mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-25 14:20:18 +00:00
25c5661c1b
Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
697 lines
23 KiB
Python
697 lines
23 KiB
Python
from textwrap import dedent
|
|
import re
|
|
from .conftest import (
|
|
SETUPVARS,
|
|
tick_box,
|
|
info_box,
|
|
cross_box,
|
|
mock_command,
|
|
mock_command_2,
|
|
run_script
|
|
)
|
|
|
|
|
|
def test_supported_operating_system(Pihole):
|
|
'''
|
|
confirm installer exists on unsupported distribution
|
|
'''
|
|
# break supported package managers to emulate an unsupported distribution
|
|
Pihole.run('rm -rf /usr/bin/apt-get')
|
|
Pihole.run('rm -rf /usr/bin/rpm')
|
|
distro_check = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
distro_check
|
|
''')
|
|
expected_stdout = cross_box + ' OS distribution not supported'
|
|
assert expected_stdout in distro_check.stdout
|
|
# assert distro_check.rc == 1
|
|
|
|
|
|
def test_setupVars_are_sourced_to_global_scope(Pihole):
|
|
'''
|
|
currently update_dialogs sources setupVars with a dot,
|
|
then various other functions use the variables.
|
|
This confirms the sourced variables are in scope between functions
|
|
'''
|
|
setup_var_file = 'cat <<EOF> /etc/pihole/setupVars.conf\n'
|
|
for k, v in SETUPVARS.items():
|
|
setup_var_file += "{}={}\n".format(k, v)
|
|
setup_var_file += "EOF\n"
|
|
Pihole.run(setup_var_file)
|
|
|
|
script = dedent('''\
|
|
set -e
|
|
printSetupVars() {
|
|
# Currently debug test function only
|
|
echo "Outputting sourced variables"
|
|
echo "PIHOLE_INTERFACE=${PIHOLE_INTERFACE}"
|
|
echo "IPV4_ADDRESS=${IPV4_ADDRESS}"
|
|
echo "IPV6_ADDRESS=${IPV6_ADDRESS}"
|
|
echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
|
|
echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
|
|
}
|
|
update_dialogs() {
|
|
. /etc/pihole/setupVars.conf
|
|
}
|
|
update_dialogs
|
|
printSetupVars
|
|
''')
|
|
|
|
output = run_script(Pihole, script).stdout
|
|
|
|
for k, v in SETUPVARS.items():
|
|
assert "{}={}".format(k, v) in output
|
|
|
|
|
|
def test_setupVars_saved_to_file(Pihole):
|
|
'''
|
|
confirm saved settings are written to a file for future updates to re-use
|
|
'''
|
|
# dedent works better with this and padding matching script below
|
|
set_setup_vars = '\n'
|
|
for k, v in SETUPVARS.items():
|
|
set_setup_vars += " {}={}\n".format(k, v)
|
|
Pihole.run(set_setup_vars).stdout
|
|
|
|
script = dedent('''\
|
|
set -e
|
|
echo start
|
|
TERM=xterm
|
|
source /opt/pihole/basic-install.sh
|
|
{}
|
|
mkdir -p /etc/dnsmasq.d
|
|
version_check_dnsmasq
|
|
echo "" > /etc/pihole/pihole-FTL.conf
|
|
finalExports
|
|
cat /etc/pihole/setupVars.conf
|
|
'''.format(set_setup_vars))
|
|
|
|
output = run_script(Pihole, script).stdout
|
|
|
|
for k, v in SETUPVARS.items():
|
|
assert "{}={}".format(k, v) in output
|
|
|
|
|
|
def test_pihole_user_group_creation(Pihole):
|
|
'''
|
|
check user creation works if user or group already exist
|
|
'''
|
|
sudo_cmd = 'su --shell /bin/bash --command "{0}" -p root'
|
|
# normal situation where neither user or group exist
|
|
user_create = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
''')
|
|
expected_stdout = tick_box + ' Creating user \'pihole\''
|
|
assert expected_stdout in user_create.stdout
|
|
# situation where both user and group already exist
|
|
user_create = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
''')
|
|
expected_stdout = tick_box + ' Checking for user \'pihole\''
|
|
assert expected_stdout in user_create.stdout
|
|
# situation where only group and no user exists
|
|
Pihole.run(sudo_cmd.format('userdel -r pihole'))
|
|
user_create = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
''')
|
|
expected_stdout = tick_box + ' Creating user \'pihole\''
|
|
assert expected_stdout in user_create.stdout
|
|
# situation where only user and no group exists
|
|
Pihole.run(sudo_cmd.format('userdel -r pihole'))
|
|
Pihole.run(sudo_cmd.format('groupdel pihole'))
|
|
Pihole.run(sudo_cmd.format('groupadd pihole_dummy'))
|
|
useradd_dummy = (
|
|
'useradd -r --no-user-group -g pihole_dummy ' +
|
|
'-s /usr/sbin/nologin pihole')
|
|
