MCPcopy Index your code
hub / github.com/sshuttle/sshuttle / test_setup_firewall

Function test_setup_firewall

tests/client/test_methods_tproxy.py:86–292  ·  view source on GitHub ↗
(mock_ipt_chain_exists, mock_ipt)

Source from the content-addressed store, hash-verified

84@patch('sshuttle.methods.tproxy.ipt')
85@patch('sshuttle.methods.tproxy.ipt_chain_exists')
86def test_setup_firewall(mock_ipt_chain_exists, mock_ipt):
87 mock_ipt_chain_exists.return_value = True
88 method = get_method('tproxy')
89 assert method.name == 'tproxy'
90
91 # IPV6
92
93 method.setup_firewall(
94 1024, 1026,
95 [(AF_INET6, u'2404:6800:4004:80c::33')],
96 AF_INET6,
97 [(AF_INET6, 64, False, u'2404:6800:4004:80c::', 8000, 9000),
98 (AF_INET6, 128, True, u'2404:6800:4004:80c::101f', 8080, 8080)],
99 True,
100 None,
101 None,
102 '0x01')
103 assert mock_ipt_chain_exists.mock_calls == [
104 call(AF_INET6, 'mangle', 'sshuttle-m-1024'),
105 call(AF_INET6, 'mangle', 'sshuttle-t-1024'),
106 call(AF_INET6, 'mangle', 'sshuttle-d-1024')
107 ]
108 assert mock_ipt.mock_calls == [
109 call(AF_INET6, 'mangle', '-D', 'OUTPUT', '-j', 'sshuttle-m-1024'),
110 call(AF_INET6, 'mangle', '-F', 'sshuttle-m-1024'),
111 call(AF_INET6, 'mangle', '-X', 'sshuttle-m-1024'),
112 call(AF_INET6, 'mangle', '-D', 'PREROUTING', '-j', 'sshuttle-t-1024'),
113 call(AF_INET6, 'mangle', '-F', 'sshuttle-t-1024'),
114 call(AF_INET6, 'mangle', '-X', 'sshuttle-t-1024'),
115 call(AF_INET6, 'mangle', '-F', 'sshuttle-d-1024'),
116 call(AF_INET6, 'mangle', '-X', 'sshuttle-d-1024'),
117 call(AF_INET6, 'mangle', '-N', 'sshuttle-m-1024'),
118 call(AF_INET6, 'mangle', '-F', 'sshuttle-m-1024'),
119 call(AF_INET6, 'mangle', '-N', 'sshuttle-d-1024'),
120 call(AF_INET6, 'mangle', '-F', 'sshuttle-d-1024'),
121 call(AF_INET6, 'mangle', '-N', 'sshuttle-t-1024'),
122 call(AF_INET6, 'mangle', '-F', 'sshuttle-t-1024'),
123 call(AF_INET6, 'mangle', '-I', 'OUTPUT', '1', '-j', 'sshuttle-m-1024'),
124 call(AF_INET6, 'mangle', '-I', 'PREROUTING', '1', '-j',
125 'sshuttle-t-1024'),
126 call(AF_INET6, 'mangle', '-A', 'sshuttle-m-1024', '-j', 'MARK',
127 '--set-mark', '0x01', '--dest', u'2404:6800:4004:80c::33/32',
128 '-m', 'udp', '-p', 'udp', '--dport', '53'),
129 call(AF_INET6, 'mangle', '-A', 'sshuttle-t-1024', '-j', 'TPROXY',
130 '--tproxy-mark', '0x01',
131 '--dest', u'2404:6800:4004:80c::33/32',
132 '-m', 'udp', '-p', 'udp', '--dport', '53', '--on-port', '1026'),
133 call(AF_INET6, 'mangle', '-A', 'sshuttle-t-1024', '-j', 'RETURN',
134 '-m', 'addrtype', '--dst-type', 'LOCAL'),
135 call(AF_INET6, 'mangle', '-A', 'sshuttle-m-1024', '-j', 'RETURN',
136 '-m', 'addrtype', '--dst-type', 'LOCAL'),
137 call(AF_INET6, 'mangle', '-A', 'sshuttle-d-1024', '-j', 'MARK',
138 '--set-mark', '0x01'),
139 call(AF_INET6, 'mangle', '-A', 'sshuttle-d-1024', '-j', 'ACCEPT'),
140 call(AF_INET6, 'mangle', '-A', 'sshuttle-t-1024', '-m', 'socket',
141 '-j', 'sshuttle-d-1024', '-m', 'tcp', '-p', 'tcp'),
142 call(AF_INET6, 'mangle', '-A', 'sshuttle-t-1024', '-m', 'socket',
143 '-j', 'sshuttle-d-1024', '-m', 'udp', '-p', 'udp'),

Callers

nothing calls this directly

Calls 3

get_methodFunction · 0.90
setup_firewallMethod · 0.45
restore_firewallMethod · 0.45

Tested by

no test coverage detected