diff options
Diffstat (limited to 'test')
-rwxr-xr-x | test/network/hostname.exp | 31 | ||||
-rwxr-xr-x | test/network/net_ip.exp | 77 | ||||
-rwxr-xr-x | test/network/net_mac.exp | 5 | ||||
-rwxr-xr-x | test/network/net_none.exp | 52 | ||||
-rwxr-xr-x | test/network/network.sh | 183 |
5 files changed, 157 insertions, 191 deletions
diff --git a/test/network/hostname.exp b/test/network/hostname.exp deleted file mode 100755 index 42af84847..000000000 --- a/test/network/hostname.exp +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "firejail --hostname=bingo --noprofile\r" | ||
11 | expect { | ||
12 | timeout {puts "TESTING ERROR 1\n";exit} | ||
13 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
14 | } | ||
15 | sleep 1 | ||
16 | send -- "stty -echo\r" | ||
17 | after 100 | ||
18 | |||
19 | send -- "ping -c 3 bingo; echo done\r" | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 2\n";exit} | ||
22 | "3 packets transmitted, 3 received" | ||
23 | } | ||
24 | expect { | ||
25 | timeout {puts "TESTING ERROR 3\n";exit} | ||
26 | "done" | ||
27 | } | ||
28 | send -- "exit\r" | ||
29 | after 100 | ||
30 | |||
31 | puts "all done\n" | ||
diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp index 48d8a75fb..304b71814 100755 --- a/test/network/net_ip.exp +++ b/test/network/net_ip.exp | |||
@@ -7,70 +7,95 @@ set timeout 10 | |||
7 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | # check ip address | 10 | send -- "firejail --net=br0 cat /proc/1/net/dev\r" |
11 | send -- "firejail --net=br0 --ip=10.10.20.5\r" | ||
12 | expect { | 11 | expect { |
13 | timeout {puts "TESTING ERROR 0\n";exit} | 12 | timeout {puts "TESTING ERROR 0\n";exit} |
14 | "eth0" | 13 | "eth0" |
15 | } | 14 | } |
16 | expect { | 15 | expect { |
17 | timeout {puts "TESTING ERROR 1\n";exit} | 16 | timeout {puts "TESTING ERROR 1\n";exit} |
18 | "10.10.20.5" | 17 | "10.10.20." |
19 | } | 18 | } |
20 | expect { | 19 | expect { |
21 | timeout {puts "TESTING ERROR 2\n";exit} | 20 | timeout {puts "TESTING ERROR 2\n";exit} |
22 | "255.255.255.248" | 21 | "255.255.255.0" |
23 | } | 22 | } |
24 | expect { | 23 | expect { |
25 | timeout {puts "TESTING ERROR 3\n";exit} | 24 | timeout {puts "TESTING ERROR 3\n";exit} |
26 | "UP" | 25 | "UP" |
27 | } | 26 | } |
28 | expect { | 27 | expect { |
28 | timeout {puts "TESTING ERROR 3\n";exit} | ||
29 | "Default gateway 10.10.20.1" | ||
30 | } | ||
31 | expect { | ||
29 | timeout {puts "TESTING ERROR 4\n";exit} | 32 | timeout {puts "TESTING ERROR 4\n";exit} |
30 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | 33 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" |
31 | } | 34 | } |
32 | sleep 1 | ||
33 | send -- "exit\r" | ||
34 | sleep 1 | ||
35 | |||
36 | # check loopback | ||
37 | send -- "firejail --net=br0 --ip=10.10.20.5 --protocol=unix,inet,netlink\r" | ||
38 | expect { | 35 | expect { |
39 | timeout {puts "TESTING ERROR 5\n";exit} | 36 | timeout {puts "TESTING ERROR 5\n";exit} |
40 | "lo" | 37 | "lo:" |
41 | } | 38 | } |
42 | expect { | 39 | expect { |
43 | timeout {puts "TESTING ERROR 6\n";exit} | 40 | timeout {puts "TESTING ERROR 6\n";exit} |
44 | "127.0.0.1" | 41 | "eth0:" |
45 | } | 42 | } |
43 | after 500 | ||
44 | |||
45 | send -- "firejail --net=br0 --ip=10.10.20.5 cat /proc/1/net/dev\r" | ||
46 | expect { | 46 | expect { |
