From f105efc658b96a12eb4ecc12e245ecd67a6468e1 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 13 May 2022 18:43:58 +0200 Subject: smoketest: add sshguard allow-from case --- smoketest/scripts/cli/test_service_ssh.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'smoketest/scripts') diff --git a/smoketest/scripts/cli/test_service_ssh.py b/smoketest/scripts/cli/test_service_ssh.py index 2e96a7035..0b029dd00 100755 --- a/smoketest/scripts/cli/test_service_ssh.py +++ b/smoketest/scripts/cli/test_service_ssh.py @@ -214,19 +214,22 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase): self.assertNotIn(test_user, usernames) def test_ssh_dynamic_protection(self): - """ - check sshguard service - """ + # check sshguard service + SSHGUARD_CONFIG = '/etc/sshguard/sshguard.conf' + SSHGUARD_WHITELIST = '/etc/sshguard/whitelist' SSHGUARD_PROCESS = 'sshguard' block_time = '123' detect_time = '1804' port = '22' threshold = '10' + allow_list = ['192.0.2.0/24', '2001:db8::/48'] self.cli_set(base_path + ['dynamic-protection', 'block-time', block_time]) self.cli_set(base_path + ['dynamic-protection', 'detect-time', detect_time]) self.cli_set(base_path + ['dynamic-protection', 'threshold', threshold]) + for allow in allow_list: + self.cli_set(base_path + ['dynamic-protection', 'allow-from', allow]) # commit changes self.cli_commit() @@ -245,10 +248,13 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase): ] tmp_sshguard_conf = read_file(SSHGUARD_CONFIG) - for line in sshguard_lines: self.assertIn(line, tmp_sshguard_conf) + tmp_whitelist_conf = read_file(SSHGUARD_WHITELIST) + for allow in allow_list: + self.assertIn(allow, tmp_whitelist_conf) + # Delete service ssh dynamic-protection # but not service ssh itself self.cli_delete(base_path + ['dynamic-protection']) @@ -256,6 +262,5 @@ class TestServiceSSH(VyOSUnitTestSHIM.TestCase): self.assertFalse(process_named_running(SSHGUARD_PROCESS)) - if __name__ == '__main__': unittest.main(verbosity=2) -- cgit v1.2.3