diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-29 10:04:43 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-29 10:04:43 -0500 |
commit | d3b6581db7fcd0fb0897ada9910140f0e43f4ed1 (patch) | |
tree | 1c4409a84665834736370f89dcf915a12f173ef5 /test/network | |
parent | Merge pull request #945 from Fred-Barclay/cryptocat (diff) | |
download | firejail-d3b6581db7fcd0fb0897ada9910140f0e43f4ed1.tar.gz firejail-d3b6581db7fcd0fb0897ada9910140f0e43f4ed1.tar.zst firejail-d3b6581db7fcd0fb0897ada9910140f0e43f4ed1.zip |
testing and cleanup
Diffstat (limited to 'test/network')
-rwxr-xr-x | test/network/ip6.exp | 40 | ||||
-rw-r--r-- | test/network/ip6.profile | 3 | ||||
-rwxr-xr-x | test/network/iprange.exp | 103 | ||||
-rw-r--r-- | test/network/iprange.profile | 2 | ||||
-rwxr-xr-x | test/network/network.sh | 6 | ||||
-rwxr-xr-x | test/network/veth-name.exp | 77 | ||||
-rw-r--r-- | test/network/veth-name.profile | 3 |
7 files changed, 234 insertions, 0 deletions
diff --git a/test/network/ip6.exp b/test/network/ip6.exp index f0fcebcf8..1db16c28a 100755 --- a/test/network/ip6.exp +++ b/test/network/ip6.exp | |||
@@ -43,6 +43,46 @@ expect { | |||
43 | } | 43 | } |
44 | 44 | ||
45 | send -- "exit\r" | 45 | send -- "exit\r" |
46 | sleep 2 | ||
47 | |||
48 | |||
49 | send -- "firejail --debug --profile=ip6.profile\r" | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 10\n";exit} | ||
52 | "Installing network filter" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 11\n";exit} | ||
56 | "DROP" | ||
57 | } | ||
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 12\n";exit} | ||
60 | "unable to initialize table 'filter'" {puts "\nTESTING SKIP 2: no IPv6 support\n"; exit} | ||
61 | "2001:db8:1f0a:3ec::2" | ||
62 | } | ||
63 | expect { | ||
64 | timeout {puts "TESTING ERROR 13\n";exit} | ||
65 | "Child process initialized" | ||
66 | } | ||
67 | sleep 2 | ||
68 | |||
69 | send -- "/sbin/ifconfig\r" | ||
70 | expect { | ||
71 | timeout {puts "TESTING ERROR 14\n";exit} | ||
72 | "inet6" | ||
73 | } | ||
74 | expect { | ||
75 | timeout {puts "TESTING ERROR 15\n";exit} | ||
76 | "2001:db8:0:f101::1" | ||
77 | } | ||
78 | expect { | ||
79 | timeout {puts "TESTING ERROR 16\n";exit} | ||
80 | "Scope:Global" { puts "Debian\n"} | ||
81 | "scopeid 0x0<global>" { puts "Arch\n"} | ||
82 | } | ||
83 | |||
84 | send -- "exit\r" | ||
85 | |||
46 | after 100 | 86 | after 100 |
47 | 87 | ||
48 | puts "\nall done\n" | 88 | puts "\nall done\n" |
diff --git a/test/network/ip6.profile b/test/network/ip6.profile new file mode 100644 index 000000000..87afa3941 --- /dev/null +++ b/test/network/ip6.profile | |||
@@ -0,0 +1,3 @@ | |||
1 | net br0 | ||
2 | ip6 2001:0db8:0:f101::1/64 | ||
3 | netfilter6 ipv6.net | ||
diff --git a/test/network/iprange.exp b/test/network/iprange.exp new file mode 100755 index 000000000..a1b2ccab4 --- /dev/null +++ b/test/network/iprange.exp | |||
@@ -0,0 +1,103 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --net=br1 --iprange=10.10.30.50,10.10.30.55\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | "eth0" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "10.10.30.50" {puts "10.10.30.50\n"} | ||
18 | "10.10.30.51" {puts "10.10.30.51\n"} | ||
19 | "10.10.30.52" {puts "10.10.30.52\n"} | ||
20 | "10.10.30.53" {puts "10.10.30.53\n"} | ||
21 | "10.10.30.54" {puts "10.10.30.54\n"} | ||
22 | "10.10.30.55" {puts "10.10.30.55\n"} | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 2\n";exit} | ||
26 | "255.255.255.0" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 3\n";exit} | ||
30 | "Child process initialized" | ||
31 | } | ||
32 | sleep 1 | ||
33 | send -- "exit\r" | ||
34 | sleep 2 | ||
35 | |||
36 | send -- "firejail --profile=iprange.profile\r" | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 5\n";exit} | ||
39 | "eth0" | ||
40 | } | ||
41 | expect { | ||
42 | timeout {puts "TESTING ERROR 6\n";exit} | ||
43 | "10.10.30.50" {puts "10.10.30.50\n"} | ||
44 | "10.10.30.51" {puts "10.10.30.51\n"} | ||
45 | "10.10.30.52" {puts "10.10.30.52\n"} | ||
46 | "10.10.30.53" {puts "10.10.30.53\n"} | ||
47 | "10.10.30.54" {puts "10.10.30.54\n"} | ||
48 | "10.10.30.55" {puts "10.10.30.55\n"} | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 7\n";exit} | ||
52 | "255.255.255.0" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 8\n";exit} | ||
56 | "Child process initialized" | ||
57 | } | ||
58 | sleep 1 | ||
59 | send -- "exit\r" | ||
60 | sleep 2 | ||
61 | |||
