network testing

author: netblue30 <netblue30@yahoo.com> 2018-07-16 09:49:55 -0400
committer: netblue30 <netblue30@yahoo.com> 2018-07-16 09:49:55 -0400
commit: 2bea8f674112e02604bd5aeff12e9d642cdad7b2 (patch)
tree: 4c40577178898b83e769c0356ee78617e0d2329a /test/network
parent: Merge branch 'master' of https://github.com/netblue30/firejail (diff)
download: firejail-2bea8f674112e02604bd5aeff12e9d642cdad7b2.tar.gz
firejail-2bea8f674112e02604bd5aeff12e9d642cdad7b2.tar.zst
firejail-2bea8f674112e02604bd5aeff12e9d642cdad7b2.zip
5 files changed, 251 insertions, 0 deletions
diff --git a/test/network/configure b/test/network/configure
index 9d47fe69e..9859519bd 100755
--- a/test/network/configure
+++ b/test/network/configure
@@ -10,6 +10,8 @@ iptables -t nat -A POSTROUTING -o eth0 -s 10.10.20.0/29 -j MASQUERADE
 # port forwarding
 # iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.10.20.2:80
+brctl addbr br-unconfigured
+ifconfig br-unconfigured up
 brctl addbr br1
 ifconfig br1 10.10.30.1/24 up
 brctl addbr br2
diff --git a/test/network/net_noip.exp b/test/network/net_noip.exp
index 958586ccb..125862c2b 100755
--- a/test/network/net_noip.exp
+++ b/test/network/net_noip.exp
@@ -39,6 +39,7 @@ expect {
 }
 expect {
        timeout {puts "TESTING ERROR 6\n";exit}
+        "10.10.20" {puts "TESTING ERROR 7\n";exit}
        "done"
 }
 send -- "exit\r"
diff --git a/test/network/net_noip2.exp b/test/network/net_noip2.exp
index 8a6748114..c9df2c36f 100755
--- a/test/network/net_noip2.exp
+++ b/test/network/net_noip2.exp
@@ -38,6 +38,7 @@ expect {
 }
 expect {
        timeout {puts "TESTING ERROR 6\n";exit}
+        "10.10.30" {puts "TESTING ERROR 7\n";exit}
        "done"
 }
 send -- "exit\r"
diff --git a/test/network/net_unconfigured.exp b/test/network/net_unconfigured.exp
new file mode 100755
index 000000000..6f1be0e50
--- /dev/null
+++ b/test/network/net_unconfigured.exp
@@ -0,0 +1,244 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+# check ip address
+send -- "firejail --noprofile --net=br-unconfigured --ip=none\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "eth0" {puts "TESTING ERROR 1\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "bash\r"
+sleep 1
+send -- "stty -echo\r"
+after 100
+# no default gateway configured
+send -- "netstat -rn;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "0.0.0.0" {puts "TESTING ERROR 3\n";exit}
+        "eth0" {puts "TESTING ERROR 4\n";exit}
+        "done"
+}
+sleep 1
+# eth0 configured
+send -- "/sbin/ifconfig;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "done"
+}
+send -- "exit\r"
+after 100
+send -- "exit\r"
+after 100
+# check ip address
+send -- "firejail --noprofile --net=br-unconfigured\r"
+expect {
+        timeout {puts "TESTING ERROR 7\n";exit}
+        "eth0" {puts "TESTING ERROR 8\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "bash\r"
+sleep 1
+send -- "stty -echo\r"
+after 100
+# no default gateway configured
+send -- "netstat -rn;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 9\n";exit}
+        "0.0.0.0" {puts "TESTING ERROR 10\n";exit}
+        "eth0" {puts "TESTING ERROR 11\n";exit}
+        "done"
+}
+sleep 1
+# eth0 configured
+send -- "/sbin/ifconfig;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 12\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 13\n";exit}
+        "done"
+}
+send -- "exit\r"
+after 100
+send -- "exit\r"
+after 100
+# check ip address
+send -- "firejail --noprofile --net=br-unconfigured --defaultgw=10.10.80.1\r"
+expect {
+        timeout {puts "TESTING ERROR 14\n";exit}
+        "eth0" {puts "TESTING ERROR 15\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "bash\r"
+sleep 1
+send -- "stty -echo\r"
+after 100
+# no default gateway configured
+send -- "netstat -rn;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 16\n";exit}
