diff options
author | netblue30 <netblue30@protonmail.com> | 2023-03-02 10:34:03 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2023-03-02 10:34:03 -0500 |
commit | 336ecb5d651f22e5a3722ead843181a86dcc066d (patch) | |
tree | e733078e8b3ae1c6d0d7e236911c0f12ae556baa /test | |
parent | gajim: allow loading plugins (#5705) (diff) | |
download | firejail-336ecb5d651f22e5a3722ead843181a86dcc066d.tar.gz firejail-336ecb5d651f22e5a3722ead843181a86dcc066d.tar.zst firejail-336ecb5d651f22e5a3722ead843181a86dcc066d.zip |
network testing; merges
Diffstat (limited to 'test')
41 files changed, 64 insertions, 2301 deletions
diff --git a/test/network/4bridges_arp.exp b/test/network/4bridges_arp.exp deleted file mode 100755 index ca326320a..000000000 --- a/test/network/4bridges_arp.exp +++ /dev/null | |||
@@ -1,177 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check eth0 | ||
11 | send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0.0\n";exit} | ||
14 | "eth0" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
18 | "10.10.20" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 0.2\n";exit} | ||
22 | "255.255.255.248" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 0.3\n";exit} | ||
26 | "UP" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 0.4\n";exit} | ||
30 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
31 | } | ||
32 | sleep 1 | ||
33 | send -- "exit\r" | ||
34 | sleep 1 | ||
35 | |||
36 | # check eth1 | ||
37 | send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r" | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 1.0\n";exit} | ||
40 | "eth1" | ||
41 | } | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 1.1\n";exit} | ||
44 | "10.10.30" | ||
45 | } | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 1.2\n";exit} | ||
48 | "255.255.255.0" | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 1.3\n";exit} | ||
52 | "UP" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 1.4\n";exit} | ||
56 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
57 | } | ||
58 | sleep 1 | ||
59 | send -- "exit\r" | ||
60 | sleep 1 | ||
61 | |||
62 | |||
63 | # check eth2 | ||
64 | send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r" | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 2.0\n";exit} | ||
67 | "eth2" | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 2.1\n";exit} | ||
71 | "10.10.40" | ||
72 | } | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 2.2\n";exit} | ||
75 | "255.255.255.0" | ||
76 | } | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 2.3\n";exit} | ||
79 | "UP" | ||
80 | } | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 2.4\n";exit} | ||
83 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
84 | } | ||
85 | sleep 1 | ||
86 | send -- "exit\r" | ||
87 | sleep 1 | ||
88 | |||
89 | |||
90 | |||
91 | # check eth3 | ||
92 | send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r" | ||
93 | expect { | ||
94 | timeout {puts "TESTING ERROR 3.0\n";exit} | ||
95 | "eth3" | ||
96 | } | ||
97 | expect { | ||
98 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
99 | "10.10.50" | ||
100 | } | ||
101 | expect { | ||
102 | timeout {puts "TESTING ERROR 3.2\n";exit} | ||
103 | "255.255.255.0" | ||
104 | } | ||
105 | expect { | ||
106 | timeout {puts "TESTING ERROR 3.3\n";exit} | ||
107 | "UP" | ||
108 | } | ||
109 | expect { | ||
110 | timeout {puts "TESTING ERROR 4\n";exit} | ||
111 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
112 | } | ||
113 | sleep 1 | ||
114 | send -- "exit\r" | ||
115 | sleep 1 | ||
116 | |||
117 | |||
118 | |||
119 | |||
120 | # check loopback | ||
121 | send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3 --protocol=unix,inet,netlink\r" | ||
122 | expect { | ||
123 | timeout {puts "TESTING ERROR 5\n";exit} | ||
124 | "lo" | ||
125 | } | ||
126 | expect { | ||
127 | timeout {puts "TESTING ERROR 6\n";exit} | ||
128 | "127.0.0.1" | ||
129 | } | ||
130 | expect { | ||
131 | timeout {puts "TESTING ERROR 7\n";exit} | ||
132 | "255.0.0.0" | ||
133 | } | ||
134 | expect { | ||
135 | timeout {puts "TESTING ERROR 8\n";exit} | ||
136 | "UP" | ||
137 | } | ||
138 | expect { | ||
139 | timeout {puts "TESTING ERROR 9\n";exit} | ||
140 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
141 | } | ||
142 | sleep 1 | ||
143 | |||
144 | # check default gateway | ||
145 | send -- "ip route show\r" | ||
146 | expect { | ||
147 | timeout {puts "TESTING ERROR 10.1\n";exit} | ||
148 | "default via 10.10.20.1 dev eth0" | ||
149 | } | ||
150 | send -- "ip route show\r" | ||
151 | expect { | ||
152 | timeout {puts "TESTING ERROR 10.2\n";exit} | ||
153 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";} | ||
154 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";} | ||
155 | } | ||
156 | send -- "ip route show\r" | ||
157 | expect { | ||
158 | timeout {puts "TESTING ERROR 10.2\n";exit} | ||
159 | "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "old iproute2\n";} | ||
160 | "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "new iproute2\n";} | ||
161 | } | ||
162 | send -- "ip route show\r" | ||
163 | expect { | ||
164 | timeout {puts "TESTING ERROR 10.2\n";exit} | ||
165 | "10.10.40.0/24 dev eth2 proto kernel scope link" {puts "old iproute2\n";} | ||
166 | "10.10.40.0/24 dev eth2 proto kernel scope link" {puts "new iproute2\n";} | ||
167 | } | ||
168 | send -- "ip route show\r" | ||
169 | expect { | ||
170 | timeout {puts "TESTING ERROR 10.2\n";exit} | ||
171 | "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "old iproute2\n";} | ||
172 | "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "new iproute2\n";} | ||
173 | } | ||
174 | send -- "exit\r" | ||
175 | after 100 | ||
176 | |||
177 | puts "\nall done\n" | ||
diff --git a/test/network/4bridges_ip.exp b/test/network/4bridges_ip.exp deleted file mode 100755 index 135b1121c..000000000 --- a/test/network/4bridges_ip.exp +++ /dev/null | |||
@@ -1,181 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check eth0 | ||
11 | send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0.0\n";exit} | ||
14 | "eth0" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
18 | "10.10.20" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 0.2\n";exit} | ||
22 | "255.255.255.248" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 0.3\n";exit} | ||
26 | "UP" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 0.4\n";exit} | ||
30 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
31 | } | ||
32 | sleep 1 | ||
33 | send -- "exit\r" | ||
34 | sleep 1 | ||
35 | |||
36 | # check eth1 | ||
37 | send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r" | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 1.0\n";exit} | ||
40 | "eth1" | ||
41 | } | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 1.1\n";exit} | ||
44 | "10.10.30.50" | ||
45 | } | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 1.2\n";exit} | ||
48 | "255.255.255.0" | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 1.3\n";exit} | ||
52 | "UP" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 1.4\n";exit} | ||
56 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
57 | } | ||
58 | sleep 1 | ||
59 | send -- "exit\r" | ||
60 | sleep 1 | ||
61 | |||
62 | |||
63 | # check eth2 | ||
64 | send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r" | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 2.0\n";exit} | ||
67 | "eth2" | ||
68 | } | ||
69 | expect { | ||
70 | timeout {puts "TESTING ERROR 2.1\n";exit} | ||
71 | "10.10.40.100" | ||
72 | } | ||
73 | expect { | ||
74 | timeout {puts "TESTING ERROR 2.2\n";exit} | ||
75 | "255.255.255.0" | ||
76 | } | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 2.3\n";exit} | ||
79 | "UP" | ||
80 | } | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 2.4\n";exit} | ||
83 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
84 | } | ||
85 | sleep 1 | ||
86 | send -- "exit\r" | ||
87 | sleep 1 | ||
88 | |||
89 | |||
90 | |||
91 | # check eth3 | ||
92 | send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r" | ||
93 | expect { | ||
94 | timeout {puts "TESTING ERROR 3.0\n";exit} | ||
95 | "eth3" | ||
96 | } | ||
97 | expect { | ||
98 | timeout {puts "TESTING ERROR 3.1\n";exit} | ||
99 | "10.10.50" | ||
100 | } | ||
101 | expect { | ||
102 | timeout {puts "TESTING ERROR 3.2\n";exit} | ||
103 | "255.255.255.0" | ||
104 | } | ||
105 | expect { | ||
106 | timeout {puts "TESTING ERROR 3.3\n";exit} | ||
107 | "UP" | ||
108 | } | ||
109 | expect { | ||
110 | timeout {puts "TESTING ERROR 4\n";exit} | ||
111 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
112 | } | ||
113 | sleep 1 | ||
114 | send -- "exit\r" | ||
115 | sleep 1 | ||
116 | |||
117 | |||
118 | |||
119 | |||
120 | # check loopback | ||
121 | send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3 --protocol=unix,inet,netlink\r" | ||
122 | expect { | ||
123 | timeout {puts "TESTING ERROR 5\n";exit} | ||
124 | "lo" | ||
125 | } | ||
126 | expect { | ||
127 | timeout {puts "TESTING ERROR 6\n";exit} | ||
128 | "127.0.0.1" | ||
129 | } | ||
130 | expect { | ||
131 | timeout {puts "TESTING ERROR 7\n";exit} | ||
132 | "255.0.0.0" | ||
133 | } | ||
134 | expect { | ||
135 | timeout {puts "TESTING ERROR 8\n";exit} | ||
136 | "UP" | ||
137 | } | ||