Pihole.run(sudo_cmd.format(useradd_dummy))
|
|
user_create = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
''')
|
|
expected_stdout = tick_box + ' Creating group \'pihole\''
|
|
assert expected_stdout in user_create.stdout
|
|
expected_stdout = tick_box + ' Adding user \'pihole\' to group \'pihole\''
|
|
assert expected_stdout in user_create.stdout
|
|
|
|
|
|
def test_configureFirewall_firewalld_running_no_errors(Pihole):
|
|
'''
|
|
confirms firewalld rules are applied when firewallD is running
|
|
'''
|
|
# firewallD returns 'running' as status
|
|
mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole)
|
|
# Whiptail dialog returns Ok for user prompt
|
|
mock_command('whiptail', {'*': ('', 0)}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Configuring FirewallD for httpd and pihole-FTL'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout
|
|
assert 'firewall-cmd --state' in firewall_calls
|
|
assert ('firewall-cmd '
|
|
'--permanent '
|
|
'--add-service=http '
|
|
'--add-service=dns') in firewall_calls
|
|
assert 'firewall-cmd --reload' in firewall_calls
|
|
|
|
|
|
def test_configureFirewall_firewalld_disabled_no_errors(Pihole):
|
|
'''
|
|
confirms firewalld rules are not applied when firewallD is not running
|
|
'''
|
|
# firewallD returns non-running status
|
|
mock_command('firewall-cmd', {'*': ('not running', '1')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = ('No active firewall detected.. '
|
|
'skipping firewall configuration')
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
|
|
def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole):
|
|
'''
|
|
confirms firewalld rules are not applied when firewallD is running, user
|
|
declines ruleset
|
|
'''
|
|
# firewallD returns running status
|
|
mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*': ('', 1)}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Not installing firewall rulesets.'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
|
|
def test_configureFirewall_no_firewall(Pihole):
|
|
''' confirms firewall skipped no daemon is running '''
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'No active firewall detected'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
|
|
def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole):
|
|
'''
|
|
confirms IPTables rules are not applied when IPTables is running, user
|
|
declines ruleset
|
|
'''
|
|
# iptables command exists
|
|
mock_command('iptables', {'*': ('', '0')}, Pihole)
|
|
# modinfo returns always true (ip_tables module check)
|
|
mock_command('modinfo', {'*': ('', '0')}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*': ('', '1')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Not installing firewall rulesets.'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
|
|
|
|
def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole):
|
|
'''
|
|
confirms IPTables rules are not applied when IPTables is running and rules
|
|
exist
|
|
'''
|
|
# iptables command exists and returns 0 on calls
|
|
# (should return 0 on iptables -C)
|
|
mock_command('iptables', {'-S': ('-P INPUT DENY', '0')}, Pihole)
|
|
# modinfo returns always true (ip_tables module check)
|
|
mock_command('modinfo', {'*': ('', '0')}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Installing new IPTables firewall rulesets'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
firewall_calls = Pihole.run('cat /var/log/iptables').stdout
|
|
# General call type occurrences
|
|
assert len(re.findall(r'iptables -S', firewall_calls)) == 1
|
|
assert len(re.findall(r'iptables -C', firewall_calls)) == 4
|
|
assert len(re.findall(r'iptables -I', firewall_calls)) == 0
|
|
|
|
# Specific port call occurrences
|
|
assert len(re.findall(r'tcp --dport 80', firewall_calls)) == 1
|
|
assert len(re.findall(r'tcp --dport 53', firewall_calls)) == 1
|
|
assert len(re.findall(r'udp --dport 53', firewall_calls)) == 1
|
|
assert len(re.findall(r'tcp --dport 4711:4720', firewall_calls)) == 1
|
|
|
|
|
|
def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole):
|
|
'''
|
|
confirms IPTables rules are applied when IPTables is running and rules do
