testing

author: netblue30 <netblue30@protonmail.com> 2023-03-07 08:30:53 -0500
committer: netblue30 <netblue30@protonmail.com> 2023-03-07 08:30:53 -0500
commit: a12601f02aecefd6fde2f227bd3536840f7f7b14 (patch)
tree: e35164d4ad8b63157170f355be3e0160eb6f172c /test
parent: Run make codespell (diff)
download: firejail-a12601f02aecefd6fde2f227bd3536840f7f7b14.tar.gz
firejail-a12601f02aecefd6fde2f227bd3536840f7f7b14.tar.zst
firejail-a12601f02aecefd6fde2f227bd3536840f7f7b14.zip
6 files changed, 142 insertions, 0 deletions
diff --git a/test/network/ip6_netfilter.exp b/test/network/ip6_netfilter.exp
new file mode 100755
index 000000000..6c478d9e7
--- /dev/null
+++ b/test/network/ip6_netfilter.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2023 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+# check default netfilter on br0
+send -- "firejail --name=test --net=br0 --netfilter6=ip6_netfilter.profile\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+sleep 2
+spawn $env(SHELL)
+# check default netfilter no new network
+send -- "firejail --netfilter6.print=test\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "DROP"
+}
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "2001:db8:1f0a:3ec::2"
+}
+after 500
+puts "all done\n"
diff --git a/test/network/ip6_netfilter.profile b/test/network/ip6_netfilter.profile
new file mode 100644
index 000000000..cc8f22943
--- /dev/null
+++ b/test/network/ip6_netfilter.profile
@@ -0,0 +1,8 @@
+# Generated by ip6tables-save v1.4.14 on Wed Jan 13 10:53:40 2016
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -s 2001:db8:1f0a:3ec::2/128 -j DROP
+COMMIT
+# Completed on Wed Jan 13 10:53:40 2016
diff --git a/test/network/net_bandwidth.exp b/test/network/net_bandwidth.exp
new file mode 100755
index 000000000..0ec3b59ef
--- /dev/null
+++ b/test/network/net_bandwidth.exp
@@ -0,0 +1,51 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2023 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --name=test --net=br0\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+sleep 2
+spawn $env(SHELL)
+send -- "firejail --bandwidth=test set br0 10 20\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Download speed  80kbps"
+}
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Upload speed  160kbps"
+}
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "configuring tc ingress"
+}
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        "configuring tc egress"
+}
+after 500
+send -- "firejail --bandwidth=test status\r"
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        "rate 160Kbit burst 10Kb"
+}
+after 500
+send -- "firejail --bandwidth=test clear br0\r"
+expect {
+        timeout {puts "TESTING ERROR 7\n";exit}
+        "Removing bandwidth limits"
+}
+sleep 1
+puts "\nall done\n"
diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp
index 251b55362..0cccf93a0 100755
--- a/test/network/net_ip.exp
+++ b/test/network/net_ip.exp
@@ -130,4 +130,44 @@ expect {
 }
 after 500
+send -- "firejail --profile=net_ip.profile ip addr show\r"
+expect {
+        timeout {puts "TESTING ERROR 26\n";exit}
+        "eth0"
+}
+expect {
+        timeout {puts "TESTING ERROR 27\n";exit}
+        "00:11:22:33:44:55"
+}
+expect {
+        timeout {puts "TESTING ERROR 28\n";exit}
+        "10.10.20.55"
+}
+expect {
+        timeout {puts "TESTING ERROR 29\n";exit}
+        "Default gateway 10.10.20.9"
+}
+expect {
+        timeout {puts "TESTING ERROR 30\n";exit}
+        "00:11:22:33:44:55"
+}
+expect {
+        timeout {puts "TESTING ERROR 31\n";exit}
+        "10.10.20.55"
+}
+after 500
+send -- "firejail --profile=net_ip.profile ip route  show\r"
+expect {
+        timeout {puts "TESTING ERROR 32\n";exit}
+        "default via 10.10.20.9"
+}
+expect {
+        timeout {puts "TESTING ERROR 33\n";exit}
+        "10.10.20.0/24 dev eth0 proto kernel scope link src 10.10.20.55"
+}
+after 500
 puts "\nall done\n"
diff --git a/test/network/net_ip.profile b/test/network/net_ip.profile
new file mode 100644
index 000000000..72910d77e
--- /dev/null
+++ b/test/network/net_ip.profile
@@ -0,0 +1,6 @@
+net br0
+ip 10.10.20.55
+defaultgw 10.10.20.9
+mac 00:11:22:33:44:55
+mtu 1000
diff --git a/test/network/network.sh b/test/network/network.sh
index 877f16156..e062358d4 100755
--- a/test/network/network.sh
+++ b/test/network/network.sh
@@ -33,8 +33,14 @@ echo "TESTING: print network (net-print.exp)"
 echo "TESTING: print dns (dns-print.exp)"
 ./dns-print.exp
+echo "TESTING: bandwidth (net_bandwidth.exp)"
+./net_bandwidth.exp
 echo "TESTING: ipv6 (ip6.exp)"
 ./ip6.exp
+#echo "TESTING: ipv6 netfilter(ip6_netfilter.exp)"
+#./ip6_netfilter.exp
 sudo ip link set br0 down
 sudo brctl delbr br0
author	netblue30 <netblue30@protonmail.com>	2023-03-07 08:30:53 -0500
committer	netblue30 <netblue30@protonmail.com>	2023-03-07 08:30:53 -0500
commit	a12601f02aecefd6fde2f227bd3536840f7f7b14 (patch)
tree	e35164d4ad8b63157170f355be3e0160eb6f172c /test
parent	Run make codespell (diff)
download	firejail-a12601f02aecefd6fde2f227bd3536840f7f7b14.tar.gz firejail-a12601f02aecefd6fde2f227bd3536840f7f7b14.tar.zst firejail-a12601f02aecefd6fde2f227bd3536840f7f7b14.zip