138 | expect { | ||
139 | timeout {puts "TESTING ERROR 9\n";exit} | ||
140 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
141 | } | ||
142 | |||
143 | # check default gateway | ||
144 | send -- "ip route show\r" | ||
145 | expect { | ||
146 | timeout {puts "TESTING ERROR 10.1\n";exit} | ||
147 | "default via 10.10.20.1 dev eth0" | ||
148 | } | ||
149 | |||
150 | send -- "ip route show\r" | ||
151 | expect { | ||
152 | timeout {puts "TESTING ERROR 10.2\n";exit} | ||
153 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";} | ||
154 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";} | ||
155 | } | ||
156 | |||
157 | send -- "ip route show\r" | ||
158 | expect { | ||
159 | timeout {puts "TESTING ERROR 10.3\n";exit} | ||
160 | "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "old iproute2\n";} | ||
161 | "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "new iproute2\n";} | ||
162 | } | ||
163 | |||
164 | send -- "ip route show\r" | ||
165 | expect { | ||
166 | timeout {puts "TESTING ERROR 10.4\n";exit} | ||
167 | "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "old iproute2\n";} | ||
168 | "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "new iproute2\n";} | ||
169 | } | ||
170 | |||
171 | send -- "ip route show\r" | ||
172 | expect { | ||
173 | timeout {puts "TESTING ERROR 10.5\n";exit} | ||
174 | "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "old iproute2\n";} | ||
175 | "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "new iproute2\n";} | ||
176 | } | ||
177 | |||
178 | send -- "exit\r" | ||
179 | after 100 | ||
180 | |||
181 | puts "\nall done\n" | ||
diff --git a/test/network/README b/test/network/README deleted file mode 100644 index 1e215b41e..000000000 --- a/test/network/README +++ /dev/null | |||
@@ -1,14 +0,0 @@ | |||
1 | Warning: this test requires root access to configure a number of bridge, mac | ||
2 | and vlan devices. Please take a look at configure file. By the time you are | ||
3 | finished testing, you'll probably have to reboot the computer to get your | ||
4 | networking subsystem back to normal. | ||
5 | |||
6 | Limitations - to be investigated and fixed: | ||
7 | - the test is assuming an eth0 wired interface to be present | ||
8 | - using netstat and ifconfig - this needs to be moved to iproute2 | ||
9 | - configure script inserts an entry in system netfilter configuration | ||
10 | - the test will probably not work on grsecurity settings | ||
11 | - macvlan interfaces don't seem to work correctly under VirtualBox | ||
12 | |||
13 | Run the test: | ||
14 | $ ./network.sh | grep TESTING | ||
diff --git a/test/network/bandwidth.exp b/test/network/bandwidth.exp deleted file mode 100755 index ef68165b7..000000000 --- a/test/network/bandwidth.exp +++ /dev/null | |||
@@ -1,68 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=test --net=br0\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --bandwidth=test status\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 1\n";exit} | ||
21 | "qdisc * 0: dev eth0" | ||
22 | } | ||
23 | sleep 1 | ||
24 | |||
25 | send -- "firejail --bandwidth=test set br0 50 10\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 2\n";exit} | ||
28 | "Configuring interface eth0" | ||
29 | } | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 3\n";exit} | ||
32 | "configuring tc ingress" | ||
33 | } | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 4\n";exit} | ||
36 | "configuring tc egress" | ||
37 | } | ||
38 | |||
39 | send -- "firejail --bandwidth=test status\r" | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR 5\n";exit} | ||
42 | "dev eth0" | ||
43 | } | ||
44 | expect { | ||
45 | timeout {puts "TESTING ERROR 6\n";exit} | ||
46 | "rate 80Kbit burst 10Kb" | ||
47 | } | ||
48 | sleep 1 | ||
49 | |||
50 | send -- "firejail --bandwidth=test clear br0\r" | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 7\n";exit} | ||
53 | "Removing bandwidth limits" | ||
54 | } | ||
55 | sleep 1 | ||
56 | |||
57 | send -- "stty -echo\r" | ||
58 | after 100 | ||
59 | |||
60 | send -- "firejail --bandwidth=test status; echo done\r" | ||
61 | expect { | ||
62 | timeout {puts "TESTING ERROR 8\n";exit} | ||
63 | "rate 80Kbit burst 10Kb" {puts "TESTING ERROR 9\n";exit} | ||
64 | "done" | ||
65 | } | ||
66 | after 100 | ||
67 | |||
68 | puts "\nall done\n" | ||
diff --git a/test/network/dns-print.exp b/test/network/dns-print.exp index 769d5431c..7d3da8ace 100755 --- a/test/network/dns-print.exp +++ b/test/network/dns-print.exp | |||
@@ -7,17 +7,17 @@ set timeout 10 | |||
7 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | send -- "firejail --name=test-dns --net=eth0 --dns=1.2.3.4 --dns=2.3.4.5 --dns=3.4.5.6\r" | 10 | send -- "firejail --name=test --net=br0 --dns=1.2.3.4 --dns=2.3.4.5 --dns=3.4.5.6\r" |
11 | expect { | 11 | expect { |
12 | timeout {puts "TESTING ERROR 1\n";exit} | 12 | timeout {puts "TESTING ERROR 0\n";exit} |
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | 13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" |
14 | } | 14 | } |
15 | sleep 1 | 15 | sleep 1 |
16 | 16 | ||
17 | spawn $env(SHELL) | 17 | spawn $env(SHELL) |
18 | send -- "firejail --dns.print=test-dns\r" | 18 | send -- "firejail --dns.print=test\r" |
19 | expect { | 19 | expect { |
20 | timeout {puts "TESTING ERROR 2\n";exit} | 20 | timeout {puts "TESTING ERROR 1\n";exit} |
21 | "nameserver 1.2.3.4" | 21 | "nameserver 1.2.3.4" |
22 | } | 22 | } |
23 | expect { | 23 | expect { |
@@ -25,10 +25,10 @@ expect { | |||
25 | "nameserver 2.3.4.5" | 25 | "nameserver 2.3.4.5" |
26 | } | 26 | } |
27 | expect { | 27 | expect { |
28 | timeout {puts "TESTING ERROR 2\n";exit} | 28 | timeout {puts "TESTING ERROR 3\n";exit} |
29 | "nameserver 3.4.5.6" | 29 | "nameserver 3.4.5.6" |
30 | } | 30 | } |
31 | 31 | ||
32 | after 100 | 32 | after 500 |
33 | 33 | ||
34 | puts "\nall done\n" | 34 | puts "\nall done\n" |
diff --git a/test/network/firemon-arp.exp b/test/network/firemon-arp.exp deleted file mode 100755 index 858c4a729..000000000 --- a/test/network/firemon-arp.exp +++ /dev/null | |||
@@ -1,53 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | #send -- "ping -c 3 192.168.1.1\r" | ||
11 | #expect { | ||
12 | # timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | # "3 packets transmitted" | ||
14 | #} | ||
15 | #sleep 1 | ||
16 | |||
17 | send -- "firejail --name=test1\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 1\n";exit} | ||
20 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
21 | } | ||
22 | sleep 1 | ||
23 | |||
24 | spawn $env(SHELL) | ||
25 | send -- "firejail --name=test2\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 2\n";exit} | ||
28 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
29 | } | ||
30 | sleep 1 | ||
31 | |||
32 | spawn $env(SHELL) | ||
33 | send -- "firemon --arp\r" | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 3\n";exit} | ||
36 | "name=test1" | ||
37 | } | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 4\n";exit} | ||
40 | "192.168.1.1 dev eth0 lladdr" {puts "Debian testing\n";} | ||
41 | "192.168.1.1 dev enp0s3 lladdr" {puts "Centos 7 testing\n";} | ||
42 | } | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 5\n";exit} | ||
45 | "REACHABLE" | ||
46 | } | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 6\n";exit} | ||
49 | "name=test2" | ||
50 | } | ||
51 | after 100 | ||
52 | |||
53 | puts "\nall done\n" | ||
diff --git a/test/network/firemon-interfaces.exp b/test/network/firemon-interfaces.exp deleted file mode 100755 index 47e540cc5..000000000 --- a/test/network/firemon-interfaces.exp +++ /dev/null | |||
@@ -1,66 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --net=eth0 --name=test1\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 9\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --net=eth0 --name=test2\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 9\n";exit} | ||
21 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
22 | } | ||
23 | sleep 1 | ||
24 | |||
25 | spawn $env(SHELL) | ||
26 | send -- "firemon --interface\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 9\n";exit} | ||
29 | "Link status" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 9\n";exit} | ||
33 | "lo UP" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 9\n";exit} | ||
37 | "eth0-" | ||
38 | } | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 9\n";exit} | ||
41 | "IPv4 status" | ||
42 | } | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 9\n";exit} | ||
45 | "lo UP" | ||
46 | } | ||
47 | expect { | ||
48 | timeout {puts "TESTING ERROR 9\n";exit} | ||
49 | "eth0-" | ||
50 | } | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 9\n";exit} | ||
53 | "IPv6 status" | ||
54 | } | ||
55 | expect { | ||
56 | timeout {puts "TESTING ERROR 9\n";exit} | ||
57 | "lo UP" | ||
58 | } | ||
59 | expect { | ||
60 | timeout {puts "TESTING ERROR 9\n";exit} | ||
61 | "eth0-" | ||
62 | } | ||
63 | |||
64 | after 100 | ||
65 | |||
66 | puts "\n" | ||
diff --git a/test/network/firemon-route.exp b/test/network/firemon-route.exp deleted file mode 100755 index 69cccfeae..000000000 --- a/test/network/firemon-route.exp +++ /dev/null | |||
