MCPcopy
hub / github.com/evilsocket/opensnitch / TestNetlinkTCPQueries

Function TestNetlinkTCPQueries

daemon/netlink/socket_test.go:69–116  ·  view source on GitHub ↗

TestNetlinkQueries tests queries to the kernel to get the inode of a connection. When using ProcFS as monitor method, we need that value to get the PID of an application. We also need it if for any reason auditd or ebpf doesn't return the PID of the application. TODO: test all the cases described in

(t *testing.T)

Source from the content-addressed store, hash-verified

67// We also need it if for any reason auditd or ebpf doesn't return the PID of the application.
68// TODO: test all the cases described in the GetSocketInfo() description.
69func TestNetlinkTCPQueries(t *testing.T) {
70 // netlink tests disabled by default, they cause random failures on restricted
71 // environments.
72 if os.Getenv("NETLINK_TESTS") == "" {
73 t.Skip("Skipping netlink tests. Use NETLINK_TESTS=1 to launch these tests.")
74 }
75
76 connChan := make(chan *Connection)
77 go setupConnection("tcp", connChan)
78 conn := <-connChan
79 if conn == nil {
80 t.Error("TestParseTCPConnection, conn nil")
81 }
82
83 var inodes []int
84 uid := -1
85 t.Run("Test GetSocketInfo", func(t *testing.T) {
86 uid, inodes = GetSocketInfo("tcp", conn.SrcIP, conn.SrcPort, conn.DstIP, conn.DstPort)
87
88 if len(inodes) == 0 {
89 t.Error("inodes empty")
90 }
91 if uid != os.Getuid() {
92 t.Error("GetSocketInfo UID error:", uid, os.Getuid())
93 }
94 })
95
96 t.Run("Test GetSocketInfoByInode", func(t *testing.T) {
97 socket, err := GetSocketInfoByInode(fmt.Sprint(inodes[0]))
98 if err != nil {
99 t.Error("GetSocketInfoByInode error:", err)
100 }
101 if socket == nil {
102 t.Error("GetSocketInfoByInode inode not found")
103 }
104 if socket.ID.SourcePort != uint16(conn.SrcPort) {
105 t.Error("GetSocketInfoByInode dstPort error:", socket)
106 }
107 if socket.ID.DestinationPort != uint16(conn.DstPort) {
108 t.Error("GetSocketInfoByInode dstPort error:", socket)
109 }
110 if socket.UID != uint32(os.Getuid()) {
111 t.Error("GetSocketInfoByInode UID error:", socket, os.Getuid())
112 }
113 })
114
115 conn.Listener.Close()
116}

Callers

nothing calls this directly

Calls 4

setupConnectionFunction · 0.85
GetSocketInfoFunction · 0.85
GetSocketInfoByInodeFunction · 0.85
CloseMethod · 0.65

Tested by

no test coverage detected