diff --git a/test/network/ip6_netfilter.exp b/test/network/ip6_netfilter.exp new file mode 100755 index 000000000..6c478d9e7 --- /dev/null +++ b/test/network/ip6_netfilter.exp
@@ -0,0 +1,31 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2023 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	# check default netfilter on br0
		11	send -- "firejail --name=test --net=br0 --netfilter6=ip6_netfilter.profile\r"
		12	expect {
		13	timeout {puts "TESTING ERROR 0\n";exit}
		14	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
		15	}
		16	sleep 2
		17	spawn $env(SHELL)
		18
		19	# check default netfilter no new network
		20	send -- "firejail --netfilter6.print=test\r"
		21	expect {
		22	timeout {puts "TESTING ERROR 1\n";exit}
		23	"DROP"
		24	}
		25	expect {
		26	timeout {puts "TESTING ERROR 2\n";exit}
		27	"2001:db8:1f0a:3ec::2"
		28	}
		29
		30	after 500
		31	puts "all done\n"


diff --git a/test/network/ip6_netfilter.profile b/test/network/ip6_netfilter.profile new file mode 100644 index 000000000..cc8f22943 --- /dev/null +++ b/test/network/ip6_netfilter.profile
@@ -0,0 +1,8 @@
		1	# Generated by ip6tables-save v1.4.14 on Wed Jan 13 10:53:40 2016
		2	*filter
		3	:INPUT ACCEPT [0:0]
		4	:FORWARD ACCEPT [0:0]
		5	:OUTPUT ACCEPT [0:0]
		6	-A INPUT -s 2001:db8:1f0a:3ec::2/128 -j DROP
		7	COMMIT
		8	# Completed on Wed Jan 13 10:53:40 2016