@@ -1,52 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --name=test1\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --name=test2\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 1\n";exit} | ||
21 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
22 | } | ||
23 | sleep 1 | ||
24 | |||
25 | spawn $env(SHELL) | ||
26 | send -- "firemon --route\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 2\n";exit} | ||
29 | "name=test1" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 3\n";exit} | ||
33 | "0.0.0.0/0 via 192.168.1.1, dev eth0, metric 0" {puts "Debian testing\n";} | ||
34 | "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 1024" {puts "Centos 7 testing\n";} | ||
35 | "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 0" {puts "OpenSUSE testing\n";} | ||
36 | "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 100" {puts "Arch testing\n";} | ||
37 | } | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 4\n";exit} | ||
40 | "10.10.30.0/24, dev br1, scope link src 10.10.30.1" | ||
41 | } | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 5\n";exit} | ||
44 | "10.10.50.0/24, dev br3, scope link src 10.10.50.1" | ||
45 | } | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 6\n";exit} | ||
48 | "name=test2" | ||
49 | } | ||
50 | after 100 | ||
51 | |||
52 | puts "\nalldone\n" | ||
diff --git a/test/network/interface.exp b/test/network/interface.exp deleted file mode 100755 index 2bcc6e88b..000000000 --- a/test/network/interface.exp +++ /dev/null | |||
@@ -1,63 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | # | ||
6 | # interface | ||
7 | # | ||
8 | |||
9 | set timeout 10 | ||
10 | spawn $env(SHELL) | ||
11 | match_max 100000 | ||
12 | set overlay [lindex $argv 0] | ||
13 | set chroot [lindex $argv 1] | ||
14 | |||
15 | # | ||
16 | # N | ||
17 | # | ||
18 | # todo: seems to be unable to find interface eth0.7 | ||
19 | #send -- "firejail --noprofile --interface=eth0.5 --interface=eth0.6 --interface=eth0.7\r" | ||
20 | send -- "firejail --noprofile --interface=eth0.5 --interface=eth0.6\r" | ||
21 | expect { | ||
22 | timeout {puts "TESTING ERROR 0\n";exit} | ||
23 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
24 | } | ||
25 | sleep 1 | ||
26 | |||
27 | send -- "/sbin/ifconfig\r" | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 1\n";exit} | ||
30 | "eth0.5" | ||
31 | } | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 2\n";exit} | ||
34 | "Link" {puts "old net-tools\n";} | ||
35 | "flags" {puts "new net-tools\n";} | ||
36 | } | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 3\n";exit} | ||
39 | "10.10.205.10" | ||
40 | } | ||
41 | after 100 | ||
42 | |||
43 | send -- "/sbin/ifconfig\r" | ||
44 | expect { | ||
45 | timeout {puts "TESTING ERROR 5\n";exit} | ||
46 | "eth0.6" | ||
47 | } | ||
48 | expect { | ||
49 | timeout {puts "TESTING ERROR 6\n";exit} | ||
50 | "Link" {puts "old net-tools\n";} | ||
51 | "flags" {puts "new net-tools\n";} | ||
52 | } | ||
53 | expect { | ||
54 | timeout {puts "TESTING ERROR 7\n";exit} | ||
55 | "10.10.206.10" | ||
56 | } | ||
57 | after 100 | ||
58 | |||
59 | send -- "exit\r" | ||
60 | sleep 1 | ||
61 | |||
62 | |||
63 | puts "\nall done\n" | ||
diff --git a/test/network/ip6.exp b/test/network/ip6.exp deleted file mode 100755 index 1f6581ae4..000000000 --- a/test/network/ip6.exp +++ /dev/null | |||
@@ -1,100 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --debug --noprofile --net=br0 --ip6=2001:0db8:0:f101::1/64 --netfilter6=ipv6.net\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | "Installing IPv6 firewall" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "DROP" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 2\n";exit} | ||
21 | "unable to initialize table 'filter'" {puts "\nTESTING SKIP 2: no IPv6 support\n"; exit} | ||
22 | "2001:db8:1f0a:3ec::2" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
27 | } | ||
28 | sleep 2 | ||
29 | |||
30 | send -- "/sbin/ifconfig\r" | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 4\n";exit} | ||
33 | "inet6" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 5\n";exit} | ||
37 | "2001:db8:0:f101::1" | ||
38 | } | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 6\n";exit} | ||
41 | "Scope:Global" { puts "Debian\n"} | ||
42 | "scopeid 0x0<global>" { puts "Arch\n"} | ||
43 | } | ||
44 | |||
45 | send -- "exit\r" | ||
46 | sleep 2 | ||
47 | |||
48 | |||
49 | |||
50 | |||
51 | send -- "firejail --debug --profile=ip6.profile\r" | ||
52 | expect { | ||
53 | timeout {puts "TESTING ERROR 10\n";exit} | ||
54 | "Installing IPv6 firewall" | ||
55 | } | ||
56 | expect { | ||
57 | timeout {puts "TESTING ERROR 11\n";exit} | ||
58 | "DROP" | ||
59 | } | ||
60 | expect { | ||
61 | timeout {puts "TESTING ERROR 12\n";exit} | ||
62 | "unable to initialize table 'filter'" {puts "\nTESTING SKIP 2: no IPv6 support\n"; exit} | ||
63 | "2001:db8:1f0a:3ec::2" | ||
64 | } | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 13\n";exit} | ||
67 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
68 | } | ||
69 | sleep 2 | ||
70 | |||
71 | send -- "/sbin/ifconfig\r" | ||
72 | expect { | ||
73 | timeout {puts "TESTING ERROR 14\n";exit} | ||
74 | "inet6" | ||
75 | } | ||
76 | expect { | ||
77 | timeout {puts "TESTING ERROR 15\n";exit} | ||
78 | "2001:db8:0:f101::1" | ||
79 | } | ||
80 | expect { | ||
81 | timeout {puts "TESTING ERROR 16\n";exit} | ||
82 | "Scope:Global" { puts "Debian\n"} | ||
83 | "scopeid 0x0<global>" { puts "Arch\n"} | ||
84 | } | ||
85 | |||
86 | send -- "exit\r" | ||
87 | sleep 2 | ||
88 | |||
89 | send -- "firejail --debug --netfilter6=ipv6.net\r" | ||
90 | expect { | ||
91 | timeout {puts "TESTING ERROR 11\n";exit} | ||
92 | "Installing IPv6 firewall" {puts "TESTING ERROR 12\n";exit} | ||
93 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
94 | } | ||
95 | after 100 | ||
96 | send -- "exit\r" | ||
97 | |||
98 | |||
99 | after 100 | ||
100 | puts "\nall done\n" | ||
diff --git a/test/network/ip6.profile b/test/network/ip6.profile deleted file mode 100644 index 87afa3941..000000000 --- a/test/network/ip6.profile +++ /dev/null | |||
@@ -1,3 +0,0 @@ | |||
1 | net br0 | ||
2 | ip6 2001:0db8:0:f101::1/64 | ||
3 | netfilter6 ipv6.net | ||
diff --git a/test/network/iprange.exp b/test/network/iprange.exp deleted file mode 100755 index a4e5560c1..000000000 --- a/test/network/iprange.exp +++ /dev/null | |||
@@ -1,102 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --net=br1 --iprange=10.10.30.50,10.10.30.55\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | "eth0" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 1\n";exit} | ||
17 | "10.10.30.50" {puts "10.10.30.50\n"} | ||
18 | "10.10.30.51" {puts "10.10.30.51\n"} | ||
19 | "10.10.30.52" {puts "10.10.30.52\n"} | ||
20 | "10.10.30.53" {puts "10.10.30.53\n"} | ||
21 | "10.10.30.54" {puts "10.10.30.54\n"} | ||
22 | "10.10.30.55" {puts "10.10.30.55\n"} | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 2\n";exit} | ||
26 | "255.255.255.0" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 3\n";exit} | ||
30 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
31 | } | ||
32 | after 100 | ||
33 | send -- "exit\r" | ||
34 | sleep 1 | ||
35 | |||
36 | send -- "firejail --profile=iprange.profile\r" | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 5\n";exit} | ||
39 | "eth0" | ||
40 | } | ||
41 | expect { | ||
42 | timeout {puts "TESTING ERROR 6\n";exit} | ||
43 | "10.10.30.50" {puts "10.10.30.50\n"} | ||
44 | "10.10.30.51" {puts "10.10.30.51\n"} | ||
45 | "10.10.30.52" {puts "10.10.30.52\n"} | ||
46 | "10.10.30.53" {puts "10.10.30.53\n"} | ||
47 | "10.10.30.54" {puts "10.10.30.54\n"} | ||
48 | "10.10.30.55" {puts "10.10.30.55\n"} | ||
49 | } | ||
50 | expect { | ||
51 | timeout {puts "TESTING ERROR 7\n";exit} | ||
52 | "255.255.255.0" | ||
53 | } | ||
54 | expect { | ||
55 | timeout {puts "TESTING ERROR 8\n";exit} | ||
56 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
57 | } | ||
58 | after 100 | ||
59 | send -- "exit\r" | ||
60 | sleep 1 | ||
61 | |||
62 | |||
63 | |||
64 | send -- "firejail --iprange=10.10.30.50,10.10.30.55\r" | ||
65 | expect { | ||
66 | timeout {puts "TESTING ERROR 9\n";exit} | ||
67 | "no network device configured" | ||
68 | } | ||
69 | after 100 | ||
70 | |||
71 | send -- "firejail --net=br1 --iprange=10.10.30.50,10.10.30.55 --iprange=10.10.30.50,10.10.30.55\r" | ||
72 | expect { | ||
73 | timeout {puts "TESTING ERROR 10\n";exit} | ||
74 | "cannot configure the IP range twice for the same interface" | ||
75 | } | ||
76 | after 100 | ||
77 | |||
78 | send -- "firejail --net=br1 --iprange=10.10.30.50\r" | ||
79 | expect { | ||
80 | timeout {puts "TESTING ERROR 11\n";exit} | ||
81 | "invalid IP range" | ||
82 | } | ||
83 | after 100 | ||
84 | |||
85 | send -- "firejail --net=br0 --iprange=10.10.30.50,10.10.30.55\r" | ||
86 | expect { | ||
87 | timeout {puts "TESTING ERROR 12\n";exit} | ||
88 | "IP range addresses not in network range" | ||
89 | } | ||
90 | after 100 | ||
91 | |||
92 | send -- "firejail --net=br1 --iprange=10.10.30.55,10.10.30.50\r" | ||
93 | expect { | ||
94 | timeout {puts "TESTING ERROR 12\n";exit} | ||
95 | "invalid IP range" | ||
96 | } | ||
97 | after 100 | ||
98 | |||
99 | |||
100 | after 100 | ||
101 | |||
102 | puts "\nall done\n" | ||
