Changeset - 94adf07f332c
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Branko Majic (branko) - 11 years ago 2013-06-23 23:25:07
branko@majic.rs
Implemented tests for the iptables utility classes.
1 file changed with 154 insertions and 9 deletions:
conntrackt/tests.py
154
9
0 comments (0 inline, 0 general)
conntrackt/tests.py
Show inline comments
 
"""
 
This file demonstrates writing tests using the unittest module. These will pass
 
when you run "manage.py test".
 
# Django imports.
 
from django.test import TestCase
 

			




	
	
	
		
 
# Application imports.

			




	
	
	
		
 
import iptables

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class RuleTest(TestCase):

			




	
	
	
		
 
    def test_output_case(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Test that protocol name is lower-cased during rule generation.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        rule = iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255", "tCp", "80", description="Web server.")

			




	
	
	
		
 
        self.assertEqual(str(rule), "-s 192.168.1.1/255.255.255.255 -d 192.168.1.2/255.255.255.255 -p tcp -m tcp --dport 80 -j ACCEPT")

			




	
	
	
		
 

			




	
	
	
		
 
    def test_output_tcp(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that a TCP rule is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        rule = iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255", "TCP", "80", description="Web server.")

			




	
	
	
		
 
        self.assertEqual(str(rule), "-s 192.168.1.1/255.255.255.255 -d 192.168.1.2/255.255.255.255 -p tcp -m tcp --dport 80 -j ACCEPT")

			




	
	
	
		
 

			




	
	
	
		
 
    def test_output_udp(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that a UDP rule is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        rule = iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255", "UDP", "53", description="DNS server.")

			




	
	
	
		
 
        self.assertEqual(str(rule), "-s 192.168.1.1/255.255.255.255 -d 192.168.1.2/255.255.255.255 -p udp -m udp --dport 53 -j ACCEPT")

			




	
	
	
		
 

			




	
	
	
		
 
    def test_output_icmp(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that an ICMP rule is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        rule = iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255", "ICMP", "8", description="Ping.")

			




	
	
	
		
 
        self.assertEqual(str(rule), "-s 192.168.1.1/255.255.255.255 -d 192.168.1.2/255.255.255.255 -p icmp -m icmp --icmp-type 8 -j ACCEPT")

			




	
	
	
		
 

			




	
	
	
		
 
    def test_unsupported_protocol(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that unsupported protocol will raise an exception.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        self.assertRaises(ValueError, iptables.Rule, "192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255",

			




	
	
	
		
 
                          "NONEXIST", "8", description="Non-existing")

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class LoopbackRuleTest(TestCase):

			




	
	
	
		
 
    def test_output(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that a loopback rule is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        rule = iptables.LoopbackRule()

			




	
	
	
		
 
        self.assertEqual(str(rule), "-i lo -j ACCEPT")

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Replace this with more appropriate tests for your application.

			




	
	
	
		
 
class RelatedRuleTest(TestCase):

			




	
	
	
		
 
    def test_output(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that a related rule is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        rule = iptables.RelatedRule()

			




	
	
	
		
 
        self.assertEqual(str(rule), "-m state --state RELATED,ESTABLISHED -j ACCEPT")

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class ChainTest(TestCase):

			




	
	
	
		
 
    def test_output_empty(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Test generation of empty chain.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        chain = iptables.Chain("INPUT", "ACCEPT")

			




	
	
	
		
 
        self.assertEqual(str(chain), ":INPUT ACCEPT [0:0]\n")

			




	
	
	
		
 

			




	
	
	
		
 
    def test_unsupported_protocol(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that unsupported target will raise an exception.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        self.assertRaises(ValueError, iptables.Chain, "INPUT", "NOTARGET")

			




	
	
	
		
 

			




	
	
	
		
 
    def test_add_rule(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that the rule is being added to the chain properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        chain = iptables.Chain("INPUT", "ACCEPT")

			




	
	
	
		
 
        rule = iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255", "TCP", "22", "SSH")

			




	
	
	
		
 
        chain.add_rule(rule)

			




	
	