+        "0.0.0.0" {puts "TESTING ERROR 17\n";exit}
+        "eth0" {puts "TESTING ERROR 18\n";exit}
+        "done"
+}
+sleep 1
+# eth0 configured
+send -- "/sbin/ifconfig;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 19\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 20\n";exit}
+        "done"
+}
+send -- "exit\r"
+after 100
+send -- "exit\r"
+after 100
+# check ip address
+send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --defaultgw=10.10.80.1\r"
+expect {
+        timeout {puts "TESTING ERROR 21\n";exit}
+        "eth0" {puts "TESTING ERROR 22\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "bash\r"
+sleep 1
+send -- "stty -echo\r"
+after 100
+# no default gateway configured
+send -- "netstat -rn;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 23\n";exit}
+        "0.0.0.0" {puts "TESTING ERROR 24\n";exit}
+        "eth0" {puts "TESTING ERROR 25\n";exit}
+        "done"
+}
+sleep 1
+# eth0 configured
+send -- "/sbin/ifconfig;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 26\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 27\n";exit}
+        "done"
+}
+send -- "exit\r"
+after 100
+send -- "exit\r"
+after 100
+# check ip address
+send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --netmask=255.255.255.0 --defaultgw=10.10.80.1\r"
+expect {
+        timeout {puts "TESTING ERROR 28\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 29\n";exit}
+        "10.10.80.1"
+}
+expect {
+        timeout {puts "TESTING ERROR 30\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "bash\r"
+sleep 1
+send -- "stty -echo\r"
+after 100
+# no default gateway configured
+send -- "netstat -rn;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 31\n";exit}
+        "0.0.0.0"
+}
+expect {
+        timeout {puts "TESTING ERROR 32\n";exit}
+        "10.10.80.1"
+}
+expect {
+        timeout {puts "TESTING ERROR 33\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 34\n";exit}
+        "10.10.80.0"
+}
+expect {
+        timeout {puts "TESTING ERROR 35\n";exit}
+        "0.0.0.0"
+}
+expect {
+        timeout {puts "TESTING ERROR 36\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 37\n";exit}
+        "done"
+}
+sleep 1
+# eth0 configured
+send -- "/sbin/ifconfig;echo done\r"
+expect {
+        timeout {puts "TESTING ERROR 38\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 39\n";exit}
+        "10.10.80.1"
+}
+expect {
+        timeout {puts "TESTING ERROR 40\n";exit}
+        "done"
+}
+send -- "exit\r"
+after 100
+send -- "exit\r"
+after 100
+puts "all done\n"
diff --git a/test/network/network.sh b/test/network/network.sh
index 4f001b49c..fa6f214cd 100755
--- a/test/network/network.sh
+++ b/test/network/network.sh
@@ -8,6 +8,9 @@ export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
 sudo ./configure
+echo "TESTING: unconfigured network (net_unconfigured.exp)"
+./net_unconfigured.exp
 echo "TESTING: netfilter template (netfilter-template.exp)"
 rm -f ./tcpserver
 gcc -o tcpserver tcpserver.c
author	netblue30 <netblue30@yahoo.com>	2018-07-16 09:49:55 -0400
committer	netblue30 <netblue30@yahoo.com>	2018-07-16 09:49:55 -0400
commit	2bea8f674112e02604bd5aeff12e9d642cdad7b2 (patch)
tree	4c40577178898b83e769c0356ee78617e0d2329a /test/network
parent	Merge branch 'master' of https://github.com/netblue30/firejail (diff)
download	firejail-2bea8f674112e02604bd5aeff12e9d642cdad7b2.tar.gz firejail-2bea8f674112e02604bd5aeff12e9d642cdad7b2.tar.zst firejail-2bea8f674112e02604bd5aeff12e9d642cdad7b2.zip

diff --git a/test/network/configure b/test/network/configure index 9d47fe69e..9859519bd 100755 --- a/test/network/configure +++ b/test/network/configure
@@ -10,6 +10,8 @@ iptables -t nat -A POSTROUTING -o eth0 -s 10.10.20.0/29 -j MASQUERADE