|
|
not exist
|
|
'''
|
|
# iptables command and returns 0 on calls (should return 1 on iptables -C)
|
|
mock_command(
|
|
'iptables',
|
|
{
|
|
'-S': (
|
|
'-P INPUT DENY',
|
|
'0'
|
|
),
|
|
'-C': (
|
|
'',
|
|
1
|
|
),
|
|
'-I': (
|
|
'',
|
|
0
|
|
)
|
|
},
|
|
Pihole
|
|
)
|
|
# modinfo returns always true (ip_tables module check)
|
|
mock_command('modinfo', {'*': ('', '0')}, Pihole)
|
|
# Whiptail dialog returns Cancel for user prompt
|
|
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
|
configureFirewall = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
configureFirewall
|
|
''')
|
|
expected_stdout = 'Installing new IPTables firewall rulesets'
|
|
assert expected_stdout in configureFirewall.stdout
|
|
firewall_calls = Pihole.run('cat /var/log/iptables').stdout
|
|
# General call type occurrences
|
|
assert len(re.findall(r'iptables -S', firewall_calls)) == 1
|
|
assert len(re.findall(r'iptables -C', firewall_calls)) == 4
|
|
assert len(re.findall(r'iptables -I', firewall_calls)) == 4
|
|
|
|
# Specific port call occurrences
|
|
assert len(re.findall(r'tcp --dport 80', firewall_calls)) == 2
|
|
assert len(re.findall(r'tcp --dport 53', firewall_calls)) == 2
|
|
assert len(re.findall(r'udp --dport 53', firewall_calls)) == 2
|
|
assert len(re.findall(r'tcp --dport 4711:4720', firewall_calls)) == 2
|
|
|
|
|
|
def test_selinux_not_detected(Pihole):
|
|
'''
|
|
confirms installer continues when SELinux configuration file does not exist
|
|
'''
|
|
check_selinux = Pihole.run('''
|
|
rm -f /etc/selinux/config
|
|
source /opt/pihole/basic-install.sh
|
|
checkSelinux
|
|
''')
|
|
expected_stdout = info_box + ' SELinux not detected'
|
|
assert expected_stdout in check_selinux.stdout
|
|
assert check_selinux.rc == 0
|
|
|
|
|
|
def test_installPiholeWeb_fresh_install_no_errors(Pihole):
|
|
'''
|
|
confirms all web page assets from Core repo are installed on a fresh build
|
|
'''
|
|
installWeb = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
installPiholeWeb
|
|
''')
|
|
expected_stdout = info_box + ' Installing blocking page...'
|
|
assert expected_stdout in installWeb.stdout
|
|
expected_stdout = tick_box + (' Creating directory for blocking page, '
|
|
'and copying files')
|
|
assert expected_stdout in installWeb.stdout
|
|
expected_stdout = info_box + ' Backing up index.lighttpd.html'
|
|
assert expected_stdout in installWeb.stdout
|
|
expected_stdout = ('No default index.lighttpd.html file found... '
|
|
'not backing up')
|
|
assert expected_stdout in installWeb.stdout
|
|
expected_stdout = tick_box + ' Installing sudoer file'
|
|
assert expected_stdout in installWeb.stdout
|
|
web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout
|
|
assert 'index.php' in web_directory
|
|
assert 'blockingpage.css' in web_directory
|
|
|
|
|
|
def test_update_package_cache_success_no_errors(Pihole):
|
|
'''
|
|
confirms package cache was updated without any errors
|
|
'''
|
|
updateCache = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
distro_check
|
|
update_package_cache
|
|
''')
|
|
expected_stdout = tick_box + ' Update local cache of available packages'
|
|
assert expected_stdout in updateCache.stdout
|
|
assert 'error' not in updateCache.stdout.lower()
|
|
|
|
|
|
def test_update_package_cache_failure_no_errors(Pihole):
|
|
'''
|
|
confirms package cache was not updated
|
|
'''
|
|
mock_command('apt-get', {'update': ('', '1')}, Pihole)
|
|
updateCache = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
distro_check
|
|
update_package_cache
|
|
''')
|
|
expected_stdout = cross_box + ' Update local cache of available packages'
|
|
assert expected_stdout in updateCache.stdout
|
|
assert 'Error: Unable to update package cache.' in updateCache.stdout
|
|
|
|
|
|
def test_FTL_detect_aarch64_no_errors(Pihole):
|
|
'''
|
|
confirms only aarch64 package is downloaded for FTL engine
|
|
'''
|
|
# mock uname to return aarch64 platform
|
|
mock_command('uname', {'-m': ('aarch64', '0')}, Pihole)
|
|
# mock ldd to respond with aarch64 shared library
|
|
mock_command(
|
|
'ldd',
|
|
{
|
|
'/bin/ls': (
|
|
'/lib/ld-linux-aarch64.so.1',
|