62 | |||
63 | |||
64 | send -- "firejail --iprange=10.10.30.50,10.10.30.55\r" | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 9\n";exit} | ||
67 | "no network device configured" | ||
68 | } | ||
69 | after 100 | ||
70 | |||
71 | send -- "firejail --net=br1 --iprange=10.10.30.50,10.10.30.55 --iprange=10.10.30.50,10.10.30.55\r" | ||
72 | expect { | ||
73 | timeout {puts "TESTING ERROR 10\n";exit} | ||
74 | "cannot configure the IP range twice for the same interface" | ||
75 | } | ||
76 | after 100 | ||
77 | |||
78 | send -- "firejail --net=br1 --iprange=10.10.30.50\r" | ||
79 | expect { | ||
80 | timeout {puts "TESTING ERROR 11\n";exit} | ||
81 | "invalid IP range" | ||
82 | } | ||
83 | after 100 | ||
84 | |||
85 | send -- "firejail --net=br0 --iprange=10.10.30.50,10.10.30.55\r" | ||
86 | expect { | ||
87 | timeout {puts "TESTING ERROR 12\n";exit} | ||
88 | "IP range addresses not in network range" | ||
89 | } | ||
90 | after 100 | ||
91 | |||
92 | send -- "firejail --net=br1 --iprange=10.10.30.55,10.10.30.50\r" | ||
93 | expect { | ||
94 | timeout {puts "TESTING ERROR 12\n";exit} | ||
95 | "invalid IP range" | ||
96 | } | ||
97 | after 100 | ||
98 | |||
99 | |||
100 | after 100 | ||
101 | |||
102 | puts "\nall done\n" | ||
103 | |||
diff --git a/test/network/iprange.profile b/test/network/iprange.profile new file mode 100644 index 000000000..ecc01cd93 --- /dev/null +++ b/test/network/iprange.profile | |||
@@ -0,0 +1,2 @@ | |||
1 | net br1 | ||
2 | iprange 10.10.30.50,10.10.30.55 | ||
diff --git a/test/network/network.sh b/test/network/network.sh index e1646d64a..bea5dfb26 100755 --- a/test/network/network.sh +++ b/test/network/network.sh | |||
@@ -78,6 +78,12 @@ echo "TESTING: veth (net_veth.exp)" | |||
78 | echo "TESTING: netfilter (net_netfilter.exp)" | 78 | echo "TESTING: netfilter (net_netfilter.exp)" |
79 | ./net_netfilter.exp | 79 | ./net_netfilter.exp |
80 | 80 | ||
81 | echo "TESTING: iprange (iprange.exp)" | ||
82 | ./iprange.exp | ||
83 | |||
84 | echo "TESTING: veth-name (veth-name.exp)" | ||
85 | ./veth-name.exp | ||
86 | |||
81 | echo "TESTING: 4 bridges ARP (4bridges_arp.exp)" | 87 | echo "TESTING: 4 bridges ARP (4bridges_arp.exp)" |
82 | ./4bridges_arp.exp | 88 | ./4bridges_arp.exp |
83 | 89 | ||
diff --git a/test/network/veth-name.exp b/test/network/veth-name.exp new file mode 100755 index 000000000..36ed41d92 --- /dev/null +++ b/test/network/veth-name.exp | |||
@@ -0,0 +1,77 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2016 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # | ||
11 | send -- "firejail --net=br1 --ip=10.10.30.50 --veth-name=blablabla\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "eth0" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 1\n";exit} | ||
18 | "10.10.30.50" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 2\n";exit} | ||
22 | "255.255.255.0" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | "Child process initialized" | ||
27 | } | ||
28 | sleep 1 | ||
29 | |||
30 | spawn $env(SHELL) | ||
31 | send -- "ip link show\r" | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 4\n";exit} | ||
34 | "blablabla" | ||
35 | } | ||
36 | expect { | ||
37 | timeout {puts "TESTING ERROR 5\n";exit} | ||
38 | "master br1 state UP" | ||
39 | } | ||
40 | sleep 1 | ||
41 | |||
42 | |||
43 | send -- "firejail --profile=veth-name.profile\r" | ||
44 | expect { | ||
45 | timeout {puts "TESTING ERROR 6\n";exit} | ||
46 | "eth0" | ||
47 | } | ||
48 | expect { | ||
49 | timeout {puts "TESTING ERROR 7\n";exit} | ||
50 | "10.10.60.51" | ||
51 | } | ||
52 | expect { | ||
53 | timeout {puts "TESTING ERROR 8\n";exit} | ||
54 | "255.255.255.0" | ||
55 | } | ||
56 | expect { | ||
57 | timeout {puts "TESTING ERROR 9\n";exit} | ||
58 | "Child process initialized" | ||
59 | } | ||
60 | sleep 1 | ||
61 | |||
62 | spawn $env(SHELL) | ||
63 | send -- "ip link show\r" | ||
64 | expect { | ||
65 | timeout {puts "TESTING ERROR 10\n";exit} | ||
66 | "bingo" | ||
67 | } | ||
68 | expect { | ||
69 | timeout {puts "TESTING ERROR 11\n";exit} | ||
70 | "master br4 state UP" | ||
71 | } | ||
72 | sleep 1 | ||
73 | |||
74 | |||
75 | after 100 | ||
76 | puts "\nall done\n" | ||
77 | |||
diff --git a/test/network/veth-name.profile b/test/network/veth-name.profile new file mode 100644 index 000000000..f00a74d63 --- /dev/null +++ b/test/network/veth-name.profile | |||
@@ -0,0 +1,3 @@ | |||
1 | net br4 | ||
2 | ip 10.10.60.51 | ||
3 | veth-name bingo | ||