diff --git a/test/network/iprange.profile b/test/network/iprange.profile deleted file mode 100644 index ecc01cd93..000000000 --- a/test/network/iprange.profile +++ /dev/null | |||
@@ -1,2 +0,0 @@ | |||
1 | net br1 | ||
2 | iprange 10.10.30.50,10.10.30.55 | ||
diff --git a/test/network/ipv6.net b/test/network/ipv6.net deleted file mode 100644 index cc8f22943..000000000 --- a/test/network/ipv6.net +++ /dev/null | |||
@@ -1,8 +0,0 @@ | |||
1 | # Generated by ip6tables-save v1.4.14 on Wed Jan 13 10:53:40 2016 | ||
2 | *filter | ||
3 | :INPUT ACCEPT [0:0] | ||
4 | :FORWARD ACCEPT [0:0] | ||
5 | :OUTPUT ACCEPT [0:0] | ||
6 | -A INPUT -s 2001:db8:1f0a:3ec::2/128 -j DROP | ||
7 | COMMIT | ||
8 | # Completed on Wed Jan 13 10:53:40 2016 | ||
diff --git a/test/network/net-profile.profile b/test/network/net-profile.profile deleted file mode 100644 index 89e431939..000000000 --- a/test/network/net-profile.profile +++ /dev/null | |||
@@ -1,9 +0,0 @@ | |||
1 | net br0 | ||
2 | mac 00:11:22:33:44:55 | ||
3 | mtu 1000 | ||
4 | net br1 | ||
5 | ip 10.10.30.50 | ||
6 | net br2 | ||
7 | ip 10.10.40.100 | ||
8 | net br3 | ||
9 | defaultgw 10.10.20.2 | ||
diff --git a/test/network/net_arp.exp b/test/network/net_arp.exp deleted file mode 100755 index f3e1f6e25..000000000 --- a/test/network/net_arp.exp +++ /dev/null | |||
@@ -1,74 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --net=br0 sleep 20 &\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | send -- "firejail --net=br0 sleep 20 &\r" | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 1\n";exit} | ||
18 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
19 | } | ||
20 | send -- "firejail --net=br0 sleep 20 &\r" | ||
21 | expect { | ||
22 | timeout {puts "TESTING ERROR 2\n";exit} | ||
23 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
24 | } | ||
25 | send -- "firejail --net=br0 sleep 20 &\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 3\n";exit} | ||
28 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
29 | } | ||
30 | send -- "firejail --net=br0 sleep 20 &\r" | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 4\n";exit} | ||
33 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
34 | } | ||
35 | |||
36 | # will fail | ||
37 | send -- "firejail --net=br0 sleep 20 &\r" | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 5n";exit} | ||
40 | "cannot assign an IP address" | ||
41 | } | ||
42 | |||
43 | send -- "firejail --net=br0 sleep 20 &\r" | ||
44 | expect { | ||
45 | timeout {puts "TESTING ERROR 6\n";exit} | ||
46 | "cannot assign an IP address" | ||
47 | } | ||
48 | |||
49 | # check firejail --list | ||
50 | send -- "firejail --list\r" | ||
51 | expect { | ||
52 | timeout {puts "TESTING ERROR 7.1\n";exit} | ||
53 | "sleep 20" | ||
54 | } | ||
55 | expect { | ||
56 | timeout {puts "TESTING ERROR 7.2\n";exit} | ||
57 | "sleep 20" | ||
58 | } | ||
59 | expect { | ||
60 | timeout {puts "TESTING ERROR 7.3\n";exit} | ||
61 | "sleep 20" | ||
62 | } | ||
63 | expect { | ||
64 | timeout {puts "TESTING ERROR 7.4\n";exit} | ||
65 | "sleep 20" | ||
66 | } | ||
67 | expect { | ||
68 | timeout {puts "TESTING ERROR 7.5\n";exit} | ||
69 | "sleep 20" | ||
70 | } | ||
71 | |||
72 | # wait for sandboxes to be shutdown | ||
73 | sleep 30 | ||
74 | puts "\n" | ||
diff --git a/test/network/net_badip.exp b/test/network/net_badip.exp deleted file mode 100755 index 3a45496c7..000000000 --- a/test/network/net_badip.exp +++ /dev/null | |||
@@ -1,18 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check eth0 | ||
11 | send -- "firejail --net=br0 --net=br1 --ip=10.100.10.47\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0.0\n";exit} | ||
14 | "the IP address is not" | ||
15 | } | ||
16 | after 100 | ||
17 | |||
18 | puts "\n" | ||
diff --git a/test/network/net_defaultgw.exp b/test/network/net_defaultgw.exp deleted file mode 100755 index ee1ac9882..000000000 --- a/test/network/net_defaultgw.exp +++ /dev/null | |||
@@ -1,50 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --net=br0 --ip=10.10.20.5 --defaultgw=10.10.20.2 --protocol=unix,inet,netlink\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "eth0" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 1\n";exit} | ||
18 | "10.10.20.5" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 2\n";exit} | ||
22 | "255.255.255.248" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | "UP" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 4\n";exit} | ||
30 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
31 | } | ||
32 | sleep 1 | ||
33 | |||
34 | # check default gateway | ||
35 | send -- "ip route show\r" | ||
36 | expect { | ||
37 | timeout {puts "TESTING ERROR 10.1\n";exit} | ||
38 | "default via 10.10.20.2 dev eth0" | ||
39 | } | ||
40 | |||
41 | send -- "ip route show\r" | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 10.2\n";exit} | ||
44 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";} | ||
45 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";} | ||
46 | } | ||
47 | send -- "exit\r" | ||
48 | after 100 | ||
49 | |||
50 | puts "\nall done\n" | ||
diff --git a/test/network/net_defaultgw2.exp b/test/network/net_defaultgw2.exp deleted file mode 100755 index 30c945718..000000000 --- a/test/network/net_defaultgw2.exp +++ /dev/null | |||
@@ -1,45 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --net=br0 --net=br1 --defaultgw=10.10.30.89 --protocol=unix,inet,netlink\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "eth1" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 4\n";exit} | ||
18 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
19 | } | ||
20 | sleep 1 | ||
21 | |||
22 | # check default gateway | ||
23 | send -- "ip route show\r" | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 10.1\n";exit} | ||
26 | "default via 10.10.30.89 dev eth1" | ||
27 | } | ||
28 | |||
29 | send -- "ip route show\r" | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 10.2\n";exit} | ||
32 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";} | ||
33 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";} | ||
34 | } | ||
35 | |||
36 | send -- "ip route show\r" | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 10.3\n";exit} | ||
39 | "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "old iproute2\n";} | ||
40 | "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "new iproute2\n";} | ||
41 | } | ||
42 | send -- "exit\r" | ||
43 | after 100 | ||
44 | |||
45 | puts "\nall done\n" | ||
diff --git a/test/network/net_defaultgw3.exp b/test/network/net_defaultgw3.exp deleted file mode 100755 index aa9bac156..000000000 --- a/test/network/net_defaultgw3.exp +++ /dev/null | |||
@@ -1,20 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --net=br0 --net=br1 --defaultgw=10.10.95.89\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "default gateway 10.10.95.89 is not in the range of any network" | ||
15 | } | ||
16 | |||
17 | after 100 | ||
18 | |||
19 | |||
20 | puts "\n" | ||
diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp index 304b71814..251b55362 100755 --- a/test/network/net_ip.exp +++ b/test/network/net_ip.exp | |||
@@ -94,8 +94,40 @@ expect { | |||
94 | } | 94 | } |
95 | after 500 | 95 | after 500 |
96 | 96 | ||
97 | send -- "firejail --noprofile --net=br0 --ip=none ip addr show\r" | ||
98 | expect { | ||
99 | timeout {puts "TESTING ERROR 17\n";exit} | ||
100 | "eth0" {puts "TESTING ERROR 18\n";exit} | ||
101 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
102 | } | ||
103 | expect { | ||
104 | timeout {puts "TESTING ERROR 19\n";exit} | ||
105 | "eth0" | ||
106 | } | ||
107 | expect { | ||
108 | timeout {puts "TESTING ERROR 20\n";exit} | ||
109 | "inet " {puts "TESTING ERROR 21\n";exit} | ||
110 | "inet6" | ||
111 | } | ||
112 | after 500 | ||
97 | 113 | ||
114 | send -- "firejail --net=br0 --mtu=1000 --noprofile ip link show\r" | ||
115 | expect { | ||
116 | timeout {puts "TESTING ERROR 22\n";exit} | ||
117 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
118 | } | ||
119 | expect { | ||
120 | timeout {puts "TESTING ERROR 23\n";exit} | ||
121 | "eth0" | ||
122 | } | ||
123 | expect { | ||
124 | timeout {puts "TESTING ERROR 24\n";exit} | ||
125 | "mtu 1000" | ||
126 | } | ||
127 | expect { | ||
128 | timeout {puts "TESTING ERROR 25\n";exit} | ||
129 | "state UP" | ||
130 | } | ||
98 | 131 | ||
99 | 132 | after 500 | |
100 | after 100 | ||
101 | puts "\nall done\n" | 133 | puts "\nall done\n" |
diff --git a/test/network/net_local.exp b/test/network/net_local.exp deleted file mode 100755 index 117b94212..000000000 --- a/test/network/net_local.exp +++ /dev/null | |||
@@ -1,49 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --noprofile --debug\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "Using the local network stack" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 4\n";exit} | ||
18 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
19 | } | ||
20 | sleep 1 | ||
21 | send -- "exit\r" | ||
22 | sleep 1 | ||
23 | |||
24 | # check loopback | ||
25 | send -- "firejail --noprofile\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 9\n";exit} | ||
28 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
29 | } | ||
30 | sleep 1 | ||
31 | |||
32 | |||
33 | send -- "/sbin/ifconfig\r" | ||
34 | expect { | ||
