From 723dde8d085f6b2510fcf210721d0de8e8f14a86 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Tue, 3 May 2016 10:33:10 -0400 Subject: networking features testing --- Makefile.in | 4 ++++ test/network/4bridges_arp.exp | 3 +++ test/network/4bridges_ip.exp | 3 +++ test/network/README | 15 +++++++++++++++ test/network/bandwidth.exp | 7 +++++-- test/network/configure | 3 +++ test/network/hostname.exp | 9 ++++++--- test/network/ip6.exp | 3 +++ test/network/net_arp.exp | 3 +++ test/network/net_badip.exp | 3 +++ test/network/net_defaultgw.exp | 3 +++ test/network/net_defaultgw2.exp | 3 +++ test/network/net_defaultgw3.exp | 3 +++ test/network/net_interface.exp | 3 +++ test/network/net_ip.exp | 3 +++ test/network/net_local.exp | 3 +++ test/network/net_mac.exp | 3 +++ test/network/net_macvlan.exp | 3 +++ test/network/net_mtu.exp | 3 +++ test/network/net_netfilter.exp | 3 +++ test/network/net_noip.exp | 11 +++++++---- test/network/net_noip2.exp | 11 +++++++---- test/network/net_none.exp | 21 ++++++++++++--------- test/network/net_profile.exp | 3 +++ 24 files changed, 107 insertions(+), 22 deletions(-) create mode 100644 test/network/README diff --git a/Makefile.in b/Makefile.in index 8a6e8fa01..3f937b532 100644 --- a/Makefile.in +++ b/Makefile.in @@ -254,6 +254,7 @@ dist: cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/compile test/.; cd .. cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/dist-compile test/.; cd .. cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/filters test/.; cd .. + cd $(NAME)-$(VERSION); mkdir -p test; cp -a ../test/network test/.; cd .. cd $(NAME)-$(VERSION); rm -fr `find . -name .svn`; rm -fr $(NAME)-$(VERSION); cd .. tar -cjvf $(NAME)-$(VERSION).tar.bz2 $(NAME)-$(VERSION) rm -fr $(NAME)-$(VERSION) @@ -300,5 +301,8 @@ test-environment: test-filters: cd test/filters; ./filters.sh | grep TESTING +test-network: + echo "Please read test/netwok/README file and run the test manually" + test: test-profiles test-utils test-environment test-apps test-apps-x11 echo "TEST COMPLETE" diff --git a/test/network/4bridges_arp.exp b/test/network/4bridges_arp.exp index 6a3e6db2a..f769df43b 100755 --- a/test/network/4bridges_arp.exp +++ b/test/network/4bridges_arp.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/4bridges_ip.exp b/test/network/4bridges_ip.exp index 8068aeebb..db7a61867 100755 --- a/test/network/4bridges_ip.exp +++ b/test/network/4bridges_ip.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/README b/test/network/README new file mode 100644 index 000000000..27e5667a2 --- /dev/null +++ b/test/network/README @@ -0,0 +1,15 @@ +Warning: this test requires root access to configure a number of bridge, macvlan and +vlan devices. Please take a look at configure file. By the time you are finished testing, +you'll probably have to reboot the computer to get your networking subsytem +back to normal. + +Limitations - to be investigated and fixed: + - the test is assuming an eth0 wired interface to be present + - using netstat and ifconfig - this needs to be moved to iproute2 utilities + - configure script inserts an entry in system netfilter configuration + - the test will probably not work on grsecurity settings + - macvlan interfaces don't seem to work correctly under VirtualBox + +Run the test: + $ sudo ./configure + $ ./network.sh | grep TESTING diff --git a/test/network/bandwidth.exp b/test/network/bandwidth.exp index 33b351296..a3dc9b55f 100755 --- a/test/network/bandwidth.exp +++ b/test/network/bandwidth.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) @@ -51,11 +54,11 @@ expect { } sleep 1 -send -- "firejail --bandwidth=test status; pwd\r" +send -- "firejail --bandwidth=test status; echo done\r" expect { timeout {puts "TESTING ERROR 8\n";exit} "rate 80Kbit burst 10Kb" {puts "TESTING ERROR 9\n";exit} - "home" {puts "ok\n"} + "done" } sleep 1 diff --git a/test/network/configure b/test/network/configure index 788c5a9a0..35d938340 100755 --- a/test/network/configure +++ b/test/network/configure @@ -1,4 +1,7 @@ #!/bin/bash +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 brctl addbr br0 ifconfig br0 10.10.20.1/29 up diff --git a/test/network/hostname.exp b/test/network/hostname.exp index 4e5c7e073..53f24f7b1 100755 --- a/test/network/hostname.exp +++ b/test/network/hostname.exp @@ -1,24 +1,27 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) match_max 100000 -send -- "firejail --hostname=baluba --noprofile\r" +send -- "firejail --hostname=bingo --noprofile\r" expect { timeout {puts "TESTING ERROR 1\n";exit} "Child process initialized" } sleep 1 -send -- "ping -c 3 baluba;pwd\r" +send -- "ping -c 3 bingo; echo done\r" expect { timeout {puts "TESTING ERROR 2\n";exit} "3 packets transmitted, 3 received" } expect { timeout {puts "TESTING ERROR 3\n";exit} - "home" + "done" } sleep 1 diff --git a/test/network/ip6.exp b/test/network/ip6.exp index fba47d095..2cd756a1d 100755 --- a/test/network/ip6.exp +++ b/test/network/ip6.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_arp.exp b/test/network/net_arp.exp index 9e07744f3..f27f85814 100755 --- a/test/network/net_arp.exp +++ b/test/network/net_arp.