aboutsummaryrefslogtreecommitdiffstats
path: root/test
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@protonmail.com>2023-03-02 10:34:03 -0500
committerLibravatar netblue30 <netblue30@protonmail.com>2023-03-02 10:34:03 -0500
commit336ecb5d651f22e5a3722ead843181a86dcc066d (patch)
treee733078e8b3ae1c6d0d7e236911c0f12ae556baa /test
parentgajim: allow loading plugins (#5705) (diff)
downloadfirejail-336ecb5d651f22e5a3722ead843181a86dcc066d.tar.gz
firejail-336ecb5d651f22e5a3722ead843181a86dcc066d.tar.zst
firejail-336ecb5d651f22e5a3722ead843181a86dcc066d.zip
network testing; merges
Diffstat (limited to 'test')
-rwxr-xr-xtest/network/4bridges_arp.exp177
-rwxr-xr-xtest/network/4bridges_ip.exp181
-rw-r--r--test/network/README14
-rwxr-xr-xtest/network/bandwidth.exp68
-rwxr-xr-xtest/network/dns-print.exp12
-rwxr-xr-xtest/network/firemon-arp.exp53
-rwxr-xr-xtest/network/firemon-interfaces.exp66
-rwxr-xr-xtest/network/firemon-route.exp52
-rwxr-xr-xtest/network/interface.exp63
-rwxr-xr-xtest/network/ip6.exp100
-rw-r--r--test/network/ip6.profile3
-rwxr-xr-xtest/network/iprange.exp102
-rw-r--r--test/network/iprange.profile2
-rw-r--r--test/network/ipv6.net8
-rw-r--r--test/network/net-profile.profile9
-rwxr-xr-xtest/network/net_arp.exp74
-rwxr-xr-xtest/network/net_badip.exp18
-rwxr-xr-xtest/network/net_defaultgw.exp50
-rwxr-xr-xtest/network/net_defaultgw2.exp45
-rwxr-xr-xtest/network/net_defaultgw3.exp20
-rwxr-xr-xtest/network/net_ip.exp36
-rwxr-xr-xtest/network/net_local.exp49
-rwxr-xr-xtest/network/net_macvlan2.exp42
-rwxr-xr-xtest/network/net_mtu.exp34
-rwxr-xr-xtest/network/net_netfilter.exp77
-rwxr-xr-xtest/network/net_noip.exp48
-rwxr-xr-xtest/network/net_noip2.exp47
-rwxr-xr-xtest/network/net_none.exp2
-rwxr-xr-xtest/network/net_profile.exp78
-rwxr-xr-xtest/network/net_scan.exp18
-rwxr-xr-xtest/network/net_unconfigured.exp244
-rwxr-xr-xtest/network/net_veth.exp141
-rwxr-xr-xtest/network/netfilter-template.exp67
-rw-r--r--test/network/netfilter.filter6
-rw-r--r--test/network/netfilter.profile1
-rwxr-xr-xtest/network/netns.exp34
-rwxr-xr-xtest/network/netstats.exp38
-rwxr-xr-xtest/network/network.sh99
-rw-r--r--test/network/tcpserver.c108
-rwxr-xr-xtest/network/veth-name.exp76
-rw-r--r--test/network/veth-name.profile3
41 files changed, 64 insertions, 2301 deletions
diff --git a/test/network/4bridges_arp.exp b/test/network/4bridges_arp.exp
deleted file mode 100755
index ca326320a..000000000
--- a/test/network/4bridges_arp.exp
+++ /dev/null
@@ -1,177 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check eth0
11send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r"
12expect {
13 timeout {puts "TESTING ERROR 0.0\n";exit}
14 "eth0"
15}
16expect {
17 timeout {puts "TESTING ERROR 0.1\n";exit}
18 "10.10.20"
19}
20expect {
21 timeout {puts "TESTING ERROR 0.2\n";exit}
22 "255.255.255.248"
23}
24expect {
25 timeout {puts "TESTING ERROR 0.3\n";exit}
26 "UP"
27}
28expect {
29 timeout {puts "TESTING ERROR 0.4\n";exit}
30 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
31}
32sleep 1
33send -- "exit\r"
34sleep 1
35
36# check eth1
37send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r"
38expect {
39 timeout {puts "TESTING ERROR 1.0\n";exit}
40 "eth1"
41}
42expect {
43 timeout {puts "TESTING ERROR 1.1\n";exit}
44 "10.10.30"
45}
46expect {
47 timeout {puts "TESTING ERROR 1.2\n";exit}
48 "255.255.255.0"
49}
50expect {
51 timeout {puts "TESTING ERROR 1.3\n";exit}
52 "UP"
53}
54expect {
55 timeout {puts "TESTING ERROR 1.4\n";exit}
56 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
57}
58sleep 1
59send -- "exit\r"
60sleep 1
61
62
63# check eth2
64send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r"
65expect {
66 timeout {puts "TESTING ERROR 2.0\n";exit}
67 "eth2"
68}
69expect {
70 timeout {puts "TESTING ERROR 2.1\n";exit}
71 "10.10.40"
72}
73expect {
74 timeout {puts "TESTING ERROR 2.2\n";exit}
75 "255.255.255.0"
76}
77expect {
78 timeout {puts "TESTING ERROR 2.3\n";exit}
79 "UP"
80}
81expect {
82 timeout {puts "TESTING ERROR 2.4\n";exit}
83 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
84}
85sleep 1
86send -- "exit\r"
87sleep 1
88
89
90
91# check eth3
92send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r"
93expect {
94 timeout {puts "TESTING ERROR 3.0\n";exit}
95 "eth3"
96}
97expect {
98 timeout {puts "TESTING ERROR 3.1\n";exit}
99 "10.10.50"
100}
101expect {
102 timeout {puts "TESTING ERROR 3.2\n";exit}
103 "255.255.255.0"
104}
105expect {
106 timeout {puts "TESTING ERROR 3.3\n";exit}
107 "UP"
108}
109expect {
110 timeout {puts "TESTING ERROR 4\n";exit}
111 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
112}
113sleep 1
114send -- "exit\r"
115sleep 1
116
117
118
119
120# check loopback
121send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3 --protocol=unix,inet,netlink\r"
122expect {
123 timeout {puts "TESTING ERROR 5\n";exit}
124 "lo"
125}
126expect {
127 timeout {puts "TESTING ERROR 6\n";exit}
128 "127.0.0.1"
129}
130expect {
131 timeout {puts "TESTING ERROR 7\n";exit}
132 "255.0.0.0"
133}
134expect {
135 timeout {puts "TESTING ERROR 8\n";exit}
136 "UP"
137}
138expect {
139 timeout {puts "TESTING ERROR 9\n";exit}
140 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
141}
142sleep 1
143
144# check default gateway
145send -- "ip route show\r"
146expect {
147 timeout {puts "TESTING ERROR 10.1\n";exit}
148 "default via 10.10.20.1 dev eth0"
149}
150send -- "ip route show\r"
151expect {
152 timeout {puts "TESTING ERROR 10.2\n";exit}
153 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";}
154 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";}
155}
156send -- "ip route show\r"
157expect {
158 timeout {puts "TESTING ERROR 10.2\n";exit}
159 "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "old iproute2\n";}
160 "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "new iproute2\n";}
161}
162send -- "ip route show\r"
163expect {
164 timeout {puts "TESTING ERROR 10.2\n";exit}
165 "10.10.40.0/24 dev eth2 proto kernel scope link" {puts "old iproute2\n";}
166 "10.10.40.0/24 dev eth2 proto kernel scope link" {puts "new iproute2\n";}
167}
168send -- "ip route show\r"
169expect {
170 timeout {puts "TESTING ERROR 10.2\n";exit}
171 "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "old iproute2\n";}
172 "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "new iproute2\n";}
173}
174send -- "exit\r"
175after 100
176
177puts "\nall done\n"
diff --git a/test/network/4bridges_ip.exp b/test/network/4bridges_ip.exp
deleted file mode 100755
index 135b1121c..000000000
--- a/test/network/4bridges_ip.exp
+++ /dev/null
@@ -1,181 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check eth0
11send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r"
12expect {
13 timeout {puts "TESTING ERROR 0.0\n";exit}
14 "eth0"
15}
16expect {
17 timeout {puts "TESTING ERROR 0.1\n";exit}
18 "10.10.20"
19}
20expect {
21 timeout {puts "TESTING ERROR 0.2\n";exit}
22 "255.255.255.248"
23}
24expect {
25 timeout {puts "TESTING ERROR 0.3\n";exit}
26 "UP"
27}
28expect {
29 timeout {puts "TESTING ERROR 0.4\n";exit}
30 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
31}
32sleep 1
33send -- "exit\r"
34sleep 1
35
36# check eth1
37send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r"
38expect {
39 timeout {puts "TESTING ERROR 1.0\n";exit}
40 "eth1"
41}
42expect {
43 timeout {puts "TESTING ERROR 1.1\n";exit}
44 "10.10.30.50"
45}
46expect {
47 timeout {puts "TESTING ERROR 1.2\n";exit}
48 "255.255.255.0"
49}
50expect {
51 timeout {puts "TESTING ERROR 1.3\n";exit}
52 "UP"
53}
54expect {
55 timeout {puts "TESTING ERROR 1.4\n";exit}
56 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
57}
58sleep 1
59send -- "exit\r"
60sleep 1
61
62
63# check eth2
64send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r"