diff --git a/test/network/net_bandwidth.exp b/test/network/net_bandwidth.exp new file mode 100755 index 000000000..0ec3b59ef --- /dev/null +++ b/test/network/net_bandwidth.exp
@@ -0,0 +1,51 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2023 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail --name=test --net=br0\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 1\n";exit}
		13	-re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
		14	}
		15	sleep 2
		16
		17	spawn $env(SHELL)
		18	send -- "firejail --bandwidth=test set br0 10 20\r"
		19	expect {
		20	timeout {puts "TESTING ERROR 2\n";exit}
		21	"Download speed 80kbps"
		22	}
		23	expect {
		24	timeout {puts "TESTING ERROR 3\n";exit}
		25	"Upload speed 160kbps"
		26	}
		27	expect {
		28	timeout {puts "TESTING ERROR 4\n";exit}
		29	"configuring tc ingress"
		30	}
		31	expect {
		32	timeout {puts "TESTING ERROR 5\n";exit}
		33	"configuring tc egress"
		34	}
		35	after 500
		36
		37	send -- "firejail --bandwidth=test status\r"
		38	expect {
		39	timeout {puts "TESTING ERROR 6\n";exit}
		40	"rate 160Kbit burst 10Kb"
		41	}
		42	after 500
		43
		44	send -- "firejail --bandwidth=test clear br0\r"
		45	expect {
		46	timeout {puts "TESTING ERROR 7\n";exit}
		47	"Removing bandwidth limits"
		48	}
		49	sleep 1
		50
		51	puts "\nall done\n"


diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp index 251b55362..0cccf93a0 100755 --- a/test/network/net_ip.exp +++ b/test/network/net_ip.exp
@@ -130,4 +130,44 @@ expect {
130	}	130	}
131		131
132	after 500	132	after 500
		133
		134	send -- "firejail --profile=net_ip.profile ip addr show\r"
		135	expect {
		136	timeout {puts "TESTING ERROR 26\n";exit}
		137	"eth0"
		138	}
		139	expect {
		140	timeout {puts "TESTING ERROR 27\n";exit}
		141	"00:11:22:33:44:55"
		142	}
		143	expect {
		144	timeout {puts "TESTING ERROR 28\n";exit}
		145	"10.10.20.55"
		146	}
		147	expect {
		148	timeout {puts "TESTING ERROR 29\n";exit}
		149	"Default gateway 10.10.20.9"
		150	}
		151	expect {
		152	timeout {puts "TESTING ERROR 30\n";exit}
		153	"00:11:22:33:44:55"
		154	}
		155	expect {
		156	timeout {puts "TESTING ERROR 31\n";exit}
		157	"10.10.20.55"
		158	}
		159	after 500
		160
		161	send -- "firejail --profile=net_ip.profile ip route show\r"
		162	expect {
		163	timeout {puts "TESTING ERROR 32\n";exit}
		164	"default via 10.10.20.9"
		165	}
		166	expect {
		167	timeout {puts "TESTING ERROR 33\n";exit}
		168	"10.10.20.0/24 dev eth0 proto kernel scope link src 10.10.20.55"
		169	}
		170	after 500
		171
		172
133	puts "\nall done\n"	173	puts "\nall done\n"


diff --git a/test/network/net_ip.profile b/test/network/net_ip.profile new file mode 100644 index 000000000..72910d77e --- /dev/null +++ b/test/network/net_ip.profile
@@ -0,0 +1,6 @@
		1	net br0
		2	ip 10.10.20.55
		3	defaultgw 10.10.20.9
		4	mac 00:11:22:33:44:55
		5	mtu 1000
		6


diff --git a/test/network/network.sh b/test/network/network.sh index 877f16156..e062358d4 100755 --- a/test/network/network.sh +++ b/test/network/network.sh
@@ -33,8 +33,14 @@ echo "TESTING: print network (net-print.exp)"
33	echo "TESTING: print dns (dns-print.exp)"	33	echo "TESTING: print dns (dns-print.exp)"
34	./dns-print.exp	34	./dns-print.exp
35		35
		36	echo "TESTING: bandwidth (net_bandwidth.exp)"
		37	./net_bandwidth.exp
		38
36	echo "TESTING: ipv6 (ip6.exp)"	39	echo "TESTING: ipv6 (ip6.exp)"
37	./ip6.exp	40	./ip6.exp
38		41
		42	#echo "TESTING: ipv6 netfilter(ip6_netfilter.exp)"
		43	#./ip6_netfilter.exp
		44
39	sudo ip link set br0 down	45	sudo ip link set br0 down
40	sudo brctl delbr br0	46	sudo brctl delbr br0