python/jc
1
0
Fork 0
mirror of https://github.com/kellyjonbrazil/jc.git synced 2025-06-17 00:07:37 +02:00
Code Issues Releases Activity

updates tests

Browse Source
This commit is contained in:
Kelly Brazil
2019-11-08 17:08:41 -08:00
parent f363334639
commit d2f755de9d
14 changed files with 250 additions and 566 deletions
Download Patch File Download Diff File Expand all files Collapse all files

249
tests/test_iptables.py
View File

@ -1,4 +1,5 @@
import os
import json
import unittest
import jc.parsers.iptables
@ -8,6 +9,7 @@ THIS_DIR = os.path.dirname(os.path.abspath(__file__))
class MyTests(unittest.TestCase):
def setUp(self):
# input
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/centos-7.7/iptables-filter.out'), 'r') as f:
self.centos_7_7_iptables_filter = f.read()
@ -38,261 +40,96 @@ class MyTests(unittest.TestCase):
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/ubuntu-18.04/iptables-raw.out'), 'r') as f:
self.ubuntu_18_4_iptables_raw = f.read()
# output
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/centos-7.7/iptables-filter.json'), 'r') as f:
self.centos_7_7_iptables_filter_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/ubuntu-18.04/iptables-filter.json'), 'r') as f:
self.ubuntu_18_4_iptables_filter_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/centos-7.7/iptables-filter-nv.json'), 'r') as f:
self.centos_7_7_iptables_filter_nv_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/ubuntu-18.04/iptables-filter-nv.json'), 'r') as f:
self.ubuntu_18_4_iptables_filter_nv_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/centos-7.7/iptables-mangle.json'), 'r') as f:
self.centos_7_7_iptables_mangle_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/ubuntu-18.04/iptables-mangle.json'), 'r') as f:
self.ubuntu_18_4_iptables_mangle_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/centos-7.7/iptables-nat.json'), 'r') as f:
self.centos_7_7_iptables_nat_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/ubuntu-18.04/iptables-nat.json'), 'r') as f:
self.ubuntu_18_4_iptables_nat_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/centos-7.7/iptables-raw.json'), 'r') as f:
self.centos_7_7_iptables_raw_json = json.loads(f.read())
with open(os.path.join(THIS_DIR, os.pardir, 'tests/fixtures/ubuntu-18.04/iptables-raw.json'), 'r') as f:
self.ubuntu_18_4_iptables_raw_json = json.loads(f.read())
def test_iptables_filter_centos_7_7(self):
"""
Test 'sudo iptables -L -t filter' on Centos 7.7
"""
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_filter)[2], {'chain': 'OUTPUT',
'rules': [{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'OUTPUT_direct',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate ESTABLISHED'},
{'target': 'ACCEPT',
'prot': 'tcp',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'tcp spt:ssh ctstate ESTABLISHED'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate ESTABLISHED'},
{'target': 'ACCEPT',
'prot': 'tcp',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'tcp spt:ssh ctstate ESTABLISHED'}]})
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_filter, quiet=True), self.centos_7_7_iptables_filter_json)
def test_iptables_filter_ubuntu_18_4(self):
"""
Test 'sudo iptables -L -t filter' on Ubuntu 18.4
"""
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_filter)[0], {'chain': 'INPUT',
'rules': [{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate RELATED,ESTABLISHED'},
{'target': 'DROP',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate INVALID'},
{'target': 'ACCEPT',
'prot': 'tcp',
'opt': '--',
'source': '15.15.15.0/24',
'destination': 'anywhere',
'options': 'tcp dpt:ssh ctstate NEW,ESTABLISHED'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate RELATED,ESTABLISHED'},
{'target': 'DROP',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate INVALID'},
{'target': 'ACCEPT',
'prot': 'tcp',
'opt': '--',
'source': '15.15.15.0/24',
'destination': 'anywhere',
'options': 'tcp dpt:ssh ctstate NEW,ESTABLISHED'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'ACCEPT',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate RELATED,ESTABLISHED'},
{'target': 'DROP',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': 'ctstate INVALID'},
{'target': 'DROP',