65expect {
66 timeout {puts "TESTING ERROR 2.0\n";exit}
67 "eth2"
68}
69expect {
70 timeout {puts "TESTING ERROR 2.1\n";exit}
71 "10.10.40.100"
72}
73expect {
74 timeout {puts "TESTING ERROR 2.2\n";exit}
75 "255.255.255.0"
76}
77expect {
78 timeout {puts "TESTING ERROR 2.3\n";exit}
79 "UP"
80}
81expect {
82 timeout {puts "TESTING ERROR 2.4\n";exit}
83 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
84}
85sleep 1
86send -- "exit\r"
87sleep 1
88
89
90
91# check eth3
92send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r"
93expect {
94 timeout {puts "TESTING ERROR 3.0\n";exit}
95 "eth3"
96}
97expect {
98 timeout {puts "TESTING ERROR 3.1\n";exit}
99 "10.10.50"
100}
101expect {
102 timeout {puts "TESTING ERROR 3.2\n";exit}
103 "255.255.255.0"
104}
105expect {
106 timeout {puts "TESTING ERROR 3.3\n";exit}
107 "UP"
108}
109expect {
110 timeout {puts "TESTING ERROR 4\n";exit}
111 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
112}
113sleep 1
114send -- "exit\r"
115sleep 1
116
117
118
119
120# check loopback
121send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3 --protocol=unix,inet,netlink\r"
122expect {
123 timeout {puts "TESTING ERROR 5\n";exit}
124 "lo"
125}
126expect {
127 timeout {puts "TESTING ERROR 6\n";exit}
128 "127.0.0.1"
129}
130expect {
131 timeout {puts "TESTING ERROR 7\n";exit}
132 "255.0.0.0"
133}
134expect {
135 timeout {puts "TESTING ERROR 8\n";exit}
136 "UP"
137}
138expect {
139 timeout {puts "TESTING ERROR 9\n";exit}
140 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
141}
142
143# check default gateway
144send -- "ip route show\r"
145expect {
146 timeout {puts "TESTING ERROR 10.1\n";exit}
147 "default via 10.10.20.1 dev eth0"
148}
149
150send -- "ip route show\r"
151expect {
152 timeout {puts "TESTING ERROR 10.2\n";exit}
153 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";}
154 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";}
155}
156
157send -- "ip route show\r"
158expect {
159 timeout {puts "TESTING ERROR 10.3\n";exit}
160 "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "old iproute2\n";}
161 "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "new iproute2\n";}
162}
163
164send -- "ip route show\r"
165expect {
166 timeout {puts "TESTING ERROR 10.4\n";exit}
167 "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "old iproute2\n";}
168 "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "new iproute2\n";}
169}
170
171send -- "ip route show\r"
172expect {
173 timeout {puts "TESTING ERROR 10.5\n";exit}
174 "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "old iproute2\n";}
175 "10.10.50.0/24 dev eth3 proto kernel scope link" {puts "new iproute2\n";}
176}
177
178send -- "exit\r"
179after 100
180
181puts "\nall done\n"
diff --git a/test/network/README b/test/network/README
deleted file mode 100644
index 1e215b41e..000000000
--- a/test/network/README
+++ /dev/null
@@ -1,14 +0,0 @@
1Warning: this test requires root access to configure a number of bridge, mac
2and vlan devices. Please take a look at configure file. By the time you are
3finished testing, you'll probably have to reboot the computer to get your
4networking subsystem back to normal.
5
6Limitations - to be investigated and fixed:
7 - the test is assuming an eth0 wired interface to be present
8 - using netstat and ifconfig - this needs to be moved to iproute2
9 - configure script inserts an entry in system netfilter configuration
10 - the test will probably not work on grsecurity settings
11 - macvlan interfaces don't seem to work correctly under VirtualBox
12
13Run the test:
14 $ ./network.sh | grep TESTING
diff --git a/test/network/bandwidth.exp b/test/network/bandwidth.exp
deleted file mode 100755
index ef68165b7..000000000
--- a/test/network/bandwidth.exp
+++ /dev/null
@@ -1,68 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --name=test --net=br0\r"
11expect {
12 timeout {puts "TESTING ERROR 0\n";exit}
13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14}
15sleep 1
16
17spawn $env(SHELL)
18send -- "firejail --bandwidth=test status\r"
19expect {
20 timeout {puts "TESTING ERROR 1\n";exit}
21 "qdisc * 0: dev eth0"
22}
23sleep 1
24
25send -- "firejail --bandwidth=test set br0 50 10\r"
26expect {
27 timeout {puts "TESTING ERROR 2\n";exit}
28 "Configuring interface eth0"
29}
30expect {
31 timeout {puts "TESTING ERROR 3\n";exit}
32 "configuring tc ingress"
33}
34expect {
35 timeout {puts "TESTING ERROR 4\n";exit}
36 "configuring tc egress"
37}
38
39send -- "firejail --bandwidth=test status\r"
40expect {
41 timeout {puts "TESTING ERROR 5\n";exit}
42 "dev eth0"
43}
44expect {
45 timeout {puts "TESTING ERROR 6\n";exit}
46 "rate 80Kbit burst 10Kb"
47}
48sleep 1
49
50send -- "firejail --bandwidth=test clear br0\r"
51expect {
52 timeout {puts "TESTING ERROR 7\n";exit}
53 "Removing bandwidth limits"
54}
55sleep 1
56
57send -- "stty -echo\r"
58after 100
59
60send -- "firejail --bandwidth=test status; echo done\r"
61expect {
62 timeout {puts "TESTING ERROR 8\n";exit}
63 "rate 80Kbit burst 10Kb" {puts "TESTING ERROR 9\n";exit}
64 "done"
65}
66after 100
67
68puts "\nall done\n"
diff --git a/test/network/dns-print.exp b/test/network/dns-print.exp
index 769d5431c..7d3da8ace 100755
--- a/test/network/dns-print.exp
+++ b/test/network/dns-print.exp
@@ -7,17 +7,17 @@ set timeout 10
7spawn $env(SHELL) 7spawn $env(SHELL)
8match_max 100000 8match_max 100000
9 9
10send -- "firejail --name=test-dns --net=eth0 --dns=1.2.3.4 --dns=2.3.4.5 --dns=3.4.5.6\r" 10send -- "firejail --name=test --net=br0 --dns=1.2.3.4 --dns=2.3.4.5 --dns=3.4.5.6\r"
11expect { 11expect {
12 timeout {puts "TESTING ERROR 1\n";exit} 12 timeout {puts "TESTING ERROR 0\n";exit}
13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" 13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14} 14}
15sleep 1 15sleep 1
16 16
17spawn $env(SHELL) 17spawn $env(SHELL)
18send -- "firejail --dns.print=test-dns\r" 18send -- "firejail --dns.print=test\r"
19expect { 19expect {
20 timeout {puts "TESTING ERROR 2\n";exit} 20 timeout {puts "TESTING ERROR 1\n";exit}
21 "nameserver 1.2.3.4" 21 "nameserver 1.2.3.4"
22} 22}
23expect { 23expect {
@@ -25,10 +25,10 @@ expect {
25 "nameserver 2.3.4.5" 25 "nameserver 2.3.4.5"
26} 26}
27expect { 27expect {
28 timeout {puts "TESTING ERROR 2\n";exit} 28 timeout {puts "TESTING ERROR 3\n";exit}
29 "nameserver 3.4.5.6" 29 "nameserver 3.4.5.6"
30} 30}
31 31
32after 100 32after 500
33 33
34puts "\nall done\n" 34puts "\nall done\n"
diff --git a/test/network/firemon-arp.exp b/test/network/firemon-arp.exp
deleted file mode 100755
index 858c4a729..000000000
--- a/test/network/firemon-arp.exp
+++ /dev/null
@@ -1,53 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10#send -- "ping -c 3 192.168.1.1\r"
11#expect {
12# timeout {puts "TESTING ERROR 0\n";exit}
13# "3 packets transmitted"
14#}
15#sleep 1
16
17send -- "firejail --name=test1\r"
18expect {
19 timeout {puts "TESTING ERROR 1\n";exit}
20 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
21}
22sleep 1
23
24spawn $env(SHELL)
25send -- "firejail --name=test2\r"
26expect {
27 timeout {puts "TESTING ERROR 2\n";exit}
28 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
29}
30sleep 1
31
32spawn $env(SHELL)
33send -- "firemon --arp\r"
34expect {
35 timeout {puts "TESTING ERROR 3\n";exit}
36 "name=test1"
37}
38expect {
39 timeout {puts "TESTING ERROR 4\n";exit}
40 "192.168.1.1 dev eth0 lladdr" {puts "Debian testing\n";}
41 "192.168.1.1 dev enp0s3 lladdr" {puts "Centos 7 testing\n";}
42}
43expect {
44 timeout {puts "TESTING ERROR 5\n";exit}
45 "REACHABLE"
46}
47expect {
48 timeout {puts "TESTING ERROR 6\n";exit}
49 "name=test2"
50}
51after 100
52
53puts "\nall done\n"
diff --git a/test/network/firemon-interfaces.exp b/test/network/firemon-interfaces.exp