35 | timeout {puts "TESTING ERROR 5\n";exit} | ||
36 | "lo" | ||
37 | } | ||
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 6\n";exit} | ||
40 | "127.0.0.1" | ||
41 | } | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 7\n";exit} | ||
44 | "255.0.0.0" | ||
45 | } | ||
46 | send -- "exit\r" | ||
47 | after 100 | ||
48 | |||
49 | puts "all done\n" | ||
diff --git a/test/network/net_macvlan2.exp b/test/network/net_macvlan2.exp deleted file mode 100755 index 0fcea53dd..000000000 --- a/test/network/net_macvlan2.exp +++ /dev/null | |||
@@ -1,42 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --net=eth0 --net=eth0 --net=eth0 --net=eth0\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
13 | "eth0-" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 0.2\n";exit} | ||
17 | "eth1-" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 0.3\n";exit} | ||
21 | "eth2-" | ||
22 | } | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 0.4\n";exit} | ||
25 | "eth3-" | ||
26 | } | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 0.5\n";exit} | ||
29 | "Default gateway 192.168.1.1" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 0.6\n";exit} | ||
33 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
34 | } | ||
35 | after 100 | ||
36 | send -- "exit\r" | ||
37 | sleep 1 | ||
38 | |||
39 | |||
40 | after 100 | ||
41 | |||
42 | puts "\nall done\n" | ||
diff --git a/test/network/net_mtu.exp b/test/network/net_mtu.exp deleted file mode 100755 index b87db1296..000000000 --- a/test/network/net_mtu.exp +++ /dev/null | |||
@@ -1,34 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --net=br0 --mtu=1000 --noprofile\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 1\n";exit} | ||
14 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
15 | } | ||
16 | sleep 1 | ||
17 | |||
18 | send -- "ip link show\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 2\n";exit} | ||
21 | "eth0" | ||
22 | } | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 3\n";exit} | ||
25 | "mtu 1000" | ||
26 | } | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 4\n";exit} | ||
29 | "state UP" | ||
30 | } | ||
31 | send -- "exit\r" | ||
32 | after 100 | ||
33 | |||
34 | puts "\nall done\n" | ||
diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp index 97170a1b9..56480251e 100755 --- a/test/network/net_netfilter.exp +++ b/test/network/net_netfilter.exp | |||
@@ -8,83 +8,20 @@ spawn $env(SHELL) | |||
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | # check default netfilter on br0 | 10 | # check default netfilter on br0 |
11 | send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter\r" | 11 | send -- "firejail --name=test --net=br0 --netfilter\r" |
12 | expect { | 12 | expect { |
13 | timeout {puts "TESTING ERROR 0\n";exit} | 13 | timeout {puts "TESTING ERROR 0\n";exit} |
14 | "Installing firewall" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 1\n";exit} | ||
18 | "Chain INPUT (policy DROP" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 2\n";exit} | ||
22 | "ACCEPT all -- any any anywhere" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | "ACCEPT icmp -- any any anywhere" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 4\n";exit} | ||
30 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | 14 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" |
31 | } | 15 | } |
32 | sleep 1 | 16 | sleep 2 |
33 | send -- "exit\r" | 17 | spawn $env(SHELL) |
34 | sleep 1 | ||
35 | 18 | ||
36 | # check default netfilter no new network | 19 | # check default netfilter no new network |
37 | send -- "firejail --debug --noprofile --netfilter\r" | 20 | send -- "firejail --netfilter.print=test\r" |
38 | expect { | ||
39 | timeout {puts "TESTING ERROR 5\n";exit} | ||
40 | "Installing network filter" {puts "TESTING ERROR 5.1\n";exit} | ||
41 | "Chain INPUT (policy DROP" {puts "TESTING ERROR 5.1\n";exit} | ||
42 | "ACCEPT all -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit} | ||
43 | "ACCEPT icmp -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit} | ||
44 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
45 | } | ||
46 | sleep 1 | ||
47 | send -- "exit\r" | ||
48 | sleep 1 | ||
49 | |||
50 | # check file filter netfilter on br0 | ||
51 | send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter=netfilter.filter\r" | ||
52 | expect { | ||
53 | timeout {puts "TESTING ERROR 6\n";exit} | ||
54 | "Installing firewall" | ||
55 | } | ||
56 | expect { | ||
57 | timeout {puts "TESTING ERROR 6.1\n";exit} | ||
58 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
59 | } | ||
60 | sleep 1 | ||
61 | send -- "ping -c 1 -w 3 10.10.20.1\r" | ||
62 | expect { | ||
63 | timeout {puts "TESTING ERROR 6.2\n";exit} | ||
64 | "0 received, 100% packet loss" | ||
65 | } | ||
66 | |||
67 | send -- "exit\r" | ||
68 | sleep 1 | ||
69 | |||
70 | # check profile netfilter on br0 | ||
71 | send -- "firejail --debug --net=br0 --ip=10.10.20.5 --profile=netfilter.profile\r" | ||
72 | expect { | 21 | expect { |
73 | timeout {puts "TESTING ERROR 7\n";exit} | 22 | timeout {puts "TESTING ERROR 1\n";exit} |
74 | "Installing firewall" | 23 | "ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED" |
75 | } | ||
76 | expect { | ||
77 | timeout {puts "TESTING ERROR 7.1\n";exit} | ||
78 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
79 | } | ||
80 | sleep 2 | ||
81 | send -- "ping -c 1 -w 3 10.10.20.1\r" | ||
82 | expect { | ||
83 | timeout {puts "TESTING ERROR 7.2\n";exit} | ||
84 | "0 received, 100% packet loss" | ||
85 | } | 24 | } |
86 | 25 | ||
87 | send -- "exit\r" | 26 | after 500 |
88 | after 100 | ||
89 | |||
90 | puts "all done\n" | 27 | puts "all done\n" |
diff --git a/test/network/net_noip.exp b/test/network/net_noip.exp deleted file mode 100755 index 7da2e85ef..000000000 --- a/test/network/net_noip.exp +++ /dev/null | |||
@@ -1,48 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --noprofile --net=br0 --ip=none\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "eth0" {puts "TESTING ERROR 1\n";exit} | ||
15 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
16 | } | ||
17 | sleep 1 | ||
18 | send -- "bash\r" | ||
19 | sleep 1 | ||
20 | |||
21 | send -- "stty -echo\r" | ||
22 | after 100 | ||
23 | |||
24 | # no default gateway configured | ||
25 | send -- "netstat -rn;echo done\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 2\n";exit} | ||
28 | "0.0.0.0" {puts "TESTING ERROR 3\n";exit} | ||
29 | "eth0" {puts "TESTING ERROR 4\n";exit} | ||
30 | "done" | ||
31 | } | ||
32 | sleep 1 | ||
33 | |||
34 | # eth0 configured | ||
35 | send -- "/sbin/ifconfig;echo done\r" | ||
36 | expect { | ||
37 | timeout {puts "TESTING ERROR 5\n";exit} | ||
38 | "eth0" | ||
39 | } | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR 6\n";exit} | ||
42 | "10.10.20" {puts "TESTING ERROR 7\n";exit} | ||
43 | "done" | ||
44 | } | ||
45 | send -- "exit\r" | ||
46 | after 100 | ||
47 | |||
48 | puts "all done\n" | ||
diff --git a/test/network/net_noip2.exp b/test/network/net_noip2.exp deleted file mode 100755 index a0828a0e7..000000000 --- a/test/network/net_noip2.exp +++ /dev/null | |||
@@ -1,47 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --noprofile --net=br1 --ip=none --defaultgw=10.10.30.78\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "eth0" {puts "TESTING ERROR 1\n";exit} | ||
15 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
16 | } | ||
17 | sleep 1 | ||
18 | send -- "bash\r" | ||
19 | sleep 1 | ||
20 | send -- "stty -echo\r" | ||
21 | after 100 | ||
22 | |||
23 | # no default gateway configured | ||
24 | send -- "netstat -rn;echo done\r" | ||
25 | expect { | ||
26 | timeout {puts "TESTING ERROR 2\n";exit} | ||
27 | "0.0.0.0" {puts "TESTING ERROR 3\n";exit} | ||
28 | "eth0" {puts "TESTING ERROR 4\n";exit} | ||
29 | "done" | ||
30 | } | ||
31 | sleep 1 | ||
32 | |||
33 | # eth0 configured | ||
34 | send -- "/sbin/ifconfig;echo done\r" | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 5\n";exit} | ||
37 | "eth0" | ||
38 | } | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 6\n";exit} | ||
41 | "10.10.30" {puts "TESTING ERROR 7\n";exit} | ||
42 | "done" | ||
43 | } | ||
44 | send -- "exit\r" | ||
45 | after 100 | ||
46 | |||
47 | puts "all done\n" | ||
diff --git a/test/network/net_none.exp b/test/network/net_none.exp index 6932c7e8a..24d11d383 100755 --- a/test/network/net_none.exp +++ b/test/network/net_none.exp | |||
@@ -38,6 +38,6 @@ expect { | |||
38 | "3" | 38 | "3" |
39 | } | 39 | } |
40 | send -- "exit\r" | 40 | send -- "exit\r" |
41 | after 100 | 41 | after 500 |
42 | 42 | ||
43 | puts "\nall done\n" | 43 | puts "\nall done\n" |
diff --git a/test/network/net_profile.exp b/test/network/net_profile.exp deleted file mode 100755 index d9ce166fd..000000000 --- a/test/network/net_profile.exp +++ /dev/null | |||
@@ -1,78 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check eth0 | ||
11 | send -- "firejail --profile=net-profile.profile\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0.0\n";exit} | ||
14 | "eth0" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
18 | "00:11:22:33:44:55" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 0.1\n";exit} | ||
22 | "10.10.20" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 0.2\n";exit} | ||