10	# port forwarding	10	# port forwarding
11	# iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.10.20.2:80	11	# iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.10.20.2:80
12		12
		13	brctl addbr br-unconfigured
		14	ifconfig br-unconfigured up
13	brctl addbr br1	15	brctl addbr br1
14	ifconfig br1 10.10.30.1/24 up	16	ifconfig br1 10.10.30.1/24 up
15	brctl addbr br2	17	brctl addbr br2


diff --git a/test/network/net_noip.exp b/test/network/net_noip.exp index 958586ccb..125862c2b 100755 --- a/test/network/net_noip.exp +++ b/test/network/net_noip.exp
@@ -39,6 +39,7 @@ expect {
39	}	39	}
40	expect {	40	expect {
41	timeout {puts "TESTING ERROR 6\n";exit}	41	timeout {puts "TESTING ERROR 6\n";exit}
		42	"10.10.20" {puts "TESTING ERROR 7\n";exit}
42	"done"	43	"done"
43	}	44	}
44	send -- "exit\r"	45	send -- "exit\r"


diff --git a/test/network/net_noip2.exp b/test/network/net_noip2.exp index 8a6748114..c9df2c36f 100755 --- a/test/network/net_noip2.exp +++ b/test/network/net_noip2.exp
@@ -38,6 +38,7 @@ expect {
38	}	38	}
39	expect {	39	expect {
40	timeout {puts "TESTING ERROR 6\n";exit}	40	timeout {puts "TESTING ERROR 6\n";exit}
		41	"10.10.30" {puts "TESTING ERROR 7\n";exit}
41	"done"	42	"done"
42	}	43	}
43	send -- "exit\r"	44	send -- "exit\r"


diff --git a/test/network/net_unconfigured.exp b/test/network/net_unconfigured.exp new file mode 100755 index 000000000..6f1be0e50 --- /dev/null +++ b/test/network/net_unconfigured.exp
@@ -0,0 +1,244 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2018 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	# check ip address
		11	send -- "firejail --noprofile --net=br-unconfigured --ip=none\r"
		12	expect {
		13	timeout {puts "TESTING ERROR 0\n";exit}
		14	"eth0" {puts "TESTING ERROR 1\n";exit}
		15	"Child process initialized"
		16	}
		17	sleep 1
		18	send -- "bash\r"
		19	sleep 1
		20
		21	send -- "stty -echo\r"
		22	after 100
		23
		24	# no default gateway configured
		25	send -- "netstat -rn;echo done\r"
		26	expect {
		27	timeout {puts "TESTING ERROR 2\n";exit}
		28	"0.0.0.0" {puts "TESTING ERROR 3\n";exit}
		29	"eth0" {puts "TESTING ERROR 4\n";exit}
		30	"done"
		31	}
		32	sleep 1
		33
		34	# eth0 configured
		35	send -- "/sbin/ifconfig;echo done\r"
		36	expect {
		37	timeout {puts "TESTING ERROR 5\n";exit}
		38	"eth0"
		39	}
		40	expect {
		41	timeout {puts "TESTING ERROR 6\n";exit}
		42	"done"
		43	}
		44	send -- "exit\r"
		45	after 100
		46	send -- "exit\r"
		47	after 100
		48
		49
		50
		51	# check ip address
		52	send -- "firejail --noprofile --net=br-unconfigured\r"
		53	expect {
		54	timeout {puts "TESTING ERROR 7\n";exit}
		55	"eth0" {puts "TESTING ERROR 8\n";exit}
		56	"Child process initialized"
		57	}
		58	sleep 1
		59	send -- "bash\r"
		60	sleep 1
		61
		62	send -- "stty -echo\r"
		63	after 100
		64
		65	# no default gateway configured
		66	send -- "netstat -rn;echo done\r"
		67	expect {
		68	timeout {puts "TESTING ERROR 9\n";exit}
		69	"0.0.0.0" {puts "TESTING ERROR 10\n";exit}
		70	"eth0" {puts "TESTING ERROR 11\n";exit}
		71	"done"
		72	}
		73	sleep 1
		74
		75	# eth0 configured
		76	send -- "/sbin/ifconfig;echo done\r"
		77	expect {
		78	timeout {puts "TESTING ERROR 12\n";exit}
		79	"eth0"
		80	}
		81	expect {
		82	timeout {puts "TESTING ERROR 13\n";exit}
		83	"done"
		84	}
		85	send -- "exit\r"
		86	after 100
		87	send -- "exit\r"
		88	after 100
		89
		90
		91	# check ip address
		92	send -- "firejail --noprofile --net=br-unconfigured --defaultgw=10.10.80.1\r"
		93	expect {
		94	timeout {puts "TESTING ERROR 14\n";exit}
		95	"eth0" {puts "TESTING ERROR 15\n";exit}
		96	"Child process initialized"
		97	}
		98	sleep 1
		99	send -- "bash\r"
		100	sleep 1
		101
		102	send -- "stty -echo\r"
		103	after 100
		104
		105	# no default gateway configured