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_badip.exp b/test/network/net_badip.exp index 71b69e104..8003252d6 100755 --- a/test/network/net_badip.exp +++ b/test/network/net_badip.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_defaultgw.exp b/test/network/net_defaultgw.exp index 840f2ccac..5534b7706 100755 --- a/test/network/net_defaultgw.exp +++ b/test/network/net_defaultgw.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_defaultgw2.exp b/test/network/net_defaultgw2.exp index db14e17cb..86f204e8c 100755 --- a/test/network/net_defaultgw2.exp +++ b/test/network/net_defaultgw2.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_defaultgw3.exp b/test/network/net_defaultgw3.exp index 64da9dfca..30150938f 100755 --- a/test/network/net_defaultgw3.exp +++ b/test/network/net_defaultgw3.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_interface.exp b/test/network/net_interface.exp index 4b55187ff..2e6619938 100755 --- a/test/network/net_interface.exp +++ b/test/network/net_interface.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp index f5d487ecc..0eff212dd 100755 --- a/test/network/net_ip.exp +++ b/test/network/net_ip.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_local.exp b/test/network/net_local.exp index 642213658..60ab2af05 100755 --- a/test/network/net_local.exp +++ b/test/network/net_local.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_mac.exp b/test/network/net_mac.exp index 076634730..5c48be9fd 100755 --- a/test/network/net_mac.exp +++ b/test/network/net_mac.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_macvlan.exp b/test/network/net_macvlan.exp index 20d022de9..ca503c26a 100755 --- a/test/network/net_macvlan.exp +++ b/test/network/net_macvlan.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_mtu.exp b/test/network/net_mtu.exp index 7943b2866..21b9aa5cb 100755 --- a/test/network/net_mtu.exp +++ b/test/network/net_mtu.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp index 989fcc407..f011f3746 100755 --- a/test/network/net_netfilter.exp +++ b/test/network/net_netfilter.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) diff --git a/test/network/net_noip.exp b/test/network/net_noip.exp index 8d28adb39..3fb53d860 100755 --- a/test/network/net_noip.exp +++ b/test/network/net_noip.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) @@ -16,24 +19,24 @@ send -- "bash\r" sleep 1 # no default gateway configured -send -- "netstat -rn;pwd\r" +send -- "netstat -rn;echo done\r" expect { timeout {puts "TESTING ERROR 2\n";exit} "0.0.0.0" {puts "TESTING ERROR 3\n";exit} "eth0" {puts "TESTING ERROR 4\n";exit} - "home" + "done" } sleep 1 # eth0 configured -send -- "/sbin/ifconfig;pwd\r" +send -- "/sbin/ifconfig;echo done\r" expect { timeout {puts "TESTING ERROR 5\n";exit} "eth0" } expect { timeout {puts "TESTING ERROR 6\n";exit} - "home" + "done" } after 100 diff --git a/test/network/net_noip2.exp b/test/network/net_noip2.exp index 58f90422b..cf86d7f6b 100755 --- a/test/network/net_noip2.exp +++ b/test/network/net_noip2.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) @@ -16,24 +19,24 @@ send -- "bash\r" sleep 1 # no default gateway configured -send -- "netstat -rn;pwd\r" +send -- "netstat -rn;echo done\r" expect { timeout {puts "TESTING ERROR 2\n";exit} "0.0.0.0" {puts "TESTING ERROR 3\n";exit} "eth0" {puts "TESTING ERROR 4\n";exit} - "home" + "done" } sleep 1 # eth0 configured -send -- "/sbin/ifconfig;pwd\r" +send -- "/sbin/ifconfig;echo done\r" expect { timeout {puts "TESTING ERROR 5\n";exit} "eth0" } expect { timeout {puts "TESTING ERROR 6\n";exit} - "home" + "done" } after 100 diff --git a/test/network/net_none.exp b/test/network/net_none.exp index 54b6cb946..1c1577d76 100755 --- a/test/network/net_none.exp +++ b/test/network/net_none.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) @@ -16,20 +19,20 @@ sleep 1 # test default gw send -- "bash\r" sleep 1 -send -- "netstat -rn; pwd\r" +send -- "netstat -rn; echo done\r" expect { timeout {puts "TESTING ERROR 1\n";exit} "0.0.0.0" {puts "TESTING ERROR 1.1\n";exit} - "home" + "done" } sleep 1 # check again devices -send -- "cat /proc/1/net/dev;pwd\r" +send -- "cat /proc/1/net/dev;echo done\r" expect { timeout {puts "TESTING ERROR 2\n";exit} "eth0" {puts "TESTING ERROR 2.1\n";exit} - "home" + "done" } send -- "exit\r" sleep 1 @@ -48,21 +51,21 @@ sleep 1 # test default gw send -- "bash\r" sleep 1 -send -- "netstat -rn; pwd\r" +send -- "netstat -rn; echo done\r" expect { timeout {puts "TESTING ERROR 4\n";exit} "0.0.0.0" {puts "TESTING ERROR 4.1\n";exit} - "home" + "done" } sleep 1 # check again devices -send -- "cat /proc/1/net/dev;pwd\r" +send -- "cat /proc/1/net/dev;echo done\r" expect { timeout {puts "TESTING ERROR 5\n";exit} "eth0" {puts "TESTING ERROR 5.1\n";exit} - "home" + "done" } sleep 1 -puts "\n" +puts "\nall done\n" diff --git a/test/network/net_profile.exp b/test/network/net_profile.exp index 37043c906..7e88193cc 100755 --- a/test/network/net_profile.exp +++ b/test/network/net_profile.exp @@ -1,4 +1,7 @@ #!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 set timeout 10 spawn $env(SHELL) -- cgit v1.2.3-54-g00ecf