47 | timeout {puts "TESTING ERROR 7\n";exit} | 47 | timeout {puts "TESTING ERROR 7\n";exit} |
48 | "255.0.0.0" | 48 | "eth0" |
49 | } | 49 | } |
50 | expect { | 50 | expect { |
51 | timeout {puts "TESTING ERROR 8\n";exit} | 51 | timeout {puts "TESTING ERROR 8\n";exit} |
52 | "UP" | 52 | "10.10.20.5" |
53 | } | 53 | } |
54 | expect { | 54 | expect { |
55 | timeout {puts "TESTING ERROR 9\n";exit} | 55 | timeout {puts "TESTING ERROR 9\n";exit} |
56 | "255.255.255.0" | ||
57 | } | ||
58 | expect { | ||
59 | timeout {puts "TESTING ERROR 10\n";exit} | ||
60 | "UP" | ||
61 | } | ||
62 | expect { | ||
63 | timeout {puts "TESTING ERROR 11\n";exit} | ||
64 | "Default gateway 10.10.20.1" | ||
65 | } | ||
66 | expect { | ||
67 | timeout {puts "TESTING ERROR 12\n";exit} | ||
56 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | 68 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" |
57 | } | 69 | } |
58 | sleep 1 | 70 | after 500 |
59 | 71 | ||
60 | # check default gateway | 72 | send -- "firejail --net=br0 --ip=10.10.50.5 cat /proc/1/net/dev\r" |
61 | send -- "ip route show\r" | ||
62 | expect { | 73 | expect { |
63 | timeout {puts "TESTING ERROR 10.1\n";exit} | 74 | timeout {puts "TESTING ERROR 13\n";exit} |
64 | "default via 10.10.20.1 dev eth0" | 75 | "the IP address is not in the interface range" |
65 | } | 76 | } |
77 | after 500 | ||
66 | 78 | ||
67 | send -- "ip route show\r" | 79 | send -- "firejail --net=br0 --defaultgw=10.10.20.2 cat /proc/1/net/dev\r" |
68 | expect { | 80 | expect { |
69 | timeout {puts "TESTING ERROR 10\n";exit} | 81 | timeout {puts "TESTING ERROR 14\n";exit} |
70 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "old iproute2\n";} | 82 | "Default gateway 10.10.20.2" |
71 | "10.10.20.0/29 dev eth0 proto kernel scope link" {puts "new iproute2\n";} | ||
72 | } | 83 | } |
73 | send -- "exit\r" | 84 | expect { |
74 | after 100 | 85 | timeout {puts "TESTING ERROR 14\n";exit} |
86 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | ||
87 | } | ||
88 | after 500 | ||
75 | 89 | ||
76 | puts "\n" | 90 | send -- "firejail --net=br0 --defaultgw=10.110.210.2 cat /proc/1/net/dev\r" |
91 | expect { | ||
92 | timeout {puts "TESTING ERROR 16\n";exit} | ||
93 | "default gateway 10.110.210.2 is not in the range of any network" | ||
94 | } | ||
95 | after 500 | ||
96 | |||
97 | |||
98 | |||
99 | |||
100 | after 100 | ||
101 | puts "\nall done\n" | ||
diff --git a/test/network/net_mac.exp b/test/network/net_mac.exp index 086efd02c..481e452af 100755 --- a/test/network/net_mac.exp +++ b/test/network/net_mac.exp | |||
@@ -8,7 +8,7 @@ spawn $env(SHELL) | |||
8 | match_max 100000 | 8 | match_max 100000 |
9 | 9 | ||
10 | # check ip address | 10 | # check ip address |
11 | send -- "firejail --net=br0 --ip=10.10.20.5 --mac=00:11:22:33:44:55\r" | 11 | send -- "firejail --net=br0 --ip=10.10.20.5 --mac=00:11:22:33:44:55 cat /proc/1/net/dev\r" |
12 | expect { | 12 | expect { |
13 | timeout {puts "TESTING ERROR 0\n";exit} | 13 | timeout {puts "TESTING ERROR 0\n";exit} |
14 | "eth0" | 14 | "eth0" |
@@ -23,7 +23,7 @@ expect { | |||
23 | } | 23 | } |
24 | expect { | 24 | expect { |
25 | timeout {puts "TESTING ERROR 2\n";exit} | 25 | timeout {puts "TESTING ERROR 2\n";exit} |
26 | "255.255.255.248" | 26 | "255.255.255.0" |
27 | } | 27 | } |
28 | expect { | 28 | expect { |
