Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

tests: check firewall rules blocking VM IP spoofing

Browse Source
This commit is contained in:
Marek Marczykowski-Górecki 2015-06-27 04:46:17 +02:00
parent 8b4c9b23b3
commit ed9b4bfc54
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tests/network.py
View File

@ -314,6 +314,17 @@ class VmNetworkingMixin(qubes.tests.SystemTestsMixin):
self.assertNotEqual(self.run_cmd(self.testvm2,
self.ping_cmd.format(target=self.testvm1.ip)), 0)
def test_050_spoof_ip(self):
"""Test if VM IP spoofing is blocked"""
self.qc.unlock_db()
self.testvm1.start()
self.assertEqual(self.run_cmd(self.testvm1, self.ping_ip), 0)
self.testvm1.run("ip addr flush dev eth0", user="root")
self.testvm1.run("ip addr add 10.137.1.128/24 dev eth0", user="root")
self.testvm1.run("ip route add dev eth0", user="root")
self.assertNotEqual(self.run_cmd(self.testvm1, self.ping_ip), 0,
"Spoofed ping should be blocked")
def load_tests(loader, tests, pattern):