	
		
 

			




	
	
	
		
 
        self.assertItemsEqual(chain.rules, [rule])

			




	
	
	
		
 

			




	
	
	
		
 
    def test_output(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that a chain is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        chain = iptables.Chain("INPUT", "ACCEPT")

			




	
	
	
		
 

			




	
	
	
		
 
        chain.add_rule(iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255", "TCP", "80", "Web server"))

			




	
	
	
		
 
        chain.add_rule(iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.3/255.255.255.255", "TCP", "80", "Web server"))

			




	
	
	
		
 

			




	
	
	
		
 
        chain.add_rule(iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.2/255.255.255.255", "TCP", "22", "SSH"))

			




	
	
	
		
 
        chain.add_rule(iptables.Rule("192.168.1.1/255.255.255.255", "192.168.1.3/255.255.255.255", "TCP", "22", ""))

			




	
	
	
		
 

			




	
	
	
		
 
        expected_output = """:INPUT ACCEPT [0:0]

			




	
	
	
		
 
-A INPUT -s 192.168.1.1/255.255.255.255 -d 192.168.1.3/255.255.255.255 -p tcp -m tcp --dport 22 -j ACCEPT

			




	
	
	
		
 

			




	
	
	
		
 
# SSH

			




	
	
	
		
 
-A INPUT -s 192.168.1.1/255.255.255.255 -d 192.168.1.2/255.255.255.255 -p tcp -m tcp --dport 22 -j ACCEPT

			




	
	
	
		
 

			




	
	
	
		
 
# Web server

			




	
	
	
		
 
-A INPUT -s 192.168.1.1/255.255.255.255 -d 192.168.1.2/255.255.255.255 -p tcp -m tcp --dport 80 -j ACCEPT

			




	
	
	
		
 
-A INPUT -s 192.168.1.1/255.255.255.255 -d 192.168.1.3/255.255.255.255 -p tcp -m tcp --dport 80 -j ACCEPT

			




	
	
	
		
 

			




	
	
	
		
 
"""

			




	
	
	
		
 

			




	
	
	
		
 
from django.test import TestCase

			




	
	
	
		
 
        self.assertEqual(str(chain), expected_output)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
class SimpleTest(TestCase):

			




	
	
	
		
 
    def test_basic_addition(self):

			




	
	
	
		
 
class TableTest(TestCase):

			




	
	
	
		
 
    def test_output_empty(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that an empty table is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        table = iptables.Table("filter")

			




	
	
	
		
 
        self.assertEqual(str(table), "*filter\nCOMMIT\n")

			




	
	
	
		
 

			




	
	
	
		
 
    def test_output(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that a table is generated properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Tests that 1 + 1 always equals 2.

			




	
	
	
		
 

			




	
	
	
		
 
        table = iptables.Table("filter")

			




	
	
	
		
 
        table.add_chain(iptables.Chain("INPUT", "ACCEPT"))

			




	
	
	
		
 
        table.add_chain(iptables.Chain("OUTPUT", "ACCEPT"))

			




	
	
	
		
 
        table.add_chain(iptables.Chain("FORWARD", "ACCEPT"))

			




	
	
	
		
 

			




	
	
	
		
 
        expected_output = """*filter

			




	
	
	
		
 
:INPUT ACCEPT [0:0]

			




	
	
	
		
 
:OUTPUT ACCEPT [0:0]

			




	
	
	
		
 
:FORWARD ACCEPT [0:0]

			




	
	
	
		
 
COMMIT

			




	
	
	
		
 
"""

			




	
	
	
		
 
        self.assertEqual(str(table), expected_output)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_add_chain(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        self.assertEqual(1 + 1, 2)

			




	
	
	
		
 
        Tests that the chain is being added to the table properly.

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        table = iptables.Table("filter")

			




	
	
	
		
 
        chain = iptables.Chain("INPUT", "ACCEPT")

			




	
	
	
		
 
        table.add_chain(chain)

			




	
	
	
		
 

			




	
	
	
		
 
        self.assertItemsEqual(table.chains, [chain])

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.