26 | "255.255.255.248" | ||
27 | } | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 0.3\n";exit} | ||
30 | "UP" | ||
31 | } | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 0.4\n";exit} | ||
34 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
35 | } | ||
36 | sleep 1 | ||
37 | |||
38 | send -- "ip route show\r" | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 1\n";exit} | ||
41 | "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "old iproute2\n";} | ||
42 | "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "new iproute2\n";} | ||
43 | } | ||
44 | |||
45 | send -- "ip route show\r" | ||
46 | expect { | ||
47 | timeout {puts "TESTING ERROR 2\n";exit} | ||
48 | "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "old iproute2\n";} | ||
49 | "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "new iproute2\n";} | ||
50 | } | ||
51 | |||
52 | |||
53 | # check default gw | ||
54 | send -- "ip route show\r" | ||
55 | expect { | ||
56 | timeout {puts "TESTING ERROR 3\n";exit} | ||
57 | "default via 10.10.20.2 dev eth0" | ||
58 | } | ||
59 | |||
60 | # check mtu | ||
61 | send -- "ip link show\r" | ||
62 | expect { | ||
63 | timeout {puts "TESTING ERROR 4\n";exit} | ||
64 | "eth0" | ||
65 | } | ||
66 | expect { | ||
67 | timeout {puts "TESTING ERROR 5\n";exit} | ||
68 | "mtu 1000" | ||
69 | } | ||
70 | expect { | ||
71 | timeout {puts "TESTING ERROR 6\n";exit} | ||
72 | "state UP" | ||
73 | } | ||
74 | |||
75 | send -- "exit\r" | ||
76 | after 100 | ||
77 | |||
78 | puts "\nall done\n" | ||
diff --git a/test/network/net_scan.exp b/test/network/net_scan.exp index 8d3e95f29..0369ab9aa 100755 --- a/test/network/net_scan.exp +++ b/test/network/net_scan.exp | |||
@@ -8,14 +8,14 @@ spawn $env(SHELL) | |||
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | # | 10 | # |
11 | send -- "firejail --net=br1 --ip=10.10.30.50\r" | 11 | send -- "firejail --net=br0 --ip=10.10.20.50\r" |
12 | expect { | 12 | expect { |
13 | timeout {puts "TESTING ERROR 0\n";exit} | 13 | timeout {puts "TESTING ERROR 0\n";exit} |
14 | "eth0" | 14 | "eth0" |
15 | } | 15 | } |
16 | expect { | 16 | expect { |
17 | timeout {puts "TESTING ERROR 1\n";exit} | 17 | timeout {puts "TESTING ERROR 1\n";exit} |
18 | "10.10.30.50" | 18 | "10.10.20.50" |
19 | } | 19 | } |
20 | expect { | 20 | expect { |
21 | timeout {puts "TESTING ERROR 2\n";exit} | 21 | timeout {puts "TESTING ERROR 2\n";exit} |
@@ -28,14 +28,14 @@ expect { | |||
28 | sleep 1 | 28 | sleep 1 |
29 | 29 | ||
30 | spawn $env(SHELL) | 30 | spawn $env(SHELL) |
31 | send -- "firejail --net=br1 --ip=10.10.30.51\r" | 31 | send -- "firejail --net=br0 --ip=10.10.20.60\r" |
32 | expect { | 32 | expect { |
33 | timeout {puts "TESTING ERROR 4\n";exit} | 33 | timeout {puts "TESTING ERROR 4\n";exit} |
34 | "eth0" | 34 | "eth0" |
35 | } | 35 | } |
36 | expect { | 36 | expect { |
37 | timeout {puts "TESTING ERROR 5\n";exit} | 37 | timeout {puts "TESTING ERROR 5\n";exit} |
38 | "10.10.30.51" | 38 | "10.10.20.60" |
39 | } | 39 | } |
40 | expect { | 40 | expect { |
41 | timeout {puts "TESTING ERROR 6\n";exit} | 41 | timeout {puts "TESTING ERROR 6\n";exit} |
@@ -48,18 +48,18 @@ expect { | |||
48 | sleep 1 | 48 | sleep 1 |
49 | 49 | ||
50 | spawn $env(SHELL) | 50 | spawn $env(SHELL) |
51 | send -- "firejail --net=br1 --scan\r" | 51 | send -- "firejail --net=br0 --scan\r" |
52 | expect { | 52 | expect { |
53 | timeout {puts "TESTING ERROR 8\n";exit} | 53 | timeout {puts "TESTING ERROR 8\n";exit} |
54 | "eth0" | 54 | "eth0" |
55 | } | 55 | } |
56 | expect { | 56 | expect { |
57 | timeout {puts "TESTING ERROR 9\n";exit} | 57 | timeout {puts "TESTING ERROR 9\n";exit} |
58 | "10.10.30.50" | 58 | "10.10.20.50" |
59 | } | 59 | } |
60 | expect { | 60 | expect { |
61 | timeout {puts "TESTING ERROR 10\n";exit} | 61 | timeout {puts "TESTING ERROR 10\n";exit} |
62 | "10.10.30.51" | 62 | "10.10.20.60" |
63 | } | 63 | } |
64 | expect { | 64 | expect { |
65 | timeout {puts "TESTING ERROR 11\n";exit} | 65 | timeout {puts "TESTING ERROR 11\n";exit} |
@@ -67,8 +67,4 @@ expect { | |||
67 | } | 67 | } |
68 | sleep 1 | 68 | sleep 1 |
69 | 69 | ||
70 | |||
71 | |||
72 | after 100 | ||
73 | |||
74 | puts "\nall done\n" | 70 | puts "\nall done\n" |
diff --git a/test/network/net_unconfigured.exp b/test/network/net_unconfigured.exp deleted file mode 100755 index 7a9f05236..000000000 --- a/test/network/net_unconfigured.exp +++ /dev/null | |||
@@ -1,244 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # check ip address | ||
11 | send -- "firejail --noprofile --net=br-unconfigured --ip=none\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "eth0" {puts "TESTING ERROR 1\n";exit} | ||
15 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
16 | } | ||
17 | sleep 1 | ||
18 | send -- "bash\r" | ||
19 | sleep 1 | ||
20 | |||
21 | send -- "stty -echo\r" | ||
22 | after 100 | ||
23 | |||
24 | # no default gateway configured | ||
25 | send -- "netstat -rn;echo done\r" | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 2\n";exit} | ||
28 | "0.0.0.0" {puts "TESTING ERROR 3\n";exit} | ||
29 | "eth0" {puts "TESTING ERROR 4\n";exit} | ||
30 | "done" | ||
31 | } | ||
32 | sleep 1 | ||
33 | |||
34 | # eth0 configured | ||
35 | send -- "/sbin/ifconfig;echo done\r" | ||
36 | expect { | ||
37 | timeout {puts "TESTING ERROR 5\n";exit} | ||
38 | "eth0" | ||
39 | } | ||
40 | expect { | ||
41 | timeout {puts "TESTING ERROR 6\n";exit} | ||
42 | "done" | ||
43 | } | ||
44 | send -- "exit\r" | ||
45 | after 100 | ||
46 | send -- "exit\r" | ||
47 | after 100 | ||
48 | |||
49 | |||
50 | |||
51 | # check ip address | ||
52 | send -- "firejail --noprofile --net=br-unconfigured\r" | ||
53 | expect { | ||
54 | timeout {puts "TESTING ERROR 7\n";exit} | ||
55 | "eth0" {puts "TESTING ERROR 8\n";exit} | ||
56 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
57 | } | ||
58 | sleep 1 | ||
59 | send -- "bash\r" | ||
60 | sleep 1 | ||
61 | |||
62 | send -- "stty -echo\r" | ||
63 | after 100 | ||
64 | |||
65 | # no default gateway configured | ||
66 | send -- "netstat -rn;echo done\r" | ||
67 | expect { | ||
68 | timeout {puts "TESTING ERROR 9\n";exit} | ||
69 | "0.0.0.0" {puts "TESTING ERROR 10\n";exit} | ||
70 | "eth0" {puts "TESTING ERROR 11\n";exit} | ||
71 | "done" | ||
72 | } | ||
73 | sleep 1 | ||
74 | |||
75 | # eth0 configured | ||
76 | send -- "/sbin/ifconfig;echo done\r" | ||
77 | expect { | ||
78 | timeout {puts "TESTING ERROR 12\n";exit} | ||
79 | "eth0" | ||
80 | } | ||
81 | expect { | ||
82 | timeout {puts "TESTING ERROR 13\n";exit} | ||
83 | "done" | ||
84 | } | ||
85 | send -- "exit\r" | ||
86 | after 100 | ||
87 | send -- "exit\r" | ||
88 | after 100 | ||
89 | |||
90 | |||
91 | # check ip address | ||
92 | send -- "firejail --noprofile --net=br-unconfigured --defaultgw=10.10.80.1\r" | ||
93 | expect { | ||
94 | timeout {puts "TESTING ERROR 14\n";exit} | ||
95 | "eth0" {puts "TESTING ERROR 15\n";exit} | ||
96 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
97 | } | ||
98 | sleep 1 | ||
99 | send -- "bash\r" | ||
100 | sleep 1 | ||
101 | |||
102 | send -- "stty -echo\r" | ||
103 | after 100 | ||
104 | |||
105 | # no default gateway configured | ||
106 | send -- "netstat -rn;echo done\r" | ||
107 | expect { | ||
108 | timeout {puts "TESTING ERROR 16\n";exit} | ||
109 | "0.0.0.0" {puts "TESTING ERROR 17\n";exit} | ||
110 | "eth0" {puts "TESTING ERROR 18\n";exit} | ||
111 | "done" | ||
112 | } | ||
113 | sleep 1 | ||
114 | |||
115 | # eth0 configured | ||
116 | send -- "/sbin/ifconfig;echo done\r" | ||
117 | expect { | ||
118 | timeout {puts "TESTING ERROR 19\n";exit} | ||
119 | "eth0" | ||
120 | } | ||
121 | expect { | ||
122 | timeout {puts "TESTING ERROR 20\n";exit} | ||
123 | "done" | ||
124 | } | ||
125 | send -- "exit\r" | ||
126 | after 100 | ||
127 | send -- "exit\r" | ||
128 | after 100 | ||
129 | |||
130 | |||
131 | # check ip address | ||
132 | send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --defaultgw=10.10.80.1\r" | ||
133 | expect { | ||
134 | timeout {puts "TESTING ERROR 21\n";exit} | ||
135 | "eth0" {puts "TESTING ERROR 22\n";exit} | ||
136 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
137 | } | ||
138 | sleep 1 | ||
139 | send -- "bash\r" | ||
140 | sleep 1 | ||
141 | |||
142 | send -- "stty -echo\r" | ||
143 | after 100 | ||
144 | |||
145 | # no default gateway configured | ||
146 | send -- "netstat -rn;echo done\r" | ||
147 | expect { | ||
148 | timeout {puts "TESTING ERROR 23\n";exit} | ||
149 | "0.0.0.0" {puts "TESTING ERROR 24\n";exit} | ||
150 | "eth0" {puts "TESTING ERROR 25\n";exit} | ||
151 | "done" | ||
152 | } | ||
153 | sleep 1 | ||
154 | |||
155 | # eth0 configured | ||
156 | send -- "/sbin/ifconfig;echo done\r" | ||
157 | expect { | ||
158 | timeout {puts "TESTING ERROR 26\n";exit} | ||
159 | "eth0" | ||
160 | } | ||
161 | expect { | ||
162 | timeout {puts "TESTING ERROR 27\n";exit} | ||
163 | "done" | ||
164 | } | ||
165 | send -- "exit\r" | ||
166 | after 100 | ||
167 | send -- "exit\r" | ||
168 | after 100 | ||
169 | |||
170 | |||
171 | # check ip address | ||
172 | send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --netmask=255.255.255.0 --defaultgw=10.10.80.1\r" | ||
173 | expect { | ||
174 | timeout {puts "TESTING ERROR 28\n";exit} | ||
