From 35004af7d8f6ff19908fb89e25e532113afa26f4 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Wed, 9 Nov 2016 19:17:06 -0500 Subject: testing --- test/network/4bridges_arp.exp | 16 ++--- test/network/4bridges_ip.exp | 16 ++--- test/network/README | 1 - test/network/bandwidth.exp | 2 +- test/network/firemon-arp.exp | 50 ++++++++++++++++ test/network/firemon-route.exp | 49 ++++++++++++++++ test/network/interface.exp | 2 +- test/network/net_ip.exp | 4 +- test/network/net_local.exp | 4 +- test/network/net_netfilter.exp | 6 +- test/network/net_profile.exp | 2 +- test/network/net_veth.exp | 130 +++++++++++++++++++++++++++++++++++++++++ test/network/network.sh | 11 ++++ 13 files changed, 266 insertions(+), 27 deletions(-) create mode 100755 test/network/firemon-arp.exp create mode 100755 test/network/firemon-route.exp create mode 100755 test/network/net_veth.exp (limited to 'test/network') diff --git a/test/network/4bridges_arp.exp b/test/network/4bridges_arp.exp index 4ffa715cc..6383aad5e 100755 --- a/test/network/4bridges_arp.exp +++ b/test/network/4bridges_arp.exp @@ -29,9 +29,9 @@ expect { timeout {puts "TESTING ERROR 0.4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 # check eth1 send -- "firejail --net=br0 --net=br1 --net=br2 --net=br3\r" @@ -55,9 +55,9 @@ expect { timeout {puts "TESTING ERROR 1.4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 # check eth2 @@ -82,9 +82,9 @@ expect { timeout {puts "TESTING ERROR 2.4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 @@ -110,9 +110,9 @@ expect { timeout {puts "TESTING ERROR 4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 diff --git a/test/network/4bridges_ip.exp b/test/network/4bridges_ip.exp index 3cfd71be0..e762ac285 100755 --- a/test/network/4bridges_ip.exp +++ b/test/network/4bridges_ip.exp @@ -29,9 +29,9 @@ expect { timeout {puts "TESTING ERROR 0.4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 # check eth1 send -- "firejail --net=br0 --net=br1 --ip=10.10.30.50 --net=br2 --ip=10.10.40.100 --net=br3\r" @@ -55,9 +55,9 @@ expect { timeout {puts "TESTING ERROR 1.4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 # check eth2 @@ -82,9 +82,9 @@ expect { timeout {puts "TESTING ERROR 2.4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 @@ -110,9 +110,9 @@ expect { timeout {puts "TESTING ERROR 4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 diff --git a/test/network/README b/test/network/README index a715d8edf..4404c53b0 100644 --- a/test/network/README +++ b/test/network/README @@ -11,5 +11,4 @@ Limitations - to be investigated and fixed: - macvlan interfaces don't seem to work correctly under VirtualBox Run the test: - $ sudo ./configure $ ./network.sh | grep TESTING diff --git a/test/network/bandwidth.exp b/test/network/bandwidth.exp index 8f3a706a8..8a2e46e04 100755 --- a/test/network/bandwidth.exp +++ b/test/network/bandwidth.exp @@ -12,7 +12,7 @@ expect { timeout {puts "TESTING ERROR 0\n";exit} "Child process initialized" } -sleep 2 +sleep 1 spawn $env(SHELL) send -- "firejail --bandwidth=test status\r" diff --git a/test/network/firemon-arp.exp b/test/network/firemon-arp.exp new file mode 100755 index 000000000..0a543c3b4 --- /dev/null +++ b/test/network/firemon-arp.exp @@ -0,0 +1,50 @@ +#!