MCPcopy
hub / github.com/sshuttle/sshuttle / test_setup_firewall

Function test_setup_firewall

tests/client/test_methods_nat.py:89–215  ·  view source on GitHub ↗
(mock_ipt_chain_exists, mock_ipt)

Source from the content-addressed store, hash-verified

87@patch('sshuttle.methods.nat.ipt')
88@patch('sshuttle.methods.nat.ipt_chain_exists')
89def test_setup_firewall(mock_ipt_chain_exists, mock_ipt):
90 mock_ipt_chain_exists.return_value = True
91 method = get_method('nat')
92 assert method.name == 'nat'
93
94 assert mock_ipt_chain_exists.mock_calls == []
95 assert mock_ipt.mock_calls == []
96 method.setup_firewall(
97 1024, 1026,
98 [(AF_INET6, u'2404:6800:4004:80c::33')],
99 AF_INET6,
100 [(AF_INET6, 64, False, u'2404:6800:4004:80c::', 0, 0),
101 (AF_INET6, 128, True, u'2404:6800:4004:80c::101f', 80, 80)],
102 False,
103 None,
104 None,
105 '0x01')
106
107 assert mock_ipt_chain_exists.mock_calls == [
108 call(AF_INET6, 'nat', 'sshuttle-1024')
109 ]
110 assert mock_ipt.mock_calls == [
111 call(AF_INET6, 'nat', '-D', 'OUTPUT', '-j', 'sshuttle-1024'),
112 call(AF_INET6, 'nat', '-D', 'PREROUTING', '-j', 'sshuttle-1024'),
113 call(AF_INET6, 'nat', '-F', 'sshuttle-1024'),
114 call(AF_INET6, 'nat', '-X', 'sshuttle-1024'),
115 call(AF_INET6, 'nat', '-N', 'sshuttle-1024'),
116 call(AF_INET6, 'nat', '-F', 'sshuttle-1024'),
117 call(AF_INET6, 'nat', '-I', 'OUTPUT', '1', '-j', 'sshuttle-1024'),
118 call(AF_INET6, 'nat', '-I', 'PREROUTING', '1', '-j', 'sshuttle-1024'),
119 call(AF_INET6, 'nat', '-A', 'sshuttle-1024', '-j', 'REDIRECT',
120 '--dest', u'2404:6800:4004:80c::33', '-p', 'udp',
121 '--dport', '53', '--to-ports', '1026'),
122 call(AF_INET6, 'nat', '-A', 'sshuttle-1024', '-j', 'RETURN',
123 '--dest', u'2404:6800:4004:80c::101f/128', '-p', 'tcp',
124 '--dport', '80:80'),
125 call(AF_INET6, 'nat', '-A', 'sshuttle-1024', '-j', 'REDIRECT',
126 '--dest', u'2404:6800:4004:80c::/64', '-p', 'tcp',
127 '--to-ports', '1024'),
128 call(AF_INET6, 'nat', '-A', 'sshuttle-1024', '-j', 'RETURN',
129 '-m', 'addrtype', '--dst-type', 'LOCAL')
130 ]
131 mock_ipt_chain_exists.reset_mock()
132 mock_ipt.reset_mock()
133
134 assert mock_ipt_chain_exists.mock_calls == []
135 assert mock_ipt.mock_calls == []
136
137 with pytest.raises(Exception) as excinfo:
138 method.setup_firewall(
139 1025, 1027,
140 [(AF_INET, u'1.2.3.33')],
141 AF_INET,
142 [(AF_INET, 24, False, u'1.2.3.0', 8000, 9000),
143 (AF_INET, 32, True, u'1.2.3.66', 8080, 8080)],
144 True,
145 None,
146 None,

Callers

nothing calls this directly

Calls 3

get_methodFunction · 0.90
setup_firewallMethod · 0.45
restore_firewallMethod · 0.45

Tested by

no test coverage detected