1 files changed, 185 insertions, 0 deletions
diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp
new file mode 100755
index 000000000..835f645b2
--- /dev/null
+++ b/test/filters/protocol.exp
@@ -0,0 +1,185 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail --noprofile --protocol=unix ./syscall_test socket\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.1\n";exit}
+        "Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}
+        "socket AF_INET"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.2\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.3\n";exit}
+        "socket AF_INET6"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.4\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.5\n";exit}
+        "socket AF_NETLINK"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.6\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.7\n";exit}
+        "socket AF_UNIX"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.8\n";exit}
+        "socket AF_PACKETX"
+}
+expect {
+        timeout {puts "TESTING ERROR 1.9\n";exit}
+        "Operation not supported"
+}
+sleep 1
+send -- "firejail --noprofile --protocol=inet6,packet ./syscall_test socket\r"
+expect {
+        timeout {puts "TESTING ERROR 2\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.1\n";exit}
+        "socket AF_INET"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.2\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.3\n";exit}
+        "socket AF_INET6"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.4\n";exit}
+        "socket AF_NETLINK"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.5\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.6\n";exit}
+        "socket AF_UNIX"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.7\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.8\n";exit}
+        "socket AF_PACKETX"
+}
+expect {
+        timeout {puts "TESTING ERROR 2.9\n";exit}
+        "after socket"
+}
+sleep 1
+# profile testing
+send -- "firejail --profile=protocol1.profile ./syscall_test socket\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.1\n";exit}
+        "socket AF_INET"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.2\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.3\n";exit}
+        "socket AF_INET6"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.4\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.5\n";exit}
+        "socket AF_NETLINK"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.6\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.7\n";exit}
+        "socket AF_UNIX"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.8\n";exit}
+        "socket AF_PACKETX"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.9\n";exit}
+        "Operation not supported"
+}
+sleep 1
+send -- "firejail --profile=protocol2.profile ./syscall_test socket\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "Child process initialized"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.1\n";exit}
+        "socket AF_INET"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.2\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.3\n";exit}
+        "socket AF_INET6"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.4\n";exit}
+        "socket AF_NETLINK"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.5\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.6\n";exit}
+        "socket AF_UNIX"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.7\n";exit}
+        "Operation not supported"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.8\n";exit}
+        "socket AF_PACKETX"
+}
+expect {
+        timeout {puts "TESTING ERROR 4.9\n";exit}
+        "after socket"
+}
+after 100
+puts "\nall done\n"

diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp new file mode 100755 index 000000000..835f645b2 --- /dev/null +++ b/test/filters/protocol.exp
@@ -0,0 +1,185 @@
	1	#!/usr/bin/expect -f
	2	# This file is part of Firejail project
	3	# Copyright (C) 2014-2016 Firejail Authors
	4	# License GPL v2
	5
	6	set timeout 10
	7	spawn $env(SHELL)
	8	match_max 100000
	9
	10	send -- "firejail --noprofile --protocol=unix ./syscall_test socket\r"