|
'0'
|
|
)
|
|
},
|
|
Pihole
|
|
)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
funcOutput=$(get_binary_name)
|
|
binary="pihole-FTL${funcOutput##*pihole-FTL}"
|
|
theRest="${funcOutput%pihole-FTL*}"
|
|
FTLdetect "${binary}" "${theRest}"
|
|
''')
|
|
expected_stdout = info_box + ' FTL Checks...'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + ' Detected ARM-aarch64 architecture'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + ' Downloading and Installing FTL'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_FTL_detect_armv6l_no_errors(Pihole):
|
|
'''
|
|
confirms only armv6l package is downloaded for FTL engine
|
|
'''
|
|
# mock uname to return armv6l platform
|
|
mock_command('uname', {'-m': ('armv6l', '0')}, Pihole)
|
|
# mock ldd to respond with aarch64 shared library
|
|
mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
funcOutput=$(get_binary_name)
|
|
binary="pihole-FTL${funcOutput##*pihole-FTL}"
|
|
theRest="${funcOutput%pihole-FTL*}"
|
|
FTLdetect "${binary}" "${theRest}"
|
|
''')
|
|
expected_stdout = info_box + ' FTL Checks...'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + (' Detected ARM-hf architecture '
|
|
'(armv6 or lower)')
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + ' Downloading and Installing FTL'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_FTL_detect_armv7l_no_errors(Pihole):
|
|
'''
|
|
confirms only armv7l package is downloaded for FTL engine
|
|
'''
|
|
# mock uname to return armv7l platform
|
|
mock_command('uname', {'-m': ('armv7l', '0')}, Pihole)
|
|
# mock ldd to respond with aarch64 shared library
|
|
mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
funcOutput=$(get_binary_name)
|
|
binary="pihole-FTL${funcOutput##*pihole-FTL}"
|
|
theRest="${funcOutput%pihole-FTL*}"
|
|
FTLdetect "${binary}" "${theRest}"
|
|
''')
|
|
expected_stdout = info_box + ' FTL Checks...'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + ' Detected ARM-hf architecture (armv7+)'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + ' Downloading and Installing FTL'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_FTL_detect_x86_64_no_errors(Pihole):
|
|
'''
|
|
confirms only x86_64 package is downloaded for FTL engine
|
|
'''
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
funcOutput=$(get_binary_name)
|
|
binary="pihole-FTL${funcOutput##*pihole-FTL}"
|
|
theRest="${funcOutput%pihole-FTL*}"
|
|
FTLdetect "${binary}" "${theRest}"
|
|
''')
|
|
expected_stdout = info_box + ' FTL Checks...'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + ' Detected x86_64 architecture'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
expected_stdout = tick_box + ' Downloading and Installing FTL'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_FTL_detect_unknown_no_errors(Pihole):
|
|
''' confirms only generic package is downloaded for FTL engine '''
|
|
# mock uname to return generic platform
|
|
mock_command('uname', {'-m': ('mips', '0')}, Pihole)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
funcOutput=$(get_binary_name)
|
|
binary="pihole-FTL${funcOutput##*pihole-FTL}"
|
|
theRest="${funcOutput%pihole-FTL*}"
|
|
FTLdetect "${binary}" "${theRest}"
|
|
''')
|
|
expected_stdout = 'Not able to detect architecture (unknown: mips)'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_FTL_download_aarch64_no_errors(Pihole):
|
|
'''
|
|
confirms only aarch64 package is downloaded for FTL engine
|
|
'''
|
|
# mock whiptail answers and ensure installer dependencies
|
|
mock_command('whiptail', {'*': ('', '0')}, Pihole)
|
|
Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
distro_check
|
|
install_dependent_packages ${INSTALLER_DEPS[@]}
|
|
''')
|
|
download_binary = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
FTLinstall "pihole-FTL-aarch64-linux-gnu"
|
|
''')
|
|
expected_stdout = tick_box + ' Downloading and Installing FTL'
|
|
assert expected_stdout in download_binary.stdout
|
|
assert 'error' not in download_binary.stdout.lower()
|
|
|
|
|
|
def test_FTL_binary_installed_and_responsive_no_errors(Pihole):
|
|
'''
|
|
confirms FTL binary is copied and functional in installed location