deleted file mode 100755
index 47e540cc5..000000000
--- a/test/network/firemon-interfaces.exp
+++ /dev/null
@@ -1,66 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --net=eth0 --name=test1\r"
11expect {
12 timeout {puts "TESTING ERROR 9\n";exit}
13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14}
15sleep 1
16
17spawn $env(SHELL)
18send -- "firejail --net=eth0 --name=test2\r"
19expect {
20 timeout {puts "TESTING ERROR 9\n";exit}
21 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
22}
23sleep 1
24
25spawn $env(SHELL)
26send -- "firemon --interface\r"
27expect {
28 timeout {puts "TESTING ERROR 9\n";exit}
29 "Link status"
30}
31expect {
32 timeout {puts "TESTING ERROR 9\n";exit}
33 "lo UP"
34}
35expect {
36 timeout {puts "TESTING ERROR 9\n";exit}
37 "eth0-"
38}
39expect {
40 timeout {puts "TESTING ERROR 9\n";exit}
41 "IPv4 status"
42}
43expect {
44 timeout {puts "TESTING ERROR 9\n";exit}
45 "lo UP"
46}
47expect {
48 timeout {puts "TESTING ERROR 9\n";exit}
49 "eth0-"
50}
51expect {
52 timeout {puts "TESTING ERROR 9\n";exit}
53 "IPv6 status"
54}
55expect {
56 timeout {puts "TESTING ERROR 9\n";exit}
57 "lo UP"
58}
59expect {
60 timeout {puts "TESTING ERROR 9\n";exit}
61 "eth0-"
62}
63
64after 100
65
66puts "\n"
diff --git a/test/network/firemon-route.exp b/test/network/firemon-route.exp
deleted file mode 100755
index 69cccfeae..000000000
--- a/test/network/firemon-route.exp
+++ /dev/null
@@ -1,52 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --name=test1\r"
11expect {
12 timeout {puts "TESTING ERROR 0\n";exit}
13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14}
15sleep 1
16
17spawn $env(SHELL)
18send -- "firejail --name=test2\r"
19expect {
20 timeout {puts "TESTING ERROR 1\n";exit}
21 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
22}
23sleep 1
24
25spawn $env(SHELL)
26send -- "firemon --route\r"
27expect {
28 timeout {puts "TESTING ERROR 2\n";exit}
29 "name=test1"
30}
31expect {
32 timeout {puts "TESTING ERROR 3\n";exit}
33 "0.0.0.0/0 via 192.168.1.1, dev eth0, metric 0" {puts "Debian testing\n";}
34 "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 1024" {puts "Centos 7 testing\n";}
35 "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 0" {puts "OpenSUSE testing\n";}
36 "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 100" {puts "Arch testing\n";}
37}
38expect {
39 timeout {puts "TESTING ERROR 4\n";exit}
40 "10.10.30.0/24, dev br1, scope link src 10.10.30.1"
41}
42expect {
43 timeout {puts "TESTING ERROR 5\n";exit}
44 "10.10.50.0/24, dev br3, scope link src 10.10.50.1"
45}
46expect {
47 timeout {puts "TESTING ERROR 6\n";exit}
48 "name=test2"
49}
50after 100
51
52puts "\nalldone\n"
diff --git a/test/network/interface.exp b/test/network/interface.exp
deleted file mode 100755
index 2bcc6e88b..000000000
--- a/test/network/interface.exp
+++ /dev/null
@@ -1,63 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5#
6# interface
7#
8
9set timeout 10
10spawn $env(SHELL)
11match_max 100000
12set overlay [lindex $argv 0]
13set chroot [lindex $argv 1]
14
15#
16# N
17#
18# todo: seems to be unable to find interface eth0.7
19#send -- "firejail --noprofile --interface=eth0.5 --interface=eth0.6 --interface=eth0.7\r"
20send -- "firejail --noprofile --interface=eth0.5 --interface=eth0.6\r"
21expect {
22 timeout {puts "TESTING ERROR 0\n";exit}
23 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
24}
25sleep 1
26
27send -- "/sbin/ifconfig\r"
28expect {
29 timeout {puts "TESTING ERROR 1\n";exit}
30 "eth0.5"
31}
32expect {
33 timeout {puts "TESTING ERROR 2\n";exit}
34 "Link" {puts "old net-tools\n";}
35 "flags" {puts "new net-tools\n";}
36}
37expect {
38 timeout {puts "TESTING ERROR 3\n";exit}
39 "10.10.205.10"
40}
41after 100
42
43send -- "/sbin/ifconfig\r"
44expect {
45 timeout {puts "TESTING ERROR 5\n";exit}
46 "eth0.6"
47}
48expect {
49 timeout {puts "TESTING ERROR 6\n";exit}
50 "Link" {puts "old net-tools\n";}
51 "flags" {puts "new net-tools\n";}
52}
53expect {
54 timeout {puts "TESTING ERROR 7\n";exit}
55 "10.10.206.10"
56}
57after 100
58
59send -- "exit\r"
60sleep 1
61
62
63puts "\nall done\n"
diff --git a/test/network/ip6.exp b/test/network/ip6.exp
deleted file mode 100755
index 1f6581ae4..000000000
--- a/test/network/ip6.exp
+++ /dev/null
@@ -1,100 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --debug --noprofile --net=br0 --ip6=2001:0db8:0:f101::1/64 --netfilter6=ipv6.net\r"
11expect {
12 timeout {puts "TESTING ERROR 0\n";exit}
13 "Installing IPv6 firewall"
14}
15expect {
16 timeout {puts "TESTING ERROR 1\n";exit}
17 "DROP"
18}
19expect {
20 timeout {puts "TESTING ERROR 2\n";exit}
21 "unable to initialize table 'filter'" {puts "\nTESTING SKIP 2: no IPv6 support\n"; exit}
22 "2001:db8:1f0a:3ec::2"
23}
24expect {
25 timeout {puts "TESTING ERROR 3\n";exit}
26 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
27}
28sleep 2
29
30send -- "/sbin/ifconfig\r"
31expect {
32 timeout {puts "TESTING ERROR 4\n";exit}
33 "inet6"
34}
35expect {
36 timeout {puts "TESTING ERROR 5\n";exit}
37 "2001:db8:0:f101::1"
38}
39expect {
40 timeout {puts "TESTING ERROR 6\n";exit}
41 "Scope:Global" { puts "Debian\n"}
42 "scopeid 0x0<global>" { puts "Arch\n"}
43}
44
45send -- "exit\r"
46sleep 2
47
48
49
50
51send -- "firejail --debug --profile=ip6.profile\r"
52expect {
53 timeout {puts "TESTING ERROR 10\n";exit}
54 "Installing IPv6 firewall"
55}
56expect {
57 timeout {puts "TESTING ERROR 11\n";exit}
58 "DROP"
59}
60expect {
61 timeout {puts "TESTING ERROR 12\n";exit}
62 "unable to initialize table 'filter'" {puts "\nTESTING SKIP 2: no IPv6 support\n"; exit}
63 "2001:db8:1f0a:3ec::2"
64}
65expect {
66 timeout {puts "TESTING ERROR 13\n";exit}
67 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
68}
69sleep 2
70
71send -- "/sbin/ifconfig\r"
72expect {
73 timeout {puts "TESTING ERROR 14\n";exit}
74 "inet6"
75}
76expect {
77 timeout {puts "TESTING ERROR 15\n";exit}
78 "2001:db8:0:f101::1"
79}
80expect {
81 timeout {puts "TESTING ERROR 16\n";exit}
82 "Scope:Global" { puts "Debian\n"}
83 "scopeid 0x0<global>" { puts "Arch\n"}
84}
85
86send -- "exit\r"
87sleep 2
88
89send -- "firejail --debug --netfilter6=ipv6.net\r"
90expect {
91 timeout {puts "TESTING ERROR 11\n";exit}
92 "Installing IPv6 firewall" {puts "TESTING ERROR 12\n";exit}
93 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
94}
95after 100
96send -- "exit\r"
97
98
99after 100
100puts "\nall done\n"
diff --git a/test/network/ip6.profile b/test/network/ip6.profile
deleted file mode 100644
index 87afa3941..000000000
--- a/test/network/ip6.profile
+++ /dev/null
@@ -1,3 +0,0 @@
1net br0
2ip6 2001:0db8:0:f101::1/64
3netfilter6 ipv6.net
diff --git a/test/network/iprange.exp b/test/network/iprange.exp
deleted file mode 100755
index a4e5560c1..000000000
--- a/test/network/iprange.exp
+++ /dev/null
@@ -1,102 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --net=br1 --iprange=10.10.30.50,10.10.30.55\r"
11expect {
12 timeout {puts "TESTING ERROR 0\n";exit}
13 "eth0"
14}
15expect {
16 timeout {puts "TESTING ERROR 1\n";exit}
17 "10.10.30.50" {puts "10.10.30.50\n"}
18 "10.10.30.51" {puts "10.10.30.51\n"}
19 "10.10.30.52" {puts "10.10.30.52\n"}
20 "10.10.30.53" {puts "10.10.30.53\n"}
21 "10.10.30.54" {puts "10.10.30.54\n"}
22 "10.10.30.55" {puts "10.10.30.55\n"}
23}
24expect {
25 timeout {puts "TESTING ERROR 2\n";exit}
26 "255.255.255.0"
27}
28expect {
29 timeout {puts "TESTING ERROR 3\n";exit}
30 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
31}
32after 100
33send -- "exit\r"
34sleep 1
35
36send -- "firejail --profile=iprange.profile\r"
37expect {
38 timeout {puts "TESTING ERROR 5\n";exit}
39 "eth0"
40}
41expect {
42 timeout {puts "TESTING ERROR 6\n";exit}
43 "10.10.30.50" {puts "10.10.30.50\n"}
44 "10.10.30.51" {puts "10.10.30.51\n"}