29 | timeout {puts "TESTING ERROR 3\n";exit} | 29 | timeout {puts "TESTING ERROR 3\n";exit} |
@@ -33,7 +33,6 @@ expect { | |||
33 | timeout {puts "TESTING ERROR 4\n";exit} | 33 | timeout {puts "TESTING ERROR 4\n";exit} |
34 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | 34 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" |
35 | } | 35 | } |
36 | send -- "exit\r" | ||
37 | after 100 | 36 | after 100 |
38 | 37 | ||
39 | puts "\nall done\n" | 38 | puts "\nall done\n" |
diff --git a/test/network/net_none.exp b/test/network/net_none.exp index aa071862e..6932c7e8a 100755 --- a/test/network/net_none.exp +++ b/test/network/net_none.exp | |||
@@ -11,63 +11,31 @@ match_max 100000 | |||
11 | send -- "firejail --net=none\r" | 11 | send -- "firejail --net=none\r" |
12 | expect { | 12 | expect { |
13 | timeout {puts "TESTING ERROR 0\n";exit} | 13 | timeout {puts "TESTING ERROR 0\n";exit} |
14 | "eth0" {puts "TESTING ERROR 0.1\n";exit} | ||
15 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | 14 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" |
16 | } | 15 | } |
17 | sleep 1 | 16 | after 500 |
18 | 17 | ||
19 | # test default gw | 18 | send -- "cat /proc/1/net/dev | wc -l\r" |
20 | send -- "bash\r" | ||
21 | sleep 1 | ||
22 | send -- "stty -echo\r" | ||
23 | after 100 | ||
24 | |||
25 | send -- "netstat -rn; echo done\r" | ||
26 | expect { | 19 | expect { |
27 | timeout {puts "TESTING ERROR 1\n";exit} | 20 | timeout {puts "TESTING ERROR 1\n";exit} |
28 | "0.0.0.0" {puts "TESTING ERROR 1.1\n";exit} | 21 | "3" |
29 | "done" | ||
30 | } | 22 | } |
31 | sleep 1 | ||
32 | |||
33 | # check again devices | ||
34 | send -- "cat /proc/1/net/dev;echo done\r" | ||
35 | expect { | ||
36 | timeout {puts "TESTING ERROR 2\n";exit} | ||
37 | "eth0" {puts "TESTING ERROR 2.1\n";exit} | ||
38 | "done" | ||
39 | } | ||
40 | send -- "exit\r" | ||
41 | sleep 1 | ||
42 | send -- "exit\r" | 23 | send -- "exit\r" |
43 | sleep 1 | 24 | after 500 |
25 | |||
44 | 26 | ||
45 | # profile | 27 | # profile |
46 | send -- "firejail --profile=net_none.profile\r" | 28 | send -- "firejail --profile=net_none.profile\r" |
47 | expect { | 29 | expect { |
48 | timeout {puts "TESTING ERROR 3\n";exit} | 30 | timeout {puts "TESTING ERROR 2\n";exit} |
49 | "eth0" {puts "TESTING ERROR 3.1\n";exit} | ||
50 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" | 31 | -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms" |
51 | } | 32 | } |
52 | sleep 1 | 33 | after 500 |
53 | 34 | ||
54 | # test default gw | 35 | send -- "cat /proc/1/net/dev | wc -l\r" |
55 | send -- "bash\r" | ||
56 | sleep 1 | ||
57 | send -- "netstat -rn; echo done\r" | ||
58 | expect { | 36 | expect { |
59 | timeout {puts "TESTING ERROR 4\n";exit} | 37 | timeout {puts "TESTING ERROR 3\n";exit} |
60 | "0.0.0.0" {puts "TESTING ERROR 4.1\n";exit} | 38 | "3" |
61 | "done" | ||
62 | } | ||
63 | sleep 1 | ||
64 | |||
65 | # check again devices | ||
66 | send -- "cat /proc/1/net/dev;echo done\r" | ||
67 | expect { | ||
68 | timeout {puts "TESTING ERROR 5\n";exit} | ||
69 | "eth0" {puts "TESTING ERROR 5.1\n";exit} | ||
70 | "done" | ||
71 | } | 39 | } |
72 | send -- "exit\r" | 40 | send -- "exit\r" |
73 | after 100 | 41 | after 100 |
diff --git a/test/network/network.sh b/test/network/network.sh index 0cb92f2e3..6bb8332ee 100755 --- a/test/network/network.sh +++ b/test/network/network.sh | |||