175 | "eth0" | ||
176 | } | ||
177 | expect { | ||
178 | timeout {puts "TESTING ERROR 29\n";exit} | ||
179 | "10.10.80.1" | ||
180 | } | ||
181 | expect { | ||
182 | timeout {puts "TESTING ERROR 30\n";exit} | ||
183 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
184 | } | ||
185 | sleep 1 | ||
186 | send -- "bash\r" | ||
187 | sleep 1 | ||
188 | |||
189 | send -- "stty -echo\r" | ||
190 | after 100 | ||
191 | |||
192 | # no default gateway configured | ||
193 | send -- "netstat -rn;echo done\r" | ||
194 | expect { | ||
195 | timeout {puts "TESTING ERROR 31\n";exit} | ||
196 | "0.0.0.0" | ||
197 | } | ||
198 | expect { | ||
199 | timeout {puts "TESTING ERROR 32\n";exit} | ||
200 | "10.10.80.1" | ||
201 | } | ||
202 | expect { | ||
203 | timeout {puts "TESTING ERROR 33\n";exit} | ||
204 | "eth0" | ||
205 | } | ||
206 | expect { | ||
207 | timeout {puts "TESTING ERROR 34\n";exit} | ||
208 | "10.10.80.0" | ||
209 | } | ||
210 | expect { | ||
211 | timeout {puts "TESTING ERROR 35\n";exit} | ||
212 | "0.0.0.0" | ||
213 | } | ||
214 | expect { | ||
215 | timeout {puts "TESTING ERROR 36\n";exit} | ||
216 | "eth0" | ||
217 | } | ||
218 | expect { | ||
219 | timeout {puts "TESTING ERROR 37\n";exit} | ||
220 | "done" | ||
221 | } | ||
222 | sleep 1 | ||
223 | |||
224 | # eth0 configured | ||
225 | send -- "/sbin/ifconfig;echo done\r" | ||
226 | expect { | ||
227 | timeout {puts "TESTING ERROR 38\n";exit} | ||
228 | "eth0" | ||
229 | } | ||
230 | expect { | ||
231 | timeout {puts "TESTING ERROR 39\n";exit} | ||
232 | "10.10.80.1" | ||
233 | } | ||
234 | expect { | ||
235 | timeout {puts "TESTING ERROR 40\n";exit} | ||
236 | "done" | ||
237 | } | ||
238 | send -- "exit\r" | ||
239 | after 100 | ||
240 | send -- "exit\r" | ||
241 | after 100 | ||
242 | |||
243 | |||
244 | puts "all done\n" | ||
diff --git a/test/network/net_veth.exp b/test/network/net_veth.exp deleted file mode 100755 index c8c0c47e1..000000000 --- a/test/network/net_veth.exp +++ /dev/null | |||
@@ -1,141 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --net=eth0\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 1\n";exit} | ||
13 | "lo" | ||
14 | } | ||
15 | expect { | ||
16 | timeout {puts "TESTING ERROR 2\n";exit} | ||
17 | "127.0.0.1" | ||
18 | } | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 3\n";exit} | ||
21 | "255.0.0.0" | ||
22 | } | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 4\n";exit} | ||
25 | "UP" | ||
26 | } | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 5\n";exit} | ||
29 | "eth0-" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 6\n";exit} | ||
33 | "255.255.255.0" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 7\n";exit} | ||
37 | "UP" | ||
38 | } | ||
39 | expect { | ||
40 | timeout {puts "TESTING ERROR 8\n";exit} | ||
41 | "Default gateway" | ||
42 | } | ||
43 | expect { | ||
44 | timeout {puts "TESTING ERROR 9\n";exit} | ||
45 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
46 | } | ||
47 | sleep 1 | ||
48 | send -- "exit\r" | ||
49 | sleep 1 | ||
50 | |||
51 | send -- "firejail --net=eth0 --net=eth0 --net=eth0 --net=eth0\r" | ||
52 | expect { | ||
53 | timeout {puts "TESTING ERROR 11\n";exit} | ||
54 | "lo" | ||
55 | } | ||
56 | expect { | ||
57 | timeout {puts "TESTING ERROR 12\n";exit} | ||
58 | "127.0.0.1" | ||
59 | } | ||
60 | expect { | ||
61 | timeout {puts "TESTING ERROR 13\n";exit} | ||
62 | "255.0.0.0" | ||
63 | } | ||
64 | expect { | ||
65 | timeout {puts "TESTING ERROR 14\n";exit} | ||
66 | "UP" | ||
67 | } | ||
68 | expect { | ||
69 | timeout {puts "TESTING ERROR 15\n";exit} | ||
70 | "eth0-" | ||
71 | } | ||
72 | expect { | ||
73 | timeout {puts "TESTING ERROR 16\n";exit} | ||
74 | "255.255.255.0" | ||
75 | } | ||
76 | expect { | ||
77 | timeout {puts "TESTING ERROR 17\n";exit} | ||
78 | "UP" | ||
79 | } | ||
80 | expect { | ||
81 | timeout {puts "TESTING ERROR 18\n";exit} | ||
82 | "eth1-" | ||
83 | } | ||
84 | expect { | ||
85 | timeout {puts "TESTING ERROR 19\n";exit} | ||
86 | "255.255.255.0" | ||
87 | } | ||
88 | expect { | ||
89 | timeout {puts "TESTING ERROR 20\n";exit} | ||
90 | "UP" | ||
91 | } | ||
92 | expect { | ||
93 | timeout {puts "TESTING ERROR 5\n";exit} | ||
94 | "eth2-" | ||
95 | } | ||
96 | expect { | ||
97 | timeout {puts "TESTING ERROR 21\n";exit} | ||
98 | "255.255.255.0" | ||
99 | } | ||
100 | expect { | ||
101 | timeout {puts "TESTING ERROR 22\n";exit} | ||
102 | "UP" | ||
103 | } | ||
104 | expect { | ||
105 | timeout {puts "TESTING ERROR 23\n";exit} | ||
106 | "eth3-" | ||
107 | } | ||
108 | expect { | ||
109 | timeout {puts "TESTING ERROR 24\n";exit} | ||
110 | "255.255.255.0" | ||
111 | } | ||
112 | expect { | ||
113 | timeout {puts "TESTING ERROR 25\n";exit} | ||
114 | "UP" | ||
115 | } | ||
116 | expect { | ||
117 | timeout {puts "TESTING ERROR 26\n";exit} | ||
118 | "Default gateway" | ||
119 | } | ||
120 | expect { | ||
121 | timeout {puts "TESTING ERROR 27\n";exit} | ||
122 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
123 | } | ||
124 | sleep 1 | ||
125 | send -- "exit\r" | ||
126 | sleep 1 | ||
127 | |||
128 | send -- "firejail --net=eth0 --ip=10.10.20.1\r" | ||
129 | expect { | ||
130 | timeout {puts "TESTING ERROR 27\n";exit} | ||
131 | "the IP address is not in the interface range" | ||
132 | } | ||
133 | |||
134 | |||
135 | |||
136 | |||
137 | |||
138 | |||
139 | after 100 | ||
140 | |||
141 | puts "\n" | ||
diff --git a/test/network/netfilter-template.exp b/test/network/netfilter-template.exp deleted file mode 100755 index 0a3386965..000000000 --- a/test/network/netfilter-template.exp +++ /dev/null | |||
@@ -1,67 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | |||
11 | send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/blablabla\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "invalid network filter file" | ||
15 | } | ||
16 | sleep 1 | ||
17 | |||
18 | send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/tcpserver.net,5555 ./tcpserver 5555\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 1\n";exit} | ||
21 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
22 | } | ||
23 | sleep 1 | ||
24 | |||
25 | spawn $env(SHELL) | ||
26 | send -- "firejail --netfilter.print=test1\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 1.1\n";exit} | ||
29 | "Chain INPUT" | ||
30 | } | ||
31 | expect { | ||
32 | timeout {puts "TESTING ERROR 1.2\n";exit} | ||
33 | "Chain FORWARD" | ||
34 | } | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 1.3\n";exit} | ||
37 | "Chain OUTPUT" | ||
38 | } | ||
39 | sleep 1 | ||
40 | |||
41 | send -- "telnet 10.10.30.10 5555\r" | ||
42 | expect { | ||
43 | timeout {puts "TESTING ERROR 2\n";exit} | ||
44 | "Connected to 10.10.30.10" | ||
45 | } | ||
46 | sleep 1 | ||
47 | |||
48 | send "sdfklsjadfl;ksadjfl;sdkfj\r" | ||
49 | expect { | ||
50 | timeout {puts "TESTING ERROR 3\n";exit} | ||
51 | "response" | ||
52 | } | ||
53 | expect { | ||
54 | timeout {puts "TESTING ERROR 4\n";exit} | ||
55 | "Connection closed" | ||
56 | } | ||
57 | sleep 1 | ||
58 | |||
59 | send -- "telnet 10.10.30.10 5556\r" | ||
60 | expect { | ||
61 | timeout {puts "OK\n"} | ||
62 | "Connected to 10.10.30.10" {puts "TESTING ERROR 6\n";exit} | ||
63 | "dikasdfjasdjf" | ||
64 | } | ||
65 | |||
66 | after 100 | ||
67 | puts "all done\n" | ||
diff --git a/test/network/netfilter.filter b/test/network/netfilter.filter deleted file mode 100644 index 3e232065c..000000000 --- a/test/network/netfilter.filter +++ /dev/null | |||
@@ -1,6 +0,0 @@ | |||
1 | *filter | ||
2 | :INPUT DROP [0:0] | ||
3 | :FORWARD DROP [0:0] | ||
4 | :OUTPUT ACCEPT [0:0] | ||
5 | -A INPUT -i lo -j ACCEPT | ||
6 | COMMIT | ||
diff --git a/test/network/netfilter.profile b/test/network/netfilter.profile deleted file mode 100644 index 824c6cd0f..000000000 --- a/test/network/netfilter.profile +++ /dev/null | |||
@@ -1 +0,0 @@ | |||
1 | netfilter netfilter.filter | ||
diff --git a/test/network/netns.exp b/test/network/netns.exp deleted file mode 100755 index 048dbfa93..000000000 --- a/test/network/netns.exp +++ /dev/null | |||
@@ -1,34 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --netns=red --noprofile\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 1\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | after 100 | ||
16 | |||
17 | send -- "ip link show\r" | ||
18 | expect { | ||
19 | timeout {puts "TESTING ERROR 2\n";exit} | ||
20 | "LOOPBACK" | ||
21 | } | ||
22 | expect { | ||
23 | timeout {puts "TESTING ERROR 3\n";exit} | ||
24 | "DOWN" | ||
25 | } | ||
26 | expect { | ||
27 | timeout {puts "TESTING ERROR 4\n";exit} | ||
28 | "link/loopback" | ||
29 | } | ||
30 | after 100 | ||
31 | send -- "exit\r" | ||
32 | after 100 | ||
33 | |||
34 | puts "all done\n" | ||
diff --git a/test/network/netstats.exp b/test/network/netstats.exp deleted file mode 100755 index a41acac68..000000000 --- a/test/network/netstats.exp +++ /dev/null | |||
@@ -1,38 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --net=eth0 --name=test1\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 9\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | |||
17 | spawn $env(SHELL) | ||
18 | send -- "firejail --net=eth0 --name=test2\r" | ||
19 | expect { | ||
20 | timeout {puts "TESTING ERROR 9\n";exit} | ||