	11	expect {
	12	timeout {puts "TESTING ERROR 1\n";exit}
	13	"Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}
	14	"Child process initialized"
	15	}
	16	expect {
	17	timeout {puts "TESTING ERROR 1.1\n";exit}
	18	"Permission denied" {puts "TESTING SKIP: permission denied\n"; exit}
	19	"socket AF_INET"
	20	}
	21	expect {
	22	timeout {puts "TESTING ERROR 1.2\n";exit}
	23	"Operation not supported"
	24	}
	25	expect {
	26	timeout {puts "TESTING ERROR 1.3\n";exit}
	27	"socket AF_INET6"
	28	}
	29	expect {
	30	timeout {puts "TESTING ERROR 1.4\n";exit}
	31	"Operation not supported"
	32	}
	33	expect {
	34	timeout {puts "TESTING ERROR 1.5\n";exit}
	35	"socket AF_NETLINK"
	36	}
	37	expect {
	38	timeout {puts "TESTING ERROR 1.6\n";exit}
	39	"Operation not supported"
	40	}
	41	expect {
	42	timeout {puts "TESTING ERROR 1.7\n";exit}
	43	"socket AF_UNIX"
	44	}
	45	expect {
	46	timeout {puts "TESTING ERROR 1.8\n";exit}
	47	"socket AF_PACKETX"
	48	}
	49	expect {
	50	timeout {puts "TESTING ERROR 1.9\n";exit}
	51	"Operation not supported"
	52	}
	53	sleep 1
	54
	55	send -- "firejail --noprofile --protocol=inet6,packet ./syscall_test socket\r"
	56	expect {
	57	timeout {puts "TESTING ERROR 2\n";exit}
	58	"Child process initialized"
	59	}
	60	expect {
	61	timeout {puts "TESTING ERROR 2.1\n";exit}
	62	"socket AF_INET"
	63	}
	64	expect {
	65	timeout {puts "TESTING ERROR 2.2\n";exit}
	66	"Operation not supported"
	67	}
	68	expect {
	69	timeout {puts "TESTING ERROR 2.3\n";exit}
	70	"socket AF_INET6"
	71	}
	72	expect {
	73	timeout {puts "TESTING ERROR 2.4\n";exit}
	74	"socket AF_NETLINK"
	75	}
	76	expect {
	77	timeout {puts "TESTING ERROR 2.5\n";exit}
	78	"Operation not supported"
	79	}
	80	expect {
	81	timeout {puts "TESTING ERROR 2.6\n";exit}
	82	"socket AF_UNIX"
	83	}
	84	expect {
	85	timeout {puts "TESTING ERROR 2.7\n";exit}
	86	"Operation not supported"
	87	}
	88	expect {
	89	timeout {puts "TESTING ERROR 2.8\n";exit}
	90	"socket AF_PACKETX"
	91	}
	92	expect {
	93	timeout {puts "TESTING ERROR 2.9\n";exit}
	94	"after socket"
	95	}
	96	sleep 1
	97
	98	# profile testing
	99	send -- "firejail --profile=protocol1.profile ./syscall_test socket\r"
	100	expect {
	101	timeout {puts "TESTING ERROR 3\n";exit}
	102	"Child process initialized"
	103	}
	104	expect {
	105	timeout {puts "TESTING ERROR 3.1\n";exit}
	106	"socket AF_INET"
	107	}
	108	expect {
	109	timeout {puts "TESTING ERROR 3.2\n";exit}
	110	"Operation not supported"
	111	}
	112	expect {
	113	timeout {puts "TESTING ERROR 3.3\n";exit}
	114	"socket AF_INET6"
	115	}
	116	expect {
	117	timeout {puts "TESTING ERROR 3.4\n";exit}
	118	"Operation not supported"
	119	}
	120	expect {
	121	timeout {puts "TESTING ERROR 3.5\n";exit}
	122	"socket AF_NETLINK"
	123	}
	124	expect {
	125	timeout {puts "TESTING ERROR 3.6\n";exit}
	126	"Operation not supported"
	127	}
	128	expect {
	129	timeout {puts "TESTING ERROR 3.7\n";exit}
	130	"socket AF_UNIX"
	131	}
	132	expect {
	133	timeout {puts "TESTING ERROR 3.8\n";exit}
	134	"socket AF_PACKETX"
	135	}
	136	expect {
	137	timeout {puts "TESTING ERROR 3.9\n";exit}
	138	"Operation not supported"
	139	}
	140	sleep 1
	141
	142	send -- "firejail --profile=protocol2.profile ./syscall_test socket\r"
	143	expect {
	144	timeout {puts "TESTING ERROR 4\n";exit}
	145	"Child process initialized"
	146	}
	147	expect {
	148	timeout {puts "TESTING ERROR 4.1\n";exit}
	149	"socket AF_INET"
	150	}
	151	expect {
	152	timeout {puts "TESTING ERROR 4.2\n";exit}
	153	"Operation not supported"
	154	}
	155	expect {
	156	timeout {puts "TESTING ERROR 4.3\n";exit}
	157	"socket AF_INET6"
	158	}
	159	expect {
	160	timeout {puts "TESTING ERROR 4.4\n";exit}
	161	"socket AF_NETLINK"
	162	}
	163	expect {
	164	timeout {puts "TESTING ERROR 4.5\n";exit}
	165	"Operation not supported"
	166	}
	167	expect {
	168	timeout {puts "TESTING ERROR 4.6\n";exit}
	169	"socket AF_UNIX"
	170	}
	171	expect {
	172	timeout {puts "TESTING ERROR 4.7\n";exit}
	173	"Operation not supported"
	174	}
	175	expect {
	176	timeout {puts "TESTING ERROR 4.8\n";exit}
	177	"socket AF_PACKETX"
	178	}
	179	expect {
	180	timeout {puts "TESTING ERROR 4.9\n";exit}
	181	"after socket"
	182	}
	183	after 100
	184
	185	puts "\nall done\n"