state.area) if self.WITH_AREA_INTERFACE: state.iface = network.OspfAreaInterface( state.eths[0], True, True, 'p2mp') state.area.add(state.iface) state.ospf.create()
def create_dependencies(self, fw, state): state.management_profile = network.ManagementProfile( testlib.random_name(), ping=True) state.eth = None fw.add(state.management_profile) state.management_profile.create() state.eth = testlib.get_available_interfaces(fw)[0] state.parent = network.EthernetInterface( state.eth, 'layer3', ip=testlib.random_ip('/24'), ) fw.add(state.parent) state.parent.create()
def setup_state_obj(self, fw, state): state.obj = network.VirtualRouter( testlib.random_name(), interface=state.eth, ad_static=random.randint(10, 240), ad_static_ipv6=random.randint(10, 240), ad_ospf_int=random.randint(10, 240), ad_ospf_ext=random.randint(10, 240), ad_ospfv3_int=random.randint(10, 240), ad_ospfv3_ext=random.randint(10, 240), ad_ibgp=random.randint(10, 240), ad_ebgp=random.randint(10, 240), ad_rip=random.randint(10, 240), ) fw.add(state.obj)
def create_dependencies(self, fw, state): state.parent = None state.eth_objs = [] state.eths = testlib.get_available_interfaces(fw, 2) for eth in state.eths: state.eth_objs.append(network.EthernetInterface( eth, 'layer2')) fw.add(state.eth_objs[-1]) state.eth_objs[0].create_similar() state.parent = network.Vlan( testlib.random_name(), state.eths) fw.add(state.parent) state.parent.create()
def setup_state_obj(self, fw, state): some_ip = testlib.random_ip() state.obj = network.RedistributionProfile( testlib.random_name(), priority=random.randint(1, 255), action='no-redist', filter_type=['ospf', 'static', 'connect'], filter_interface=random.choice(state.eths), filter_destination=testlib.random_ip(), filter_nexthop=testlib.random_ip(), ospf_filter_pathtype=('intra-area', 'ext-1'), ospf_filter_area=some_ip, ospf_filter_tag=some_ip, ) state.vr.add(state.obj)
def setup_state_obj(self, fw, state): state.obj = network.ManagementProfile( testlib.random_name(), ping=True, telnet=False, ssh=True, http=False, http_ocsp=True, https=False, snmp=True, response_pages=False, userid_service=True, userid_syslog_listener_ssl=False, userid_syslog_listener_udp=True, permitted_ip=['1.2.3.4', '5.6.7.8'], ) fw.add(state.obj)