21 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
22 | } | ||
23 | sleep 1 | ||
24 | |||
25 | spawn $env(SHELL) | ||
26 | send -- "firejail --netstats\r" | ||
27 | sleep 4 | ||
28 | expect { | ||
29 | timeout {puts "TESTING ERROR 9\n";exit} | ||
30 | "name=test1" | ||
31 | } | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 9\n";exit} | ||
34 | "name=test2" | ||
35 | } | ||
36 | after 100 | ||
37 | |||
38 | puts "\n" | ||
diff --git a/test/network/network.sh b/test/network/network.sh index 6bb8332ee..319927493 100755 --- a/test/network/network.sh +++ b/test/network/network.sh | |||
@@ -10,9 +10,6 @@ export LC_ALL=C | |||
10 | sudo brctl addbr br0 | 10 | sudo brctl addbr br0 |
11 | sudo ip link set br0 up | 11 | sudo ip link set br0 up |
12 | sudo ip addr add 10.10.20.1/24 dev br0 | 12 | sudo ip addr add 10.10.20.1/24 dev br0 |
13 | sudo brctl addbr br1 | ||
14 | sudo ip link set br1 up | ||
15 | sudo ip addr add 10.10.30.1/24 dev br1 | ||
16 | ip addr show | 13 | ip addr show |
17 | 14 | ||
18 | echo "TESTING: no network (net_none.exp)" | 15 | echo "TESTING: no network (net_none.exp)" |
@@ -24,92 +21,14 @@ echo "TESTING: network IP (net_ip.exp)" | |||
24 | echo "TESTING: network MAC (net_mac.exp)" | 21 | echo "TESTING: network MAC (net_mac.exp)" |
25 | ./net_mac.exp | 22 | ./net_mac.exp |
26 | 23 | ||
24 | echo "TESTING: network scan (net_scan.exp)" | ||
25 | ./net_scan.exp | ||
27 | 26 | ||
27 | echo "TESTING: netfilter (net_netfilter.exp)" | ||
28 | ./net_netfilter.exp | ||
28 | 29 | ||
29 | #echo "TESTING: unconfigured network (net_unconfigured.exp)" | 30 | echo "TESTING: print dns (dns-print.exp)" |
30 | #./net_unconfigured.exp | 31 | ./dns-print.exp |
31 | # | 32 | |
32 | #echo "TESTING: netfilter template (netfilter-template.exp)" | 33 | sudo ip link set br0 down |
33 | #rm -f ./tcpserver | 34 | sudo brctl delbr br0 |
34 | #gcc -o tcpserver tcpserver.c | ||
35 | #./netfilter-template.exp | ||
36 | #rm ./tcpserver | ||
37 | # | ||
38 | #echo "TESTING: firemon interface (firemon-interfaces.exp)" | ||
39 | #sudo ./firemon-interfaces.exp | ||
40 | # | ||
41 | #echo "TESTING: netns (netns.exp)" | ||
42 | #./netns.exp | ||
43 | # | ||
44 | #echo "TESTING: print dns (dns-print.exp)" | ||
45 | #./dns-print.exp | ||
46 | # | ||
47 | #echo "TESTING: firemon arp (firemon-arp.exp)" | ||
48 | #./firemon-arp.exp | ||
49 | # | ||
50 | #echo "TESTING: firemon netstats (netstats.exp)" | ||
51 | #./netstats.exp | ||
52 | # | ||
53 | #echo "TESTING: firemon route (firemon-route.exp)" | ||
54 | #./firemon-route.exp | ||
55 | # | ||
56 | #echo "TESTING: network profile (net_profile.exp)" | ||
57 | #./net_profile.exp | ||
58 | # | ||
59 | #echo "TESTING: bandwidth (bandwidth.exp)" | ||
60 | #./bandwidth.exp | ||
61 | # | ||
62 | #echo "TESTING: IPv6 support (ip6.exp)" | ||
63 | #./ip6.exp | ||
64 | # | ||
65 | #echo "TESTING: local network (net_local.exp)" | ||
66 | #./net_local.exp | ||
67 | # | ||
68 | # | ||
69 | #echo "TESTING: network MTU (net_mtu.exp)" | ||
70 | #./net_mtu.exp | ||
71 | # | ||
72 | #echo "TESTING: network bad IP (net_badip.exp)" | ||
73 | #./net_badip.exp | ||
74 | # | ||
75 | #echo "TESTING: network no IP test 1 (net_noip.exp)" | ||
76 | #./net_noip.exp | ||
77 | # | ||
78 | #echo "TESTING: network no IP test 2 (net_noip2.exp)" | ||
79 | #./net_noip2.exp | ||
80 | # | ||
81 | #echo "TESTING: network default gateway test 1 (net_defaultgw.exp)" | ||
82 | #./net_defaultgw.exp | ||
83 | # | ||
84 | #echo "TESTING: network default gateway test 2 (net_defaultgw2.exp)" | ||
85 | #./net_defaultgw2.exp | ||
86 | # | ||
87 | #echo "TESTING: network default gateway test 3 (net_defaultgw3.exp)" | ||
88 | #./net_defaultgw3.exp | ||
89 | # | ||
90 | #echo "TESTING: scan (net_scan.exp)" | ||
91 | #./net_scan.exp | ||
92 | # | ||
93 | #echo "TESTING: interface (interface.exp)" | ||
94 | #./interface.exp | ||
95 | # | ||
96 | #echo "TESTING: veth (net_veth.exp)" | ||
97 | #./net_veth.exp | ||
98 | # | ||
99 | #echo "TESTING: netfilter (net_netfilter.exp)" | ||
100 | #./net_netfilter.exp | ||
101 | # | ||
102 | #echo "TESTING: iprange (iprange.exp)" | ||
103 | #./iprange.exp | ||
104 | # | ||
105 | #echo "TESTING: veth-name (veth-name.exp)" | ||
106 | #./veth-name.exp | ||
107 | # | ||
108 | #echo "TESTING: macvlan2 (net_macvlan2.exp)" | ||
109 | #./net_macvlan2.exp | ||
110 | # | ||
111 | #echo "TESTING: 4 bridges ARP (4bridges_arp.exp)" | ||
112 | #./4bridges_arp.exp | ||
113 | # | ||
114 | #echo "TESTING: 4 bridges IP (4bridges_ip.exp)" | ||
115 | #./4bridges_ip.exp | ||
diff --git a/test/network/tcpserver.c b/test/network/tcpserver.c deleted file mode 100644 index 639fbf868..000000000 --- a/test/network/tcpserver.c +++ /dev/null | |||
@@ -1,108 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2023 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | #include <stdio.h> | ||
21 | #include <stdlib.h> | ||
22 | #include <unistd.h> | ||
23 | #include <netdb.h> | ||
24 | #include <netinet/in.h> | ||
25 | #include <string.h> | ||
26 | |||
27 | |||
28 | int main(int argc, char **argv) { | ||
29 | int fd, newfd, client_len; | ||
30 | struct sockaddr_in serv_addr, client_addr; | ||
31 | int n, pid; | ||
32 | |||
33 | if (argc < 2) { | ||
34 | printf("Usage: ./server port-number\n"); | ||
35 | return 1; | ||
36 | } | ||
37 | int portno = atoi(argv[1]); | ||
38 | |||
39 | // init socket | ||
40 | fd = socket(AF_INET, SOCK_STREAM, 0); | ||
41 | if (fd < 0) { | ||
42 | perror("ERROR opening socket"); | ||
43 | return 1; | ||
44 | } | ||
45 | |||
46 | // Initialize socket structure | ||
47 | memset(&serv_addr, 0, sizeof(serv_addr)); | ||
48 | |||
49 | serv_addr.sin_family = AF_INET; | ||
50 | serv_addr.sin_addr.s_addr = INADDR_ANY; | ||
51 | serv_addr.sin_port = htons(portno); | ||
52 | |||
53 | // bind | ||
54 | if (bind(fd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) { | ||
55 | perror("bind"); | ||
56 | return 1; | ||
57 | } | ||
58 | |||
59 | // listen - 5 pending conncections | ||
60 | if (listen(fd, 5) < 0) { | ||
61 | perror("listen"); | ||
62 | return 1; | ||
63 | } | ||
64 | client_len = sizeof(client_addr); | ||
65 | |||
66 | while (1) { | ||
67 | newfd = accept(fd, (struct sockaddr *) &client_addr, &client_len); | ||
68 | |||
69 | if (newfd < 0) { | ||
70 | perror("accept"); | ||
71 | return 1; | ||
72 | } | ||
73 | |||
74 | /* Create child process */ | ||
75 | pid = fork(); | ||
76 | |||
77 | if (pid < 0) { | ||
78 | perror("fork"); | ||
79 | return 1; | ||
80 | } | ||
81 | |||
82 | if (pid == 0) { | ||
83 | // child | ||
84 | close(fd); | ||
85 | #define MAXBUF 4096 | ||
86 | char buf[MAXBUF]; | ||
87 | memset(buf, 0, MAXBUF); | ||
88 | |||
89 | int rcv = read(newfd, buf, MAXBUF - 1); | ||
90 | if (rcv < 0) { | ||
91 | perror("read"); | ||
92 | exit(1); | ||
93 | } | ||
94 | |||
95 | int sent = write(newfd, "response\n", 9); | ||
96 | if (sent < 9) { | ||
97 | perror("write"); | ||
98 | return 1; | ||
99 | } | ||
100 | |||
101 | exit(0); | ||
102 | } | ||
103 | else | ||
104 | close(newfd); | ||
105 | } | ||
106 | |||
107 | return 0; | ||
108 | } | ||
diff --git a/test/network/veth-name.exp b/test/network/veth-name.exp deleted file mode 100755 index 14ab27850..000000000 --- a/test/network/veth-name.exp +++ /dev/null | |||
@@ -1,76 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | # | ||
11 | send -- "firejail --net=br1 --ip=10.10.30.50 --veth-name=blablabla\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 0\n";exit} | ||
14 | "eth0" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 1\n";exit} | ||
18 | "10.10.30.50" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 2\n";exit} | ||
22 | "255.255.255.0" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
27 | } | ||
28 | sleep 1 | ||
29 | |||
30 | spawn $env(SHELL) | ||
31 | send -- "ip link show\r" | ||
32 | expect { | ||
33 | timeout {puts "TESTING ERROR 4\n";exit} | ||
34 | "blablabla" | ||
35 | } | ||
36 | expect { | ||
37 | timeout {puts "TESTING ERROR 5\n";exit} | ||
38 | "master br1 state UP" | ||
39 | } | ||
40 | sleep 1 | ||
41 | |||
42 | |||
43 | send -- "firejail --profile=veth-name.profile\r" | ||
44 | expect { | ||
45 | timeout {puts "TESTING ERROR 6\n";exit} | ||
46 | "eth0" | ||
47 | } | ||
48 | expect { | ||
49 | timeout {puts "TESTING ERROR 7\n";exit} | ||
50 | "10.10.60.51" | ||
51 | } | ||
52 | expect { | ||
53 | timeout {puts "TESTING ERROR 8\n";exit} | ||
54 | "255.255.255.0" | ||
55 | } | ||
56 | expect { | ||
57 | timeout {puts "TESTING ERROR 9\n";exit} | ||
58 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
59 | } | ||
60 | sleep 1 | ||
61 | |||
62 | spawn $env(SHELL) | ||
63 | send -- "ip link show\r" | ||
64 | expect { | ||
65 | timeout {puts "TESTING ERROR 10\n";exit} | ||
66 | "bingo" | ||
67 | } | ||
68 | expect { | ||
69 | timeout {puts "TESTING ERROR 11\n";exit} | ||
70 | "master br4 state UP" | ||
71 | } | ||
72 | sleep 1 | ||
73 | |||
74 | |||
75 | after 100 | ||
76 | puts "\nall done\n" | ||
diff --git a/test/network/veth-name.profile b/test/network/veth-name.profile deleted file mode 100644 index f00a74d63..000000000 --- a/test/network/veth-name.profile +++ /dev/null | |||
@@ -1,3 +0,0 @@ | |||
1 | net br4 | ||
2 | ip 10.10.60.51 | ||
3 | veth-name bingo | ||