'prot': 'all',
'opt': '--',
'source': '15.15.15.51',
'destination': 'anywhere'},
{'target': 'ACCEPT',
'prot': 'tcp',
'opt': '--',
'source': '15.15.15.0/24',
'destination': 'anywhere',
'options': 'tcp dpt:ssh ctstate NEW,ESTABLISHED'}]})
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_filter, quiet=True), self.ubuntu_18_4_iptables_filter_json)
def test_iptables_filter_nv_centos_7_7(self):
"""
Test 'sudo iptables -nvL -t filter' on Centos 7.7
"""
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_filter_nv)[4], {'chain': 'DOCKER-ISOLATION',
'rules': [{'pkts': '0',
'bytes': '0',
'target': 'RETURN',
'prot': 'all',
'opt': '--',
'in': '*',
'out': '*',
'source': '0.0.0.0/0',
'destination': '0.0.0.0/0'}]})
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_filter_nv, quiet=True), self.centos_7_7_iptables_filter_nv_json)
def test_iptables_filter_nv_ubuntu_18_4(self):
"""
Test 'sudo iptables -nvL -t filter' on Ubuntu 18.4
"""
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_filter_nv)[0]['rules'][3], {'pkts': '0',
'bytes': '0',
'target': 'ACCEPT',
'prot': 'tcp',
'opt': '--',
'in': '*',
'out': '*',
'source': '15.15.15.0/24',
'destination': '0.0.0.0/0',
'options': 'tcp dpt:22 ctstate NEW,ESTABLISHED'})
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_filter_nv, quiet=True), self.ubuntu_18_4_iptables_filter_nv_json)
def test_iptables_mangle_centos_7_7(self):
"""
Test 'sudo iptables -L -t mangle' on Centos 7.7
"""
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_mangle)[0], {'chain': 'PREROUTING',
'rules': [{'target': 'PREROUTING_direct',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'PREROUTING_ZONES_SOURCE',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'PREROUTING_ZONES',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'}]})
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_mangle, quiet=True), self.centos_7_7_iptables_mangle_json)
def test_iptables_mangle_ubuntu_18_4(self):
"""
Test 'sudo iptables -L -t mangle' on Ubuntu 18.4
"""
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_mangle), [{'chain': 'PREROUTING',
'rules': []},
{'chain': 'INPUT',
'rules': []},
{'chain': 'FORWARD',
'rules': []},
{'chain': 'OUTPUT',
'rules': []}])
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_mangle, quiet=True), self.ubuntu_18_4_iptables_mangle_json)
def test_iptables_nat_centos_7_7(self):
"""
Test 'sudo iptables -L -t nat' on Centos 7.7
"""
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_nat)[3], {'chain': 'POSTROUTING',
'rules': [{'target': 'MASQUERADE',
'prot': 'all',
'opt': '--',
'source': '172.17.0.0/16',
'destination': 'anywhere'},
{'target': 'POSTROUTING_direct',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'POSTROUTING_ZONES_SOURCE',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'},
{'target': 'POSTROUTING_ZONES',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere'}]})
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_nat, quiet=True), self.centos_7_7_iptables_nat_json)
def test_iptables_nat_ubuntu_18_4(self):
"""
Test 'sudo iptables -L -t nat' on Ubuntu 18.4
"""
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_nat), [{'chain': 'PREROUTING',
'rules': []},
{'chain': 'INPUT',
'rules': []},
{'chain': 'OUTPUT',
'rules': []}])
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_nat, quiet=True), self.ubuntu_18_4_iptables_nat_json)
def test_iptables_raw_centos_7_7(self):
"""
Test 'sudo iptables -L -t raw' on Centos 7.7
"""
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_raw)[3], {'chain': 'PREROUTING_ZONES',
'rules': [{'target': 'PRE_public',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': '[goto] '},
{'target': 'PRE_public',
'prot': 'all',
'opt': '--',
'source': 'anywhere',
'destination': 'anywhere',
'options': '[goto] '}]})
self.assertEqual(jc.parsers.iptables.parse(self.centos_7_7_iptables_raw, quiet=True), self.centos_7_7_iptables_raw_json)
def test_iptables_raw_ubuntu_18_4(self):
"""
Test 'sudo iptables -L -t raw' on Ubuntu 18.4
"""
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_raw), [{'chain': 'PREROUTING',
'rules': []}])
self.assertEqual(jc.parsers.iptables.parse(self.ubuntu_18_4_iptables_raw, quiet=True), self.ubuntu_18_4_iptables_raw_json)
if __name__ == '__main__':