/usr/bin/expect -f + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "ping -c 3 192.168.1.1\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "3 packets transmitted" +} +sleep 1 + +send -- "firejail --name=test1\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "Child process initialized" +} +sleep 1 + +spawn $env(SHELL) +send -- "firejail --name=test2\r" +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "Child process initialized" +} +sleep 1 + +spawn $env(SHELL) +send -- "firemon --arp\r" +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "name=test1" +} +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "192.168.1.1 dev eth0 lladdr" {puts "Debian testing\n";} + "192.168.1.1 dev enp0s3 lladdr" {puts "Centos 7 testing\n";} +} +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "REACHABLE" +} +expect { + timeout {puts "TESTING ERROR 6\n";exit} + "name=test2" +} +after 100 + +puts "\nall done\n"" diff --git a/test/network/firemon-route.exp b/test/network/firemon-route.exp new file mode 100755 index 000000000..19a705778 --- /dev/null +++ b/test/network/firemon-route.exp @@ -0,0 +1,49 @@ +#!/usr/bin/expect -f + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --name=test1\r" +expect { + timeout {puts "TESTING ERROR 0\n";exit} + "Child process initialized" +} +sleep 1 + +spawn $env(SHELL) +send -- "firejail --name=test2\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "Child process initialized" +} +sleep 1 + +spawn $env(SHELL) +send -- "firemon --route\r" +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "name=test1" +} +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "0.0.0.0/0 via 192.168.1.1, dev eth0, metric 0" {puts "Debian testing\n";} + "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 1024" {puts "Centos 7 testing\n";} + "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 0" {puts "OpenSUSE testing\n";} + "0.0.0.0/0 via 192.168.1.1, dev enp0s3, metric 100" {puts "Arch testing\n";} +} +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "10.10.30.0/24, dev br1, scope link src 10.10.30.1" +} +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "10.10.50.0/24, dev br3, scope link src 10.10.50.1" +} +expect { + timeout {puts "TESTING ERROR 6\n";exit} + "name=test2" +} +after 100 + +puts "\nalldone\n" diff --git a/test/network/interface.exp b/test/network/interface.exp index b15563eec..bd8777c33 100755 --- a/test/network/interface.exp +++ b/test/network/interface.exp @@ -14,7 +14,7 @@ set chroot [lindex $argv 1] # # todo: seems to be unable to find interface eth0.7 #send -- "firejail --noprofile --interface=eth0.5 --interface=eth0.6 --interface=eth0.7\r" -send -- "firejail --noprofile --interface=eth0.7 --interface=eth0.6\r" +send -- "firejail --noprofile --interface=eth0.5 --interface=eth0.6\r" expect { timeout {puts "TESTING ERROR 0\n";exit} "Child process initialized" diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp index 32103050d..0fa84243a 100755 --- a/test/network/net_ip.exp +++ b/test/network/net_ip.exp @@ -29,9 +29,9 @@ expect { timeout {puts "TESTING ERROR 4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 # check loopback send -- "firejail --net=br0 --ip=10.10.20.5 --protocol=unix,inet,netlink\r" diff --git a/test/network/net_local.exp b/test/network/net_local.exp index b72b9adaf..d58135785 100755 --- a/test/network/net_local.exp +++ b/test/network/net_local.exp @@ -17,9 +17,9 @@ expect { timeout {puts "TESTING ERROR 4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" -sleep 2 +sleep 1 # check loopback send -- "firejail --noprofile\r" diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp index f011f3746..737485d07 100755 --- a/test/network/net_netfilter.exp +++ b/test/network/net_netfilter.exp @@ -29,7 +29,7 @@ expect { timeout {puts "TESTING ERROR 4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" sleep 1 @@ -43,7 +43,7 @@ expect { "ACCEPT icmp -- any any anywhere" {puts "TESTING ERROR 5.1\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "exit\r" sleep 1 @@ -57,7 +57,7 @@ expect { timeout {puts "TESTING ERROR 6.1\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "ping -c 1 -w 3 10.10.20.1\r" expect { timeout {puts "TESTING ERROR 6.2\n";exit} diff --git a/test/network/net_profile.exp b/test/network/net_profile.exp index dee0b2793..29008d811 100755 --- a/test/network/net_profile.exp +++ b/test/network/net_profile.exp @@ -33,7 +33,7 @@ expect { timeout {puts "TESTING ERROR 0.4\n";exit} "Child process initialized" } -sleep 2 +sleep 1 send -- "ip route show\r" expect { diff --git a/test/network/net_veth.exp b/test/network/net_veth.exp new file mode 100755 index 000000000..89dedcb24 --- /dev/null +++ b/test/network/net_veth.exp @@ -0,0 +1,130 @@ +#!/usr/bin/expect -f +# This file is part of Firejail project +# Copyright (C) 2014-2016 Firejail Authors +# License GPL v2 + +set timeout 10 +spawn $env(SHELL) +match_max 100000 + +send -- "firejail --net=eth0\r" +expect { + timeout {puts "TESTING ERROR 1\n";exit} + "lo" +} +expect { + timeout {puts "TESTING ERROR 2\n";exit} + "127.0.0.1" +} +expect { + timeout {puts "TESTING ERROR 3\n";exit} + "255.0.0.0" +} +expect { + timeout {puts "TESTING ERROR 4\n";exit} + "UP" +} +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "eth0-" +} +expect { + timeout {puts "TESTING ERROR 6\n";exit} + "255.255.255.0" +} +expect { + timeout {puts "TESTING ERROR 7\n";exit} + "UP" +} +expect { + timeout {puts "TESTING ERROR 8\n";exit} + "Default gateway" +} +expect { + timeout {puts "TESTING ERROR 9\n";exit} + "Child process initialized" +} +sleep 1 +send -- "exit\r" +sleep 1 + +send -- "firejail --net=eth0 --net=eth0 --net=eth0 --net=eth0\r" +expect { + timeout {puts "TESTING ERROR 11\n";exit} + "lo" +} +expect { + timeout {puts "TESTING ERROR 12\n";exit} + "127.0.0.1" +} +expect { + timeout {puts "TESTING ERROR 13\n";exit} + "255.0.0.0" +} +expect { + timeout {puts "TESTING ERROR 14\n";exit} + "UP" +} +expect { + timeout {puts "TESTING ERROR 15\n";exit} + "eth0-" +} +expect { + timeout {puts "TESTING ERROR 16\n";exit} + "255.255.255.0" +} +expect { + timeout {puts "TESTING ERROR 17\n";exit} + "UP" +} +expect { + timeout {puts "TESTING ERROR 18\n";exit} + "eth1-" +} +expect { + timeout {puts "TESTING ERROR 19\n";exit} + "255.255.255.0" +} +expect { + timeout {puts "TESTING ERROR 20\n";exit} + "UP" +} +expect { + timeout {puts "TESTING ERROR 5\n";exit} + "eth2-" +} +expect { + timeout {puts "TESTING ERROR 21\n";exit} + "255.255.255.0" +} +expect { + timeout {puts "TESTING ERROR 22\n";exit} + "UP" +} +expect { + timeout {puts "TESTING ERROR 23\n";exit} + "eth3-" +} +expect { + timeout {puts "TESTING ERROR 24\n";exit} + "255.255.255.0" +} +expect { + timeout {puts "TESTING ERROR 25\n";exit} + "UP" +} +expect { + timeout {puts "TESTING ERROR 26\n";exit} + "Default gateway" +} +expect { + timeout {puts "TESTING ERROR 27\n";exit} + "Child process initialized" +} +sleep 1 +send -- "exit\r" + +after 100 + +puts "\n" + diff --git a/test/network/network.sh b/test/network/network.sh index e0087411d..28f707952 100755 --- a/test/network/network.sh +++ b/test/network/network.sh @@ -6,6 +6,14 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) +sudo ./configure + +echo "TESTING: firemon arp (firemon-arp.exp)" +./firemon-arp.exp + +echo "TESTING: firemon route (firemon-route.exp)" +./firemon-route.exp + echo "TESTING: network profile (net_profile.exp)" ./net_profile.exp @@ -58,6 +66,9 @@ echo "TESTING: scan (net_scan.exp)" echo "TESTING: interface (interface.exp)" ./interface.exp +echo "TESTING: veth (net_veth.exp)" +./net_veth.exp + echo "TESTING: netfilter (net_netfilter.exp)" ./net_netfilter.exp -- cgit v1.2.3-54-g00ecf