(mock_pf_get_dev, mock_ioctl, mock_pfctl)
| 172 | @patch('sshuttle.methods.pf.ioctl') |
| 173 | @patch('sshuttle.methods.pf.pf_get_dev') |
| 174 | def test_setup_firewall_darwin(mock_pf_get_dev, mock_ioctl, mock_pfctl): |
| 175 | mock_pfctl.side_effect = pfctl |
| 176 | |
| 177 | method = get_method('pf') |
| 178 | assert method.name == 'pf' |
| 179 | |
| 180 | # IPV6 |
| 181 | |
| 182 | method.setup_firewall( |
| 183 | 1024, 1026, |
| 184 | [(AF_INET6, u'2404:6800:4004:80c::33')], |
| 185 | AF_INET6, |
| 186 | [(AF_INET6, 64, False, u'2404:6800:4004:80c::', 8000, 9000), |
| 187 | (AF_INET6, 128, True, u'2404:6800:4004:80c::101f', 8080, 8080)], |
| 188 | False, |
| 189 | None, |
| 190 | None, |
| 191 | '0x01') |
| 192 | assert mock_ioctl.mock_calls == [ |
| 193 | call(mock_pf_get_dev(), 0xC4704433, ANY), |
| 194 | call(mock_pf_get_dev(), 0xCC20441A, ANY), |
| 195 | call(mock_pf_get_dev(), 0xCC20441A, ANY), |
| 196 | call(mock_pf_get_dev(), 0xC4704433, ANY), |
| 197 | call(mock_pf_get_dev(), 0xCC20441A, ANY), |
| 198 | call(mock_pf_get_dev(), 0xCC20441A, ANY), |
| 199 | ] |
| 200 | assert mock_pfctl.mock_calls == [ |
| 201 | call('-s Interfaces -i lo -v'), |
| 202 | call('-f /dev/stdin', b'pass on lo\n'), |
| 203 | call('-s all'), |
| 204 | call('-a sshuttle6-1024 -f /dev/stdin', |
| 205 | b'table <dns_servers> {2404:6800:4004:80c::33}\n' |
| 206 | b'rdr pass on lo0 inet6 proto tcp from ! ::1 to ' |
| 207 | b'2404:6800:4004:80c::/64 port 8000:9000 -> ::1 port 1024\n' |
| 208 | b'rdr pass on lo0 inet6 proto udp ' |
| 209 | b'to <dns_servers> port 53 -> ::1 port 1026\n' |
| 210 | b'pass out route-to lo0 inet6 proto tcp to ' |
| 211 | b'2404:6800:4004:80c::/64 port 8000:9000 keep state\n' |
| 212 | b'pass out inet6 proto tcp to ' |
| 213 | b'2404:6800:4004:80c::101f/128 port 8080:8080\n' |
| 214 | b'pass out route-to lo0 inet6 proto udp ' |
| 215 | b'to <dns_servers> port 53 keep state\n'), |
| 216 | call('-E'), |
| 217 | ] |
| 218 | mock_pf_get_dev.reset_mock() |
| 219 | mock_ioctl.reset_mock() |
| 220 | mock_pfctl.reset_mock() |
| 221 | |
| 222 | with pytest.raises(Exception) as excinfo: |
| 223 | method.setup_firewall( |
| 224 | 1025, 1027, |
| 225 | [(AF_INET, u'1.2.3.33')], |
| 226 | AF_INET, |
| 227 | [(AF_INET, 24, False, u'1.2.3.0', 0, 0), |
| 228 | (AF_INET, 32, True, u'1.2.3.66', 80, 80)], |
| 229 | True, |
| 230 | None, |
| 231 | None, |
nothing calls this directly
no test coverage detected