45 "10.10.30.52" {puts "10.10.30.52\n"}
46 "10.10.30.53" {puts "10.10.30.53\n"}
47 "10.10.30.54" {puts "10.10.30.54\n"}
48 "10.10.30.55" {puts "10.10.30.55\n"}
49}
50expect {
51 timeout {puts "TESTING ERROR 7\n";exit}
52 "255.255.255.0"
53}
54expect {
55 timeout {puts "TESTING ERROR 8\n";exit}
56 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
57}
58after 100
59send -- "exit\r"
60sleep 1
61
62
63
64send -- "firejail --iprange=10.10.30.50,10.10.30.55\r"
65expect {
66 timeout {puts "TESTING ERROR 9\n";exit}
67 "no network device configured"
68}
69after 100
70
71send -- "firejail --net=br1 --iprange=10.10.30.50,10.10.30.55 --iprange=10.10.30.50,10.10.30.55\r"
72expect {
73 timeout {puts "TESTING ERROR 10\n";exit}
74 "cannot configure the IP range twice for the same interface"
75}
76after 100
77
78send -- "firejail --net=br1 --iprange=10.10.30.50\r"
79expect {
80 timeout {puts "TESTING ERROR 11\n";exit}
81 "invalid IP range"
82}
83after 100
84
85send -- "firejail --net=br0 --iprange=10.10.30.50,10.10.30.55\r"
86expect {
87 timeout {puts "TESTING ERROR 12\n";exit}
88 "IP range addresses not in network range"
89}
90after 100
91
92send -- "firejail --net=br1 --iprange=10.10.30.55,10.10.30.50\r"
93expect {
94 timeout {puts "TESTING ERROR 12\n";exit}
95 "invalid IP range"
96}
97after 100
98
99
100after 100
101
102puts "\nall done\n"
diff --git a/test/network/iprange.profile b/test/network/iprange.profile
deleted file mode 100644
index ecc01cd93..000000000
--- a/test/network/iprange.profile
+++ /dev/null
@@ -1,2 +0,0 @@
1net br1
2iprange 10.10.30.50,10.10.30.55
diff --git a/test/network/ipv6.net b/test/network/ipv6.net
deleted file mode 100644
index cc8f22943..000000000
--- a/test/network/ipv6.net
+++ /dev/null
@@ -1,8 +0,0 @@
1# Generated by ip6tables-save v1.4.14 on Wed Jan 13 10:53:40 2016
2*filter
3:INPUT ACCEPT [0:0]
4:FORWARD ACCEPT [0:0]
5:OUTPUT ACCEPT [0:0]
6-A INPUT -s 2001:db8:1f0a:3ec::2/128 -j DROP
7COMMIT
8# Completed on Wed Jan 13 10:53:40 2016
diff --git a/test/network/net-profile.profile b/test/network/net-profile.profile
deleted file mode 100644
index 89e431939..000000000
--- a/test/network/net-profile.profile
+++ /dev/null
@@ -1,9 +0,0 @@
1net br0
2mac 00:11:22:33:44:55
3mtu 1000
4net br1
5ip 10.10.30.50
6net br2
7ip 10.10.40.100
8net br3
9defaultgw 10.10.20.2
diff --git a/test/network/net_arp.exp b/test/network/net_arp.exp
deleted file mode 100755
index f3e1f6e25..000000000
--- a/test/network/net_arp.exp
+++ /dev/null
@@ -1,74 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --net=br0 sleep 20 &\r"
11expect {
12 timeout {puts "TESTING ERROR 0\n";exit}
13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14}
15send -- "firejail --net=br0 sleep 20 &\r"
16expect {
17 timeout {puts "TESTING ERROR 1\n";exit}
18 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
19}
20send -- "firejail --net=br0 sleep 20 &\r"
21expect {
22 timeout {puts "TESTING ERROR 2\n";exit}
23 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
24}
25send -- "firejail --net=br0 sleep 20 &\r"
26expect {
27 timeout {puts "TESTING ERROR 3\n";exit}
28 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
29}
30send -- "firejail --net=br0 sleep 20 &\r"
31expect {
32 timeout {puts "TESTING ERROR 4\n";exit}
33 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
34}
35
36# will fail
37send -- "firejail --net=br0 sleep 20 &\r"
38expect {
39 timeout {puts "TESTING ERROR 5n";exit}
40 "cannot assign an IP address"
41}
42
43send -- "firejail --net=br0 sleep 20 &\r"
44expect {
45 timeout {puts "TESTING ERROR 6\n";exit}
46 "cannot assign an IP address"
47}
48
49# check firejail --list
50send -- "firejail --list\r"
51expect {
52 timeout {puts "TESTING ERROR 7.1\n";exit}
53 "sleep 20"
54}
55expect {
56 timeout {puts "TESTING ERROR 7.2\n";exit}
57 "sleep 20"
58}
59expect {
60 timeout {puts "TESTING ERROR 7.3\n";exit}
61 "sleep 20"
62}
63expect {
64 timeout {puts "TESTING ERROR 7.4\n";exit}
65 "sleep 20"
66}
67expect {
68 timeout {puts "TESTING ERROR 7.5\n";exit}
69 "sleep 20"
70}
71
72# wait for sandboxes to be shutdown
73sleep 30
74puts "\n"
diff --git a/test/network/net_badip.exp b/test/network/net_badip.exp
deleted file mode 100755
index 3a45496c7..000000000
--- a/test/network/net_badip.exp
+++ /dev/null
@@ -1,18 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check eth0
11send -- "firejail --net=br0 --net=br1 --ip=10.100.10.47\r"
12expect {
13 timeout {puts "TESTING ERROR 0.0\n";exit}
14 "the IP address is not"
15}
16after 100
17
18puts "\n"
diff --git a/test/network/net_defaultgw.exp b/test/network/net_defaultgw.exp
deleted file mode 100755
index ee1ac9882..000000000
--- a/test/network/net_defaultgw.exp
+++ /dev/null
@@ -1,50 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --net=br0 --ip=10.10.20.5 --defaultgw=10.10.20.2 --protocol=unix,inet,netlink\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "eth0"
15}
16expect {
17 timeout {puts "TESTING ERROR 1\n";exit}
18 "10.10.20.5"
19}
20expect {
21 timeout {puts "TESTING ERROR 2\n";exit}
22 "255.255.255.248"
23}
24expect {
25 timeout {puts "TESTING ERROR 3\n";exit}
26 "UP"
27}
28expect {
29 timeout {puts "TESTING ERROR 4\n";exit}
30 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
31}
32sleep 1
33
34# check default gateway
35send -- "ip route show\r"
36expect {
37 timeout {puts "TESTING ERROR 10.1\n";exit}
38 "default via 10.10.20.2 dev eth0"
39}
40
41send -- "ip route show\r"
42expect {
43 timeout {puts "TESTING ERROR 10.2\n";exit}
44 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";}
45 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";}
46}
47send -- "exit\r"
48after 100
49
50puts "\nall done\n"
diff --git a/test/network/net_defaultgw2.exp b/test/network/net_defaultgw2.exp
deleted file mode 100755
index 30c945718..000000000
--- a/test/network/net_defaultgw2.exp
+++ /dev/null
@@ -1,45 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --net=br0 --net=br1 --defaultgw=10.10.30.89 --protocol=unix,inet,netlink\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "eth1"
15}
16expect {
17 timeout {puts "TESTING ERROR 4\n";exit}
18 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
19}
20sleep 1
21
22# check default gateway
23send -- "ip route show\r"
24expect {
25 timeout {puts "TESTING ERROR 10.1\n";exit}
26 "default via 10.10.30.89 dev eth1"
27}
28
29send -- "ip route show\r"
30expect {
31 timeout {puts "TESTING ERROR 10.2\n";exit}
32 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";}
33 "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";}
34}
35
36send -- "ip route show\r"
37expect {
38 timeout {puts "TESTING ERROR 10.3\n";exit}
39 "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "old iproute2\n";}
40 "10.10.30.0/24 dev eth1 proto kernel scope link" {puts "new iproute2\n";}
41}
42send -- "exit\r"
43after 100
44
45puts "\nall done\n"
diff --git a/test/network/net_defaultgw3.exp b/test/network/net_defaultgw3.exp
deleted file mode 100755
index aa9bac156..000000000
--- a/test/network/net_defaultgw3.exp
+++ /dev/null
@@ -1,20 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --net=br0 --net=br1 --defaultgw=10.10.95.89\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "default gateway 10.10.95.89 is not in the range of any network"
15}
16
17after 100
18
19
20puts "\n"
diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp
index 304b71814..251b55362 100755
--- a/test/network/net_ip.exp
+++ b/test/network/net_ip.exp
@@ -94,8 +94,40 @@ expect {
94} 94}
95after 500 95after 500
96 96
97send -- "firejail --noprofile --net=br0 --ip=none ip addr show\r"
98expect {
99 timeout {puts "TESTING ERROR 17\n";exit}
100 "eth0" {puts "TESTING ERROR 18\n";exit}
101 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
102}
103expect {
104 timeout {puts "TESTING ERROR 19\n";exit}