@@ -7,46 +7,13 @@ export MALLOC_CHECK_=3 | |||
7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) | 7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) |
8 | export LC_ALL=C | 8 | export LC_ALL=C |
9 | 9 | ||
10 | sudo ./configure | 10 | sudo brctl addbr br0 |
11 | 11 | sudo ip link set br0 up | |
12 | echo "TESTING: unconfigured network (net_unconfigured.exp)" | 12 | sudo ip addr add 10.10.20.1/24 dev br0 |
13 | ./net_unconfigured.exp | 13 | sudo brctl addbr br1 |
14 | 14 | sudo ip link set br1 up | |
15 | echo "TESTING: netfilter template (netfilter-template.exp)" | 15 | sudo ip addr add 10.10.30.1/24 dev br1 |
16 | rm -f ./tcpserver | 16 | ip addr show |
17 | gcc -o tcpserver tcpserver.c | ||
18 | ./netfilter-template.exp | ||
19 | rm ./tcpserver | ||
20 | |||
21 | echo "TESTING: firemon interface (firemon-interfaces.exp)" | ||
22 | sudo ./firemon-interfaces.exp | ||
23 | |||
24 | echo "TESTING: netns (netns.exp)" | ||
25 | ./netns.exp | ||
26 | |||
27 | echo "TESTING: print dns (dns-print.exp)" | ||
28 | ./dns-print.exp | ||
29 | |||
30 | echo "TESTING: firemon arp (firemon-arp.exp)" | ||
31 | ./firemon-arp.exp | ||
32 | |||
33 | echo "TESTING: firemon netstats (netstats.exp)" | ||
34 | ./netstats.exp | ||
35 | |||
36 | echo "TESTING: firemon route (firemon-route.exp)" | ||
37 | ./firemon-route.exp | ||
38 | |||
39 | echo "TESTING: network profile (net_profile.exp)" | ||
40 | ./net_profile.exp | ||
41 | |||
42 | echo "TESTING: bandwidth (bandwidth.exp)" | ||
43 | ./bandwidth.exp | ||
44 | |||
45 | echo "TESTING: IPv6 support (ip6.exp)" | ||
46 | ./ip6.exp | ||
47 | |||
48 | echo "TESTING: local network (net_local.exp)" | ||
49 | ./net_local.exp | ||
50 | 17 | ||
51 | echo "TESTING: no network (net_none.exp)" | 18 | echo "TESTING: no network (net_none.exp)" |
52 | ./net_none.exp | 19 | ./net_none.exp |
@@ -55,56 +22,94 @@ echo "TESTING: network IP (net_ip.exp)" | |||
55 | ./net_ip.exp | 22 | ./net_ip.exp |
56 | 23 | ||
57 | echo "TESTING: network MAC (net_mac.exp)" | 24 | echo "TESTING: network MAC (net_mac.exp)" |
58 | sleep 2 | ||
59 | ./net_mac.exp | 25 | ./net_mac.exp |
60 | 26 | ||
61 | echo "TESTING: network MTU (net_mtu.exp)" | ||
62 | ./net_mtu.exp | ||
63 | |||
64 | echo "TESTING: network hostname (hostname.exp)" | ||
65 | ./hostname.exp | ||
66 | |||
67 | echo "TESTING: network bad IP (net_badip.exp)" | ||
68 | ./net_badip.exp | ||
69 | |||
70 | echo "TESTING: network no IP test 1 (net_noip.exp)" | ||
71 | ./net_noip.exp | ||
72 | |||
73 | echo "TESTING: network no IP test 2 (net_noip2.exp)" | ||
74 | ./net_noip2.exp | ||
75 | |||
76 | echo "TESTING: network default gateway test 1 (net_defaultgw.exp)" | ||
77 | ./net_defaultgw.exp | ||
78 | |||
79 | echo "TESTING: network default gateway test 2 (net_defaultgw2.exp)" | ||
80 | ./net_defaultgw2.exp | ||
81 | |||
82 | echo "TESTING: network default gateway test 3 (net_defaultgw3.exp)" | ||
83 | ./net_defaultgw3.exp | ||
84 | |||
85 | echo "TESTING: scan (net_scan.exp)" | ||
86 | ./net_scan.exp | ||
87 | |||
88 | echo "TESTING: interface (interface.exp)" | ||
89 | ./interface.exp | ||
90 | |||
91 | echo "TESTING: veth (net_veth.exp)" | ||
92 | ./net_veth.exp | ||
93 | |||
94 | echo "TESTING: netfilter (net_netfilter.exp)" | ||
95 | ./net_netfilter.exp | ||
96 | |||
