Home Explore Help
Sign In
Qubes
/
core-admin
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

tests: check firewall rules blocking VM IP spoofing

Marek Marczykowski-Górecki 9 years ago
parent
8b4c9b23b3
commit
ed9b4bfc54
1 changed files with 11 additions and 0 deletions
Split View Show Diff Stats
  1. 11 0
      tests/network.py

+ 11 - 0
tests/network.py
View File 

@@ -314,6 +314,17 @@ class VmNetworkingMixin(qubes.tests.SystemTestsMixin):
 
         self.assertNotEqual(self.run_cmd(self.testvm2,
 
             self.ping_cmd.format(target=self.testvm1.ip)), 0)
 
 
+    def test_050_spoof_ip(self):
 
+        """Test if VM IP spoofing is blocked"""
 
+        self.qc.unlock_db()
 
+        self.testvm1.start()
 
+
 
+        self.assertEqual(self.run_cmd(self.testvm1, self.ping_ip), 0)
 
+        self.testvm1.run("ip addr flush dev eth0", user="root")
 
+        self.testvm1.run("ip addr add 10.137.1.128/24 dev eth0", user="root")
 
+        self.testvm1.run("ip route add dev eth0", user="root")
 
+        self.assertNotEqual(self.run_cmd(self.testvm1, self.ping_ip), 0,
 
+                         "Spoofed ping should be blocked")
 
 
 
 def load_tests(loader, tests, pattern):