diff options
author | netblue30 <netblue30@yahoo.com> | 2016-05-03 08:41:24 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-05-03 08:41:24 -0400 |
commit | 57bea6c8c4d1bd666ce57057b1cbb681b3cc4afc (patch) | |
tree | 60f90718665a1a812b552f589bc4d85616232df1 /test/net_netfilter.exp | |
parent | Merge branch 'master' of https://github.com/netblue30/firejail (diff) | |
download | firejail-57bea6c8c4d1bd666ce57057b1cbb681b3cc4afc.tar.gz firejail-57bea6c8c4d1bd666ce57057b1cbb681b3cc4afc.tar.zst firejail-57bea6c8c4d1bd666ce57057b1cbb681b3cc4afc.zip |
networking features testing
Diffstat (limited to 'test/net_netfilter.exp')
-rwxr-xr-x | test/net_netfilter.exp | 88 |
1 files changed, 0 insertions, 88 deletions
diff --git a/test/net_netfilter.exp b/test/net_netfilter.exp deleted file mode 100755 index 989fcc407..000000000 --- a/test/net_netfilter.exp +++ /dev/null | |||
@@ -1,88 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | # check default netfilter on br0 | ||
8 | send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter\r" | ||
9 | expect { | ||
10 | timeout {puts "TESTING ERROR 0\n";exit} | ||
11 | "Installing network filter" | ||
12 | } | ||
13 | expect { | ||
14 | timeout {puts "TESTING ERROR 1\n";exit} | ||
15 | "Chain INPUT (policy DROP" | ||
16 | } | ||
17 | expect { | ||
18 | timeout {puts "TESTING ERROR 2\n";exit} | ||
19 | "ACCEPT all -- any any anywhere" | ||
20 | } | ||
21 | expect { | ||
22 | timeout {puts "TESTING ERROR 3\n";exit} | ||
23 | "ACCEPT icmp -- any any anywhere" | ||
24 | } | ||
25 | expect { | ||
26 | timeout {puts "TESTING ERROR 4\n";exit} | ||
27 | "Child process initialized" | ||
28 | } | ||
29 | sleep 2 | ||
30 | send -- "exit\r" | ||
31 | sleep 1 | ||
32 | |||
33 | # check default netfilter no new network | ||
34 | send -- "firejail --debug --noprofile --netfilter\r" | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 5\n";exit} | ||
37 | "Installing network filter" {puts "TESTING ERROR 5.1\n";exit} | ||
38 | "Chain INPUT (policy DROP" {puts "TESTING ERROR 5.1\n";exit} | ||
39 | "ACCEPT all -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit} | ||
40 | "ACCEPT icmp -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit} | ||
41 | "Child process initialized" | ||
42 | } | ||
43 | sleep 2 | ||
44 | send -- "exit\r" | ||
45 | sleep 1 | ||
46 | |||
47 | # check file filter netfilter on br0 | ||
48 | send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter=netfilter.filter\r" | ||
49 | expect { | ||
50 | timeout {puts "TESTING ERROR 6\n";exit} | ||
51 | "Installing network filter" | ||
52 | } | ||
53 | expect { | ||
54 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
55 | "Child process initialized" | ||
56 | } | ||
57 | sleep 2 | ||
58 | send -- "ping -c 1 -w 3 10.10.20.1\r" | ||
59 | expect { | ||
60 | timeout {puts "TESTING ERROR 6.2\n";exit} | ||
61 | "0 received, 100% packet loss" | ||
62 | } | ||
63 | |||
64 | send -- "exit\r" | ||
65 | sleep 1 | ||
66 | |||
67 | # check profile netfilter on br0 | ||
68 | send -- "firejail --debug --net=br0 --ip=10.10.20.5 --profile=netfilter.profile\r" | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 7\n";exit} | ||
71 | "Installing network filter" | ||
72 | } | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 7.1\n";exit} | ||
75 | "Child process initialized" | ||
76 | } | ||
77 | sleep 2 | ||
78 | send -- "ping -c 1 -w 3 10.10.20.1\r" | ||
79 | expect { | ||
80 | timeout {puts "TESTING ERROR 7.2\n";exit} | ||
81 | "0 received, 100% packet loss" | ||
82 | } | ||
83 | |||
84 | send -- "exit\r" | ||
85 | after 100 | ||
86 | |||
87 | puts "all done\n" | ||
88 | |||