|
|
'''
|
|
installed_binary = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
create_pihole_user
|
|
funcOutput=$(get_binary_name)
|
|
binary="pihole-FTL${funcOutput##*pihole-FTL}"
|
|
theRest="${funcOutput%pihole-FTL*}"
|
|
FTLdetect "${binary}" "${theRest}"
|
|
pihole-FTL version
|
|
''')
|
|
expected_stdout = 'v'
|
|
assert expected_stdout in installed_binary.stdout
|
|
|
|
|
|
# def test_FTL_support_files_installed(Pihole):
|
|
# '''
|
|
# confirms FTL support files are installed
|
|
# '''
|
|
# support_files = Pihole.run('''
|
|
# source /opt/pihole/basic-install.sh
|
|
# FTLdetect
|
|
# stat -c '%a %n' /var/log/pihole-FTL.log
|
|
# stat -c '%a %n' /run/pihole-FTL.port
|
|
# stat -c '%a %n' /run/pihole-FTL.pid
|
|
# ls -lac /run
|
|
# ''')
|
|
# assert '644 /run/pihole-FTL.port' in support_files.stdout
|
|
# assert '644 /run/pihole-FTL.pid' in support_files.stdout
|
|
# assert '644 /var/log/pihole-FTL.log' in support_files.stdout
|
|
|
|
|
|
def test_IPv6_only_link_local(Pihole):
|
|
'''
|
|
confirms IPv6 blocking is disabled for Link-local address
|
|
'''
|
|
# mock ip -6 address to return Link-local address
|
|
mock_command_2(
|
|
'ip',
|
|
{
|
|
'-6 address': (
|
|
'inet6 fe80::d210:52fa:fe00:7ad7/64 scope link',
|
|
'0'
|
|
)
|
|
},
|
|
Pihole
|
|
)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = ('Unable to find IPv6 ULA/GUA address, '
|
|
'IPv6 adblocking will not be enabled')
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_IPv6_only_ULA(Pihole):
|
|
'''
|
|
confirms IPv6 blocking is enabled for ULA addresses
|
|
'''
|
|
# mock ip -6 address to return ULA address
|
|
mock_command_2(
|
|
'ip',
|
|
{
|
|
'-6 address': (
|
|
'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global',
|
|
'0'
|
|
)
|
|
},
|
|
Pihole
|
|
)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_IPv6_only_GUA(Pihole):
|
|
'''
|
|
confirms IPv6 blocking is enabled for GUA addresses
|
|
'''
|
|
# mock ip -6 address to return GUA address
|
|
mock_command_2(
|
|
'ip',
|
|
{
|
|
'-6 address': (
|
|
'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global',
|
|
'0'
|
|
)
|
|
},
|
|
Pihole
|
|
)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 GUA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_IPv6_GUA_ULA_test(Pihole):
|
|
'''
|
|
confirms IPv6 blocking is enabled for GUA and ULA addresses
|
|
'''
|
|
# mock ip -6 address to return GUA and ULA addresses
|
|
mock_command_2(
|
|
'ip',
|
|
{
|
|
'-6 address': (
|
|
'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\n'
|
|
'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global',
|
|
'0'
|
|
)
|
|
},
|
|
Pihole
|
|
)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_IPv6_ULA_GUA_test(Pihole):
|
|
'''
|
|
confirms IPv6 blocking is enabled for GUA and ULA addresses
|
|
'''
|
|
# mock ip -6 address to return ULA and GUA addresses
|
|
mock_command_2(
|
|
'ip',
|
|
{
|
|
'-6 address': (
|
|
'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\n'
|
|
'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global',
|
|
'0'
|
|
)
|
|
},
|
|
Pihole
|
|
)
|
|
detectPlatform = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
useIPv6dialog
|
|
''')
|
|
expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads'
|
|
assert expected_stdout in detectPlatform.stdout
|
|
|
|
|
|
def test_validate_ip_valid(Pihole):
|
|
'''
|
|
Given a valid IP address, valid_ip returns success
|
|
'''
|
|
|
|
output = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
valid_ip "192.168.1.1"
|
|
''')
|
|
|
|
assert output.rc == 0
|
|
|
|
|
|
def test_validate_ip_invalid_octet(Pihole):
|
|
'''
|
|
Given an invalid IP address (large octet), valid_ip returns an error
|
|
'''
|
|
|
|
output = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
valid_ip "1092.168.1.1"
|
|
''')
|
|
|
|
assert output.rc == 1
|
|
|
|
|
|
def test_validate_ip_invalid_letters(Pihole):
|
|
'''
|
|
Given an invalid IP address (contains letters), valid_ip returns an error
|
|
'''
|
|
|
|
output = Pihole.run('''
|
|
source /opt/pihole/basic-install.sh
|
|
valid_ip "not an IP"
|
|
''')
|
|
|
|
assert output.rc == 1
|