105 "eth0"
106}
107expect {
108 timeout {puts "TESTING ERROR 20\n";exit}
109 "inet " {puts "TESTING ERROR 21\n";exit}
110 "inet6"
111}
112after 500
97 113
114send -- "firejail --net=br0 --mtu=1000 --noprofile ip link show\r"
115expect {
116 timeout {puts "TESTING ERROR 22\n";exit}
117 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
118}
119expect {
120 timeout {puts "TESTING ERROR 23\n";exit}
121 "eth0"
122}
123expect {
124 timeout {puts "TESTING ERROR 24\n";exit}
125 "mtu 1000"
126}
127expect {
128 timeout {puts "TESTING ERROR 25\n";exit}
129 "state UP"
130}
98 131
99 132after 500
100after 100
101puts "\nall done\n" 133puts "\nall done\n"
diff --git a/test/network/net_local.exp b/test/network/net_local.exp
deleted file mode 100755
index 117b94212..000000000
--- a/test/network/net_local.exp
+++ /dev/null
@@ -1,49 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --noprofile --debug\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "Using the local network stack"
15}
16expect {
17 timeout {puts "TESTING ERROR 4\n";exit}
18 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
19}
20sleep 1
21send -- "exit\r"
22sleep 1
23
24# check loopback
25send -- "firejail --noprofile\r"
26expect {
27 timeout {puts "TESTING ERROR 9\n";exit}
28 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
29}
30sleep 1
31
32
33send -- "/sbin/ifconfig\r"
34expect {
35 timeout {puts "TESTING ERROR 5\n";exit}
36 "lo"
37}
38expect {
39 timeout {puts "TESTING ERROR 6\n";exit}
40 "127.0.0.1"
41}
42expect {
43 timeout {puts "TESTING ERROR 7\n";exit}
44 "255.0.0.0"
45}
46send -- "exit\r"
47after 100
48
49puts "all done\n"
diff --git a/test/network/net_macvlan2.exp b/test/network/net_macvlan2.exp
deleted file mode 100755
index 0fcea53dd..000000000
--- a/test/network/net_macvlan2.exp
+++ /dev/null
@@ -1,42 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --net=eth0 --net=eth0 --net=eth0 --net=eth0\r"
11expect {
12 timeout {puts "TESTING ERROR 0.1\n";exit}
13 "eth0-"
14}
15expect {
16 timeout {puts "TESTING ERROR 0.2\n";exit}
17 "eth1-"
18}
19expect {
20 timeout {puts "TESTING ERROR 0.3\n";exit}
21 "eth2-"
22}
23expect {
24 timeout {puts "TESTING ERROR 0.4\n";exit}
25 "eth3-"
26}
27expect {
28 timeout {puts "TESTING ERROR 0.5\n";exit}
29 "Default gateway 192.168.1.1"
30}
31expect {
32 timeout {puts "TESTING ERROR 0.6\n";exit}
33 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
34}
35after 100
36send -- "exit\r"
37sleep 1
38
39
40after 100
41
42puts "\nall done\n"
diff --git a/test/network/net_mtu.exp b/test/network/net_mtu.exp
deleted file mode 100755
index b87db1296..000000000
--- a/test/network/net_mtu.exp
+++ /dev/null
@@ -1,34 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --net=br0 --mtu=1000 --noprofile\r"
12expect {
13 timeout {puts "TESTING ERROR 1\n";exit}
14 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
15}
16sleep 1
17
18send -- "ip link show\r"
19expect {
20 timeout {puts "TESTING ERROR 2\n";exit}
21 "eth0"
22}
23expect {
24 timeout {puts "TESTING ERROR 3\n";exit}
25 "mtu 1000"
26}
27expect {
28 timeout {puts "TESTING ERROR 4\n";exit}
29 "state UP"
30}
31send -- "exit\r"
32after 100
33
34puts "\nall done\n"
diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp
index 97170a1b9..56480251e 100755
--- a/test/network/net_netfilter.exp
+++ b/test/network/net_netfilter.exp
@@ -8,83 +8,20 @@ spawn $env(SHELL)
8match_max 100000 8match_max 100000
9 9
10# check default netfilter on br0 10# check default netfilter on br0
11send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter\r" 11send -- "firejail --name=test --net=br0 --netfilter\r"
12expect { 12expect {
13 timeout {puts "TESTING ERROR 0\n";exit} 13 timeout {puts "TESTING ERROR 0\n";exit}
14 "Installing firewall"
15}
16expect {
17 timeout {puts "TESTING ERROR 1\n";exit}
18 "Chain INPUT (policy DROP"
19}
20expect {
21 timeout {puts "TESTING ERROR 2\n";exit}
22 "ACCEPT all -- any any anywhere"
23}
24expect {
25 timeout {puts "TESTING ERROR 3\n";exit}
26 "ACCEPT icmp -- any any anywhere"
27}
28expect {
29 timeout {puts "TESTING ERROR 4\n";exit}
30 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" 14 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
31} 15}
32sleep 1 16sleep 2
33send -- "exit\r" 17spawn $env(SHELL)
34sleep 1
35 18
36# check default netfilter no new network 19# check default netfilter no new network
37send -- "firejail --debug --noprofile --netfilter\r" 20send -- "firejail --netfilter.print=test\r"
38expect {
39 timeout {puts "TESTING ERROR 5\n";exit}
40 "Installing network filter" {puts "TESTING ERROR 5.1\n";exit}
41 "Chain INPUT (policy DROP" {puts "TESTING ERROR 5.1\n";exit}
42 "ACCEPT all -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit}
43 "ACCEPT icmp -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit}
44 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
45}
46sleep 1
47send -- "exit\r"
48sleep 1
49
50# check file filter netfilter on br0
51send -- "firejail --debug --noprofile --net=br0 --ip=10.10.20.5 --netfilter=netfilter.filter\r"
52expect {
53 timeout {puts "TESTING ERROR 6\n";exit}
54 "Installing firewall"
55}
56expect {
57 timeout {puts "TESTING ERROR 6.1\n";exit}
58 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
59}
60sleep 1
61send -- "ping -c 1 -w 3 10.10.20.1\r"
62expect {
63 timeout {puts "TESTING ERROR 6.2\n";exit}
64 "0 received, 100% packet loss"
65}
66
67send -- "exit\r"
68sleep 1
69
70# check profile netfilter on br0
71send -- "firejail --debug --net=br0 --ip=10.10.20.5 --profile=netfilter.profile\r"
72expect { 21expect {
73 timeout {puts "TESTING ERROR 7\n";exit} 22 timeout {puts "TESTING ERROR 1\n";exit}
74 "Installing firewall" 23 "ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED"
75}
76expect {
77 timeout {puts "TESTING ERROR 7.1\n";exit}
78 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
79}
80sleep 2
81send -- "ping -c 1 -w 3 10.10.20.1\r"
82expect {
83 timeout {puts "TESTING ERROR 7.2\n";exit}
84 "0 received, 100% packet loss"
85} 24}
86 25
87send -- "exit\r" 26after 500
88after 100
89
90puts "all done\n" 27puts "all done\n"
diff --git a/test/network/net_noip.exp b/test/network/net_noip.exp
deleted file mode 100755
index 7da2e85ef..000000000
--- a/test/network/net_noip.exp
+++ /dev/null
@@ -1,48 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --noprofile --net=br0 --ip=none\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "eth0" {puts "TESTING ERROR 1\n";exit}
15 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
16}
17sleep 1
18send -- "bash\r"
19sleep 1
20
21send -- "stty -echo\r"
22after 100
23
24# no default gateway configured
25send -- "netstat -rn;echo done\r"
26expect {
27 timeout {puts "TESTING ERROR 2\n";exit}
28 "0.0.0.0" {puts "TESTING ERROR 3\n";exit}
29 "eth0" {puts "TESTING ERROR 4\n";exit}
30 "done"
31}
32sleep 1
33
34# eth0 configured
35send -- "/sbin/ifconfig;echo done\r"
36expect {
37 timeout {puts "TESTING ERROR 5\n";exit}
38 "eth0"
39}
40expect {
41 timeout {puts "TESTING ERROR 6\n";exit}
42 "10.10.20" {puts "TESTING ERROR 7\n";exit}
43 "done"
44}
45send -- "exit\r"
46after 100
47
48puts "all done\n"
diff --git a/test/network/net_noip2.exp b/test/network/net_noip2.exp
deleted file mode 100755
index a0828a0e7..000000000
--- a/test/network/net_noip2.exp
+++ /dev/null
@@ -1,47 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --noprofile --net=br1 --ip=none --defaultgw=10.10.30.78\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "eth0" {puts "TESTING ERROR 1\n";exit}
15 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
16}
17sleep 1
18send -- "bash\r"
19sleep 1
20send -- "stty -echo\r"
21after 100
22
23# no default gateway configured
24send -- "netstat -rn;echo done\r"
25expect {
26 timeout {puts "TESTING ERROR 2\n";exit}