		106	send -- "netstat -rn;echo done\r"
		107	expect {
		108	timeout {puts "TESTING ERROR 16\n";exit}
		109	"0.0.0.0" {puts "TESTING ERROR 17\n";exit}
		110	"eth0" {puts "TESTING ERROR 18\n";exit}
		111	"done"
		112	}
		113	sleep 1
		114
		115	# eth0 configured
		116	send -- "/sbin/ifconfig;echo done\r"
		117	expect {
		118	timeout {puts "TESTING ERROR 19\n";exit}
		119	"eth0"
		120	}
		121	expect {
		122	timeout {puts "TESTING ERROR 20\n";exit}
		123	"done"
		124	}
		125	send -- "exit\r"
		126	after 100
		127	send -- "exit\r"
		128	after 100
		129
		130
		131	# check ip address
		132	send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --defaultgw=10.10.80.1\r"
		133	expect {
		134	timeout {puts "TESTING ERROR 21\n";exit}
		135	"eth0" {puts "TESTING ERROR 22\n";exit}
		136	"Child process initialized"
		137	}
		138	sleep 1
		139	send -- "bash\r"
		140	sleep 1
		141
		142	send -- "stty -echo\r"
		143	after 100
		144
		145	# no default gateway configured
		146	send -- "netstat -rn;echo done\r"
		147	expect {
		148	timeout {puts "TESTING ERROR 23\n";exit}
		149	"0.0.0.0" {puts "TESTING ERROR 24\n";exit}
		150	"eth0" {puts "TESTING ERROR 25\n";exit}
		151	"done"
		152	}
		153	sleep 1
		154
		155	# eth0 configured
		156	send -- "/sbin/ifconfig;echo done\r"
		157	expect {
		158	timeout {puts "TESTING ERROR 26\n";exit}
		159	"eth0"
		160	}
		161	expect {
		162	timeout {puts "TESTING ERROR 27\n";exit}
		163	"done"
		164	}
		165	send -- "exit\r"
		166	after 100
		167	send -- "exit\r"
		168	after 100
		169
		170
		171	# check ip address
		172	send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --netmask=255.255.255.0 --defaultgw=10.10.80.1\r"
		173	expect {
		174	timeout {puts "TESTING ERROR 28\n";exit}
		175	"eth0"
		176	}
		177	expect {
		178	timeout {puts "TESTING ERROR 29\n";exit}
		179	"10.10.80.1"
		180	}
		181	expect {
		182	timeout {puts "TESTING ERROR 30\n";exit}
		183	"Child process initialized"
		184	}
		185	sleep 1
		186	send -- "bash\r"
		187	sleep 1
		188
		189	send -- "stty -echo\r"
		190	after 100
		191
		192	# no default gateway configured
		193	send -- "netstat -rn;echo done\r"
		194	expect {
		195	timeout {puts "TESTING ERROR 31\n";exit}
		196	"0.0.0.0"
		197	}
		198	expect {
		199	timeout {puts "TESTING ERROR 32\n";exit}
		200	"10.10.80.1"
		201	}
		202	expect {
		203	timeout {puts "TESTING ERROR 33\n";exit}
		204	"eth0"
		205	}
		206	expect {
		207	timeout {puts "TESTING ERROR 34\n";exit}
		208	"10.10.80.0"
		209	}
		210	expect {
		211	timeout {puts "TESTING ERROR 35\n";exit}
		212	"0.0.0.0"
		213	}
		214	expect {
		215	timeout {puts "TESTING ERROR 36\n";exit}
		216	"eth0"
		217	}
		218	expect {
		219	timeout {puts "TESTING ERROR 37\n";exit}
		220	"done"
		221	}
		222	sleep 1
		223
		224	# eth0 configured
		225	send -- "/sbin/ifconfig;echo done\r"
		226	expect {
		227	timeout {puts "TESTING ERROR 38\n";exit}
		228	"eth0"
		229	}
		230	expect {
		231	timeout {puts "TESTING ERROR 39\n";exit}
		232	"10.10.80.1"
		233	}
		234	expect {
		235	timeout {puts "TESTING ERROR 40\n";exit}
		236	"done"
		237	}
		238	send -- "exit\r"
		239	after 100
		240	send -- "exit\r"
		241	after 100
		242
		243
		244	puts "all done\n"


diff --git a/test/network/network.sh b/test/network/network.sh index 4f001b49c..fa6f214cd 100755 --- a/test/network/network.sh +++ b/test/network/network.sh
@@ -8,6 +8,9 @@ export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
8		8
9	sudo ./configure	9	sudo ./configure
10		10
		11	echo "TESTING: unconfigured network (net_unconfigured.exp)"
		12	./net_unconfigured.exp
		13
11	echo "TESTING: netfilter template (netfilter-template.exp)"	14	echo "TESTING: netfilter template (netfilter-template.exp)"
12	rm -f ./tcpserver	15	rm -f ./tcpserver
13	gcc -o tcpserver tcpserver.c	16	gcc -o tcpserver tcpserver.c