97 | echo "TESTING: iprange (iprange.exp)" | ||
98 | ./iprange.exp | ||
99 | |||
100 | echo "TESTING: veth-name (veth-name.exp)" | ||
101 | ./veth-name.exp | ||
102 | |||
103 | echo "TESTING: macvlan2 (net_macvlan2.exp)" | ||
104 | ./net_macvlan2.exp | ||
105 | 27 | ||
106 | echo "TESTING: 4 bridges ARP (4bridges_arp.exp)" | ||
107 | ./4bridges_arp.exp | ||
108 | 28 | ||
109 | echo "TESTING: 4 bridges IP (4bridges_ip.exp)" | 29 | #echo "TESTING: unconfigured network (net_unconfigured.exp)" |
110 | ./4bridges_ip.exp | 30 | #./net_unconfigured.exp |
31 | # | ||
32 | #echo "TESTING: netfilter template (netfilter-template.exp)" | ||
33 | #rm -f ./tcpserver | ||
34 | #gcc -o tcpserver tcpserver.c | ||
35 | #./netfilter-template.exp | ||
36 | #rm ./tcpserver | ||
37 | # | ||
38 | #echo "TESTING: firemon interface (firemon-interfaces.exp)" | ||
39 | #sudo ./firemon-interfaces.exp | ||
40 | # | ||
41 | #echo "TESTING: netns (netns.exp)" | ||
42 | #./netns.exp | ||
43 | # | ||
44 | #echo "TESTING: print dns (dns-print.exp)" | ||
45 | #./dns-print.exp | ||
46 | # | ||
47 | #echo "TESTING: firemon arp (firemon-arp.exp)" | ||
48 | #./firemon-arp.exp | ||
49 | # | ||
50 | #echo "TESTING: firemon netstats (netstats.exp)" | ||
51 | #./netstats.exp | ||
52 | # | ||
53 | #echo "TESTING: firemon route (firemon-route.exp)" | ||
54 | #./firemon-route.exp | ||
55 | # | ||
56 | #echo "TESTING: network profile (net_profile.exp)" | ||
57 | #./net_profile.exp | ||
58 | # | ||
59 | #echo "TESTING: bandwidth (bandwidth.exp)" | ||
60 | #./bandwidth.exp | ||
61 | # | ||
62 | #echo "TESTING: IPv6 support (ip6.exp)" | ||
63 | #./ip6.exp | ||
64 | # | ||
65 | #echo "TESTING: local network (net_local.exp)" | ||
66 | #./net_local.exp | ||
67 | # | ||
68 | # | ||
69 | #echo "TESTING: network MTU (net_mtu.exp)" | ||
70 | #./net_mtu.exp | ||
71 | # | ||
72 | #echo "TESTING: network bad IP (net_badip.exp)" | ||
73 | #./net_badip.exp | ||
74 | # | ||
75 | #echo "TESTING: network no IP test 1 (net_noip.exp)" | ||
76 | #./net_noip.exp | ||
77 | # | ||
78 | #echo "TESTING: network no IP test 2 (net_noip2.exp)" | ||
79 | #./net_noip2.exp | ||
80 | # | ||
81 | #echo "TESTING: network default gateway test 1 (net_defaultgw.exp)" | ||
82 | #./net_defaultgw.exp | ||
83 | # | ||
84 | #echo "TESTING: network default gateway test 2 (net_defaultgw2.exp)" | ||
85 | #./net_defaultgw2.exp | ||
86 | # | ||
87 | #echo "TESTING: network default gateway test 3 (net_defaultgw3.exp)" | ||
88 | #./net_defaultgw3.exp | ||
89 | # | ||
90 | #echo "TESTING: scan (net_scan.exp)" | ||
91 | #./net_scan.exp | ||
92 | # | ||
93 | #echo "TESTING: interface (interface.exp)" | ||
94 | #./interface.exp | ||
95 | # | ||
96 | #echo "TESTING: veth (net_veth.exp)" | ||
97 | #./net_veth.exp | ||
98 | # | ||
99 | #echo "TESTING: netfilter (net_netfilter.exp)" | ||
100 | #./net_netfilter.exp | ||
101 | # | ||
102 | #echo "TESTING: iprange (iprange.exp)" | ||
103 | #./iprange.exp | ||
104 | # | ||
105 | #echo "TESTING: veth-name (veth-name.exp)" | ||
106 | #./veth-name.exp | ||
107 | # | ||
108 | #echo "TESTING: macvlan2 (net_macvlan2.exp)" | ||
109 | #./net_macvlan2.exp | ||
110 | # | ||
111 | #echo "TESTING: 4 bridges ARP (4bridges_arp.exp)" | ||
112 | #./4bridges_arp.exp | ||
113 | # | ||
114 | #echo "TESTING: 4 bridges IP (4bridges_ip.exp)" | ||
115 | #./4bridges_ip.exp | ||