27 "0.0.0.0" {puts "TESTING ERROR 3\n";exit}
28 "eth0" {puts "TESTING ERROR 4\n";exit}
29 "done"
30}
31sleep 1
32
33# eth0 configured
34send -- "/sbin/ifconfig;echo done\r"
35expect {
36 timeout {puts "TESTING ERROR 5\n";exit}
37 "eth0"
38}
39expect {
40 timeout {puts "TESTING ERROR 6\n";exit}
41 "10.10.30" {puts "TESTING ERROR 7\n";exit}
42 "done"
43}
44send -- "exit\r"
45after 100
46
47puts "all done\n"
diff --git a/test/network/net_none.exp b/test/network/net_none.exp
index 6932c7e8a..24d11d383 100755
--- a/test/network/net_none.exp
+++ b/test/network/net_none.exp
@@ -38,6 +38,6 @@ expect {
38 "3" 38 "3"
39} 39}
40send -- "exit\r" 40send -- "exit\r"
41after 100 41after 500
42 42
43puts "\nall done\n" 43puts "\nall done\n"
diff --git a/test/network/net_profile.exp b/test/network/net_profile.exp
deleted file mode 100755
index d9ce166fd..000000000
--- a/test/network/net_profile.exp
+++ /dev/null
@@ -1,78 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check eth0
11send -- "firejail --profile=net-profile.profile\r"
12expect {
13 timeout {puts "TESTING ERROR 0.0\n";exit}
14 "eth0"
15}
16expect {
17 timeout {puts "TESTING ERROR 0.1\n";exit}
18 "00:11:22:33:44:55"
19}
20expect {
21 timeout {puts "TESTING ERROR 0.1\n";exit}
22 "10.10.20"
23}
24expect {
25 timeout {puts "TESTING ERROR 0.2\n";exit}
26 "255.255.255.248"
27}
28expect {
29 timeout {puts "TESTING ERROR 0.3\n";exit}
30 "UP"
31}
32expect {
33 timeout {puts "TESTING ERROR 0.4\n";exit}
34 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
35}
36sleep 1
37
38send -- "ip route show\r"
39expect {
40 timeout {puts "TESTING ERROR 1\n";exit}
41 "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "old iproute2\n";}
42 "10.10.30.0/24 dev eth1 proto kernel scope link src 10.10.30.50" {puts "new iproute2\n";}
43}
44
45send -- "ip route show\r"
46expect {
47 timeout {puts "TESTING ERROR 2\n";exit}
48 "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "old iproute2\n";}
49 "10.10.40.0/24 dev eth2 proto kernel scope link src 10.10.40.100" {puts "new iproute2\n";}
50}
51
52
53# check default gw
54send -- "ip route show\r"
55expect {
56 timeout {puts "TESTING ERROR 3\n";exit}
57 "default via 10.10.20.2 dev eth0"
58}
59
60# check mtu
61send -- "ip link show\r"
62expect {
63 timeout {puts "TESTING ERROR 4\n";exit}
64 "eth0"
65}
66expect {
67 timeout {puts "TESTING ERROR 5\n";exit}
68 "mtu 1000"
69}
70expect {
71 timeout {puts "TESTING ERROR 6\n";exit}
72 "state UP"
73}
74
75send -- "exit\r"
76after 100
77
78puts "\nall done\n"
diff --git a/test/network/net_scan.exp b/test/network/net_scan.exp
index 8d3e95f29..0369ab9aa 100755
--- a/test/network/net_scan.exp
+++ b/test/network/net_scan.exp
@@ -8,14 +8,14 @@ spawn $env(SHELL)
8match_max 100000 8match_max 100000
9 9
10# 10#
11send -- "firejail --net=br1 --ip=10.10.30.50\r" 11send -- "firejail --net=br0 --ip=10.10.20.50\r"
12expect { 12expect {
13 timeout {puts "TESTING ERROR 0\n";exit} 13 timeout {puts "TESTING ERROR 0\n";exit}
14 "eth0" 14 "eth0"
15} 15}
16expect { 16expect {
17 timeout {puts "TESTING ERROR 1\n";exit} 17 timeout {puts "TESTING ERROR 1\n";exit}
18 "10.10.30.50" 18 "10.10.20.50"
19} 19}
20expect { 20expect {
21 timeout {puts "TESTING ERROR 2\n";exit} 21 timeout {puts "TESTING ERROR 2\n";exit}
@@ -28,14 +28,14 @@ expect {
28sleep 1 28sleep 1
29 29
30spawn $env(SHELL) 30spawn $env(SHELL)
31send -- "firejail --net=br1 --ip=10.10.30.51\r" 31send -- "firejail --net=br0 --ip=10.10.20.60\r"
32expect { 32expect {
33 timeout {puts "TESTING ERROR 4\n";exit} 33 timeout {puts "TESTING ERROR 4\n";exit}
34 "eth0" 34 "eth0"
35} 35}
36expect { 36expect {
37 timeout {puts "TESTING ERROR 5\n";exit} 37 timeout {puts "TESTING ERROR 5\n";exit}
38 "10.10.30.51" 38 "10.10.20.60"
39} 39}
40expect { 40expect {
41 timeout {puts "TESTING ERROR 6\n";exit} 41 timeout {puts "TESTING ERROR 6\n";exit}
@@ -48,18 +48,18 @@ expect {
48sleep 1 48sleep 1
49 49
50spawn $env(SHELL) 50spawn $env(SHELL)
51send -- "firejail --net=br1 --scan\r" 51send -- "firejail --net=br0 --scan\r"
52expect { 52expect {
53 timeout {puts "TESTING ERROR 8\n";exit} 53 timeout {puts "TESTING ERROR 8\n";exit}
54 "eth0" 54 "eth0"
55} 55}
56expect { 56expect {
57 timeout {puts "TESTING ERROR 9\n";exit} 57 timeout {puts "TESTING ERROR 9\n";exit}
58 "10.10.30.50" 58 "10.10.20.50"
59} 59}
60expect { 60expect {
61 timeout {puts "TESTING ERROR 10\n";exit} 61 timeout {puts "TESTING ERROR 10\n";exit}
62 "10.10.30.51" 62 "10.10.20.60"
63} 63}
64expect { 64expect {
65 timeout {puts "TESTING ERROR 11\n";exit} 65 timeout {puts "TESTING ERROR 11\n";exit}
@@ -67,8 +67,4 @@ expect {
67} 67}
68sleep 1 68sleep 1
69 69
70
71
72after 100
73
74puts "\nall done\n" 70puts "\nall done\n"
diff --git a/test/network/net_unconfigured.exp b/test/network/net_unconfigured.exp
deleted file mode 100755
index 7a9f05236..000000000
--- a/test/network/net_unconfigured.exp
+++ /dev/null
@@ -1,244 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10# check ip address
11send -- "firejail --noprofile --net=br-unconfigured --ip=none\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "eth0" {puts "TESTING ERROR 1\n";exit}
15 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
16}
17sleep 1
18send -- "bash\r"
19sleep 1
20
21send -- "stty -echo\r"
22after 100
23
24# no default gateway configured
25send -- "netstat -rn;echo done\r"
26expect {
27 timeout {puts "TESTING ERROR 2\n";exit}
28 "0.0.0.0" {puts "TESTING ERROR 3\n";exit}
29 "eth0" {puts "TESTING ERROR 4\n";exit}
30 "done"
31}
32sleep 1
33
34# eth0 configured
35send -- "/sbin/ifconfig;echo done\r"
36expect {
37 timeout {puts "TESTING ERROR 5\n";exit}
38 "eth0"
39}
40expect {
41 timeout {puts "TESTING ERROR 6\n";exit}
42 "done"
43}
44send -- "exit\r"
45after 100
46send -- "exit\r"
47after 100
48
49
50
51# check ip address
52send -- "firejail --noprofile --net=br-unconfigured\r"
53expect {
54 timeout {puts "TESTING ERROR 7\n";exit}
55 "eth0" {puts "TESTING ERROR 8\n";exit}
56 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
57}
58sleep 1
59send -- "bash\r"
60sleep 1
61
62send -- "stty -echo\r"
63after 100
64
65# no default gateway configured
66send -- "netstat -rn;echo done\r"
67expect {
68 timeout {puts "TESTING ERROR 9\n";exit}
69 "0.0.0.0" {puts "TESTING ERROR 10\n";exit}
70 "eth0" {puts "TESTING ERROR 11\n";exit}
71 "done"
72}
73sleep 1
74
75# eth0 configured
76send -- "/sbin/ifconfig;echo done\r"
77expect {
78 timeout {puts "TESTING ERROR 12\n";exit}
79 "eth0"
80}
81expect {
82 timeout {puts "TESTING ERROR 13\n";exit}
83 "done"
84}
85send -- "exit\r"
86after 100
87send -- "exit\r"
88after 100
89
90
91# check ip address
92send -- "firejail --noprofile --net=br-unconfigured --defaultgw=10.10.80.1\r"
93expect {
94 timeout {puts "TESTING ERROR 14\n";exit}
95 "eth0" {puts "TESTING ERROR 15\n";exit}
96 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
97}
98sleep 1
99send -- "bash\r"
100sleep 1
101
102send -- "stty -echo\r"
103after 100
104
105# no default gateway configured
106send -- "netstat -rn;echo done\r"
107expect {
108 timeout {puts "TESTING ERROR 16\n";exit}
109 "0.0.0.0" {puts "TESTING ERROR 17\n";exit}
110 "eth0" {puts "TESTING ERROR 18\n";exit}
111 "done"
112}
113sleep 1
114
115# eth0 configured
116send -- "/sbin/ifconfig;echo done\r"
117expect {
118 timeout {puts "TESTING ERROR 19\n";exit}
119 "eth0"
120}
121expect {
122 timeout {puts "TESTING ERROR 20\n";exit}
123 "done"
124}
125send -- "exit\r"
126after 100
127send -- "exit\r"
128after 100
129
130
131# check ip address
132send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --defaultgw=10.10.80.1\r"
133expect {
134 timeout {puts "TESTING ERROR 21\n";exit}
135 "eth0" {puts "TESTING ERROR 22\n";exit}
136 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
137}
138sleep 1
139send -- "bash\r"
140sleep 1
141
142send -- "stty -echo\r"
143after 100
144
145# no default gateway configured
146send -- "netstat -rn;echo done\r"
147expect {
148 timeout {puts "TESTING ERROR 23\n";exit}
149 "0.0.0.0" {puts "TESTING ERROR 24\n";exit}
150 "eth0" {puts "TESTING ERROR 25\n";exit}
151 "done"
152}
153sleep 1
154
155# eth0 configured
156send -- "/sbin/ifconfig;echo done\r"
157expect {
158 timeout {puts "TESTING ERROR 26\n";exit}
159 "eth0"
160}
161expect {
162 timeout {puts "TESTING ERROR 27\n";exit}
163 "done"
164}
165send -- "exit\r"
166after 100
167send -- "exit\r"
168after 100
169
170
171# check ip address
172send -- "firejail --noprofile --net=br-unconfigured --ip=10.10.80.1 --netmask=255.255.255.0 --defaultgw=10.10.80.1\r"
173expect {
174 timeout {puts "TESTING ERROR 28\n";exit}
175 "eth0"
176}
177expect {
178 timeout {puts "TESTING ERROR 29\n";exit}
179 "10.10.80.1"
180}
181expect {
182 timeout {puts "TESTING ERROR 30\n";exit}
183 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
184}
185sleep 1
186send -- "bash\r"
187sleep 1
188
189send -- "stty -echo\r"
190after 100
191
192# no default gateway configured
193send -- "netstat -rn;echo done\r"
194expect {
195 timeout {puts "TESTING ERROR 31\n";exit}
196 "0.0.0.0"
197}
198expect {
199 timeout {puts "TESTING ERROR 32\n";exit}
200 "10.10.80.1"
201}
202expect {
203 timeout {puts "TESTING ERROR 33\n";exit}
204 "eth0"
205}
206expect {
207 timeout {puts "TESTING ERROR 34\n";exit}
208 "10.10.80.0"
209}
210expect {
211 timeout {puts "TESTING ERROR 35\n";exit}
212 "0.0.0.0"
213}
214expect {
215 timeout {puts "TESTING ERROR 36\n";exit}
216 "eth0"
217}
218expect {
219 timeout {puts "TESTING ERROR 37\n";exit}
220 "done"
221}
222sleep 1
223
224# eth0 configured
225send -- "/sbin/ifconfig;echo done\r"
226expect {
227 timeout {puts "TESTING ERROR 38\n";exit}
228 "eth0"
229}
230expect {
231 timeout {puts "TESTING ERROR 39\n";exit}
232 "10.10.80.1"
233}
234expect {
235 timeout {puts "TESTING ERROR 40\n";exit}
236 "done"
237}
238send -- "exit\r"
239after 100
240send -- "exit\r"
241after 100
242
243
244puts "all done\n"
diff --git a/test/network/net_veth.exp b/test/network/net_veth.exp
deleted file mode 100755
index c8c0c47e1..000000000
--- a/test/network/net_veth.exp
+++ /dev/null
@@ -1,141 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --net=eth0\r"
11expect {
12 timeout {puts "TESTING ERROR 1\n";exit}
13 "lo"
14}
15expect {
16 timeout {puts "TESTING ERROR 2\n";exit}
17 "127.0.0.1"
18}
19expect {
20 timeout {puts "TESTING ERROR 3\n";exit}
21 "255.0.0.0"
22}
23expect {
24 timeout {puts "TESTING ERROR 4\n";exit}
25 "UP"
26}
27expect {
28 timeout {puts "TESTING ERROR 5\n";exit}
29 "eth0-"
30}
31expect {
32 timeout {puts "TESTING ERROR 6\n";exit}
33 "255.255.255.0"
34}
35expect {
36 timeout {puts "TESTING ERROR 7\n";exit}
37 "UP"
38}
39expect {
40 timeout {puts "TESTING ERROR 8\n";exit}
41 "Default gateway"
42}
43expect {
44 timeout {puts "TESTING ERROR 9\n";exit}
45 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
46}
47sleep 1
48send -- "exit\r"
49sleep 1
50
51send -- "firejail --net=eth0 --net=eth0 --net=eth0 --net=eth0\r"
52expect {
53 timeout {puts "TESTING ERROR 11\n";exit}
54 "lo"
55}
56expect {
57 timeout {puts "TESTING ERROR 12\n";exit}
58 "127.0.0.1"
59}
60expect {
61 timeout {puts "TESTING ERROR 13\n";exit}
62 "255.0.0.0"
63}
64expect {
65 timeout {puts "TESTING ERROR 14\n";exit}
66 "UP"
67}
68expect {
69 timeout {puts "TESTING ERROR 15\n";exit}
70 "eth0-"
71}
72expect {
73 timeout {puts "TESTING ERROR 16\n";exit}
74 "255.255.255.0"
75}
76expect {
77 timeout {puts "TESTING ERROR 17\n";exit}
78 "UP"
79}
80expect {
81 timeout {puts "TESTING ERROR 18\n";exit}
82 "eth1-"
83}
84expect {
85 timeout {puts "TESTING ERROR 19\n";exit}
86 "255.255.255.0"
87}
88expect {
89 timeout {puts "TESTING ERROR 20\n";exit}
90 "UP"
91}
92expect {
93 timeout {puts "TESTING ERROR 5\n";exit}
94 "eth2-"
95}
96expect {
97 timeout {puts "TESTING ERROR 21\n";exit}
98 "255.255.255.0"
99}
100expect {
101 timeout {puts "TESTING ERROR 22\n";exit}
102 "UP"
103}
104expect {
105 timeout {puts "TESTING ERROR 23\n";exit}
106 "eth3-"
107}
108expect {
109 timeout {puts "TESTING ERROR 24\n";exit}
110 "255.255.255.0"
111}
112expect {
113 timeout {puts "TESTING ERROR 25\n";exit}
114 "UP"
115}
116expect {
117 timeout {puts "TESTING ERROR 26\n";exit}
118 "Default gateway"
119}
120expect {
121 timeout {puts "TESTING ERROR 27\n";exit}
122 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
123}
124sleep 1
125send -- "exit\r"
126sleep 1
127
128send -- "firejail --net=eth0 --ip=10.10.20.1\r"
129expect {
130 timeout {puts "TESTING ERROR 27\n";exit}
131 "the IP address is not in the interface range"
132}
133
134
135
136
137
138
139after 100
140
141puts "\n"
diff --git a/test/network/netfilter-template.exp b/test/network/netfilter-template.exp
deleted file mode 100755
index 0a3386965..000000000
--- a/test/network/netfilter-template.exp
+++ /dev/null
@@ -1,67 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10
11send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/blablabla\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "invalid network filter file"
15}
16sleep 1
17
18send -- "firejail --net=br1 --ip=10.10.30.10 --name=test1 --netfilter=/etc/firejail/tcpserver.net,5555 ./tcpserver 5555\r"
19expect {
20 timeout {puts "TESTING ERROR 1\n";exit}
21 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
22}
23sleep 1
24
25spawn $env(SHELL)
26send -- "firejail --netfilter.print=test1\r"
27expect {
28 timeout {puts "TESTING ERROR 1.1\n";exit}
29 "Chain INPUT"
30}
31expect {
32 timeout {puts "TESTING ERROR 1.2\n";exit}
33 "Chain FORWARD"
34}
35expect {
36 timeout {puts "TESTING ERROR 1.3\n";exit}
37 "Chain OUTPUT"
38}
39sleep 1
40
41send -- "telnet 10.10.30.10 5555\r"
42expect {
43 timeout {puts "TESTING ERROR 2\n";exit}
44 "Connected to 10.10.30.10"
45}
46sleep 1
47
48send "sdfklsjadfl;ksadjfl;sdkfj\r"
49expect {
50 timeout {puts "TESTING ERROR 3\n";exit}
51 "response"
52}
53expect {
54 timeout {puts "TESTING ERROR 4\n";exit}
55 "Connection closed"
56}
57sleep 1
58
59send -- "telnet 10.10.30.10 5556\r"
60expect {
61 timeout {puts "OK\n"}
62 "Connected to 10.10.30.10" {puts "TESTING ERROR 6\n";exit}
63 "dikasdfjasdjf"
64}
65
66after 100
67puts "all done\n"
diff --git a/test/network/netfilter.filter b/test/network/netfilter.filter
deleted file mode 100644
index 3e232065c..000000000
--- a/test/network/netfilter.filter
+++ /dev/null
@@ -1,6 +0,0 @@
1*filter
2:INPUT DROP [0:0]
3:FORWARD DROP [0:0]
4:OUTPUT ACCEPT [0:0]
5-A INPUT -i lo -j ACCEPT
6COMMIT
diff --git a/test/network/netfilter.profile b/test/network/netfilter.profile
deleted file mode 100644
index 824c6cd0f..000000000
--- a/test/network/netfilter.profile
+++ /dev/null
@@ -1 +0,0 @@
1netfilter netfilter.filter
diff --git a/test/network/netns.exp b/test/network/netns.exp
deleted file mode 100755
index 048dbfa93..000000000
--- a/test/network/netns.exp
+++ /dev/null
@@ -1,34 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --netns=red --noprofile\r"
11expect {
12 timeout {puts "TESTING ERROR 1\n";exit}
13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14}
15after 100
16
17send -- "ip link show\r"
18expect {
19 timeout {puts "TESTING ERROR 2\n";exit}
20 "LOOPBACK"
21}
22expect {
23 timeout {puts "TESTING ERROR 3\n";exit}
24 "DOWN"
25}
26expect {
27 timeout {puts "TESTING ERROR 4\n";exit}
28 "link/loopback"
29}
30after 100
31send -- "exit\r"
32after 100
33
34puts "all done\n"
diff --git a/test/network/netstats.exp b/test/network/netstats.exp
deleted file mode 100755
index a41acac68..000000000
--- a/test/network/netstats.exp
+++ /dev/null
@@ -1,38 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10send -- "firejail --net=eth0 --name=test1\r"
11expect {
12 timeout {puts "TESTING ERROR 9\n";exit}
13 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
14}
15sleep 1
16
17spawn $env(SHELL)
18send -- "firejail --net=eth0 --name=test2\r"
19expect {
20 timeout {puts "TESTING ERROR 9\n";exit}
21 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
22}
23sleep 1
24
25spawn $env(SHELL)
26send -- "firejail --netstats\r"
27sleep 4
28expect {
29 timeout {puts "TESTING ERROR 9\n";exit}
30 "name=test1"
31}
32expect {
33 timeout {puts "TESTING ERROR 9\n";exit}
34 "name=test2"
35}
36after 100
37
38puts "\n"
diff --git a/test/network/network.sh b/test/network/network.sh
index 6bb8332ee..319927493 100755
--- a/test/network/network.sh
+++ b/test/network/network.sh
@@ -10,9 +10,6 @@ export LC_ALL=C
10sudo brctl addbr br0 10sudo brctl addbr br0
11sudo ip link set br0 up 11sudo ip link set br0 up
12sudo ip addr add 10.10.20.1/24 dev br0 12sudo ip addr add 10.10.20.1/24 dev br0
13sudo brctl addbr br1
14sudo ip link set br1 up
15sudo ip addr add 10.10.30.1/24 dev br1
16ip addr show 13ip addr show
17 14
18echo "TESTING: no network (net_none.exp)" 15echo "TESTING: no network (net_none.exp)"
@@ -24,92 +21,14 @@ echo "TESTING: network IP (net_ip.exp)"
24echo "TESTING: network MAC (net_mac.exp)" 21echo "TESTING: network MAC (net_mac.exp)"
25./net_mac.exp 22./net_mac.exp
26 23
24echo "TESTING: network scan (net_scan.exp)"
25./net_scan.exp
27 26
27echo "TESTING: netfilter (net_netfilter.exp)"
28./net_netfilter.exp
28 29
29#echo "TESTING: unconfigured network (net_unconfigured.exp)" 30echo "TESTING: print dns (dns-print.exp)"
30#./net_unconfigured.exp 31./dns-print.exp
31# 32
32#echo "TESTING: netfilter template (netfilter-template.exp)" 33sudo ip link set br0 down
33#rm -f ./tcpserver 34sudo brctl delbr br0
34#gcc -o tcpserver tcpserver.c
35#./netfilter-template.exp
36#rm ./tcpserver
37#
38#echo "TESTING: firemon interface (firemon-interfaces.exp)"
39#sudo ./firemon-interfaces.exp
40#
41#echo "TESTING: netns (netns.exp)"
42#./netns.exp
43#
44#echo "TESTING: print dns (dns-print.exp)"
45#./dns-print.exp
46#
47#echo "TESTING: firemon arp (firemon-arp.exp)"
48#./firemon-arp.exp
49#
50#echo "TESTING: firemon netstats (netstats.exp)"
51#./netstats.exp
52#
53#echo "TESTING: firemon route (firemon-route.exp)"
54#./firemon-route.exp
55#
56#echo "TESTING: network profile (net_profile.exp)"
57#./net_profile.exp
58#
59#echo "TESTING: bandwidth (bandwidth.exp)"
60#./bandwidth.exp
61#
62#echo "TESTING: IPv6 support (ip6.exp)"
63#./ip6.exp
64#
65#echo "TESTING: local network (net_local.exp)"
66#./net_local.exp
67#
68#
69#echo "TESTING: network MTU (net_mtu.exp)"
70#./net_mtu.exp
71#
72#echo "TESTING: network bad IP (net_badip.exp)"
73#./net_badip.exp
74#
75#echo "TESTING: network no IP test 1 (net_noip.exp)"
76#./net_noip.exp
77#
78#echo "TESTING: network no IP test 2 (net_noip2.exp)"
79#./net_noip2.exp
80#
81#echo "TESTING: network default gateway test 1 (net_defaultgw.exp)"
82#./net_defaultgw.exp
83#
84#echo "TESTING: network default gateway test 2 (net_defaultgw2.exp)"
85#./net_defaultgw2.exp
86#
87#echo "TESTING: network default gateway test 3 (net_defaultgw3.exp)"
88#./net_defaultgw3.exp
89#
90#echo "TESTING: scan (net_scan.exp)"
91#./net_scan.exp
92#
93#echo "TESTING: interface (interface.exp)"
94#./interface.exp
95#
96#echo "TESTING: veth (net_veth.exp)"
97#./net_veth.exp
98#
99#echo "TESTING: netfilter (net_netfilter.exp)"
100#./net_netfilter.exp
101#
102#echo "TESTING: iprange (iprange.exp)"
103#./iprange.exp
104#
105#echo "TESTING: veth-name (veth-name.exp)"
106#./veth-name.exp
107#
108#echo "TESTING: macvlan2 (net_macvlan2.exp)"
109#./net_macvlan2.exp
110#
111#echo "TESTING: 4 bridges ARP (4bridges_arp.exp)"
112#./4bridges_arp.exp
113#
114#echo "TESTING: 4 bridges IP (4bridges_ip.exp)"
115#./4bridges_ip.exp
diff --git a/test/network/tcpserver.c b/test/network/tcpserver.c
deleted file mode 100644
index 639fbf868..000000000
--- a/test/network/tcpserver.c
+++ /dev/null
@@ -1,108 +0,0 @@
1/*
2 * Copyright (C) 2014-2023 Firejail Authors
3 *
4 * This file is part of firejail project
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19*/
20#include <stdio.h>
21#include <stdlib.h>
22#include <unistd.h>
23#include <netdb.h>
24#include <netinet/in.h>
25#include <string.h>
26
27
28int main(int argc, char **argv) {
29 int fd, newfd, client_len;
30 struct sockaddr_in serv_addr, client_addr;
31 int n, pid;
32
33 if (argc < 2) {
34 printf("Usage: ./server port-number\n");
35 return 1;
36 }
37 int portno = atoi(argv[1]);
38
39 // init socket
40 fd = socket(AF_INET, SOCK_STREAM, 0);
41 if (fd < 0) {
42 perror("ERROR opening socket");
43 return 1;
44 }
45
46 // Initialize socket structure
47 memset(&serv_addr, 0, sizeof(serv_addr));
48
49 serv_addr.sin_family = AF_INET;
50 serv_addr.sin_addr.s_addr = INADDR_ANY;
51 serv_addr.sin_port = htons(portno);
52
53 // bind
54 if (bind(fd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0) {
55 perror("bind");
56 return 1;
57 }
58
59 // listen - 5 pending conncections
60 if (listen(fd, 5) < 0) {
61 perror("listen");
62 return 1;
63 }
64 client_len = sizeof(client_addr);
65
66 while (1) {
67 newfd = accept(fd, (struct sockaddr *) &client_addr, &client_len);
68
69 if (newfd < 0) {
70 perror("accept");
71 return 1;
72 }
73
74 /* Create child process */
75 pid = fork();
76
77 if (pid < 0) {
78 perror("fork");
79 return 1;
80 }
81
82 if (pid == 0) {
83 // child
84 close(fd);
85#define MAXBUF 4096
86 char buf[MAXBUF];
87 memset(buf, 0, MAXBUF);
88
89 int rcv = read(newfd, buf, MAXBUF - 1);
90 if (rcv < 0) {
91 perror("read");
92 exit(1);
93 }
94
95 int sent = write(newfd, "response\n", 9);
96 if (sent < 9) {
97 perror("write");
98 return 1;
99 }
100
101 exit(0);
102 }
103 else
104 close(newfd);
105 }
106
107 return 0;
108}
diff --git a/test/network/veth-name.exp b/test/network/veth-name.exp
deleted file mode 100755
index 14ab27850..000000000
--- a/test/network/veth-name.exp
+++ /dev/null
@@ -1,76 +0,0 @@
1#!/usr/bin/expect -f
2# This file is part of Firejail project
3# Copyright (C) 2014-2023 Firejail Authors
4# License GPL v2
5
6set timeout 10
7spawn $env(SHELL)
8match_max 100000
9
10#
11send -- "firejail --net=br1 --ip=10.10.30.50 --veth-name=blablabla\r"
12expect {
13 timeout {puts "TESTING ERROR 0\n";exit}
14 "eth0"
15}
16expect {
17 timeout {puts "TESTING ERROR 1\n";exit}
18 "10.10.30.50"
19}
20expect {
21 timeout {puts "TESTING ERROR 2\n";exit}
22 "255.255.255.0"
23}
24expect {
25 timeout {puts "TESTING ERROR 3\n";exit}
26 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
27}
28sleep 1
29
30spawn $env(SHELL)
31send -- "ip link show\r"
32expect {
33 timeout {puts "TESTING ERROR 4\n";exit}
34 "blablabla"
35}
36expect {
37 timeout {puts "TESTING ERROR 5\n";exit}
38 "master br1 state UP"
39}
40sleep 1
41
42
43send -- "firejail --profile=veth-name.profile\r"
44expect {
45 timeout {puts "TESTING ERROR 6\n";exit}
46 "eth0"
47}
48expect {
49 timeout {puts "TESTING ERROR 7\n";exit}
50 "10.10.60.51"
51}
52expect {
53 timeout {puts "TESTING ERROR 8\n";exit}
54 "255.255.255.0"
55}
56expect {
57 timeout {puts "TESTING ERROR 9\n";exit}
58 -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
59}
60sleep 1
61
62spawn $env(SHELL)
63send -- "ip link show\r"
64expect {
65 timeout {puts "TESTING ERROR 10\n";exit}
66 "bingo"
67}
68expect {
69 timeout {puts "TESTING ERROR 11\n";exit}
70 "master br4 state UP"
71}
72sleep 1
73
74
75after 100
76puts "\nall done\n"
diff --git a/test/network/veth-name.profile b/test/network/veth-name.profile
deleted file mode 100644
index f00a74d63..000000000
--- a/test/network/veth-name.profile
+++ /dev/null
@@ -1,3 +0,0 @@
1net br4
2ip 10.10.60.51
3veth-name bingo
generated by cgit v1.2.3-54-g00ecf (git 2.45.0) at 2024-05-04 18:38:08 +0000