2 * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file nether_tests.cpp
19 * @author Piotr Sawicki (p.sawicki2@partner.samsung.com)
21 * @brief Tests for Nether service
28 #include <arpa/inet.h>
29 #include <linux/netlink.h>
32 #include <netinet/in.h>
33 #include <sys/mount.h>
34 #include <sys/socket.h>
36 #include <sys/types.h>
39 #include <condition_variable>
44 #include <scoped_installer.h>
45 #include <sm_commons.h>
46 #include <tests_common.h>
47 #include <dpl/test/safe_cleanup.h>
50 using namespace SecurityManagerTest;
51 using namespace DPL::Test;
53 const std::string INTERNET_ACCESS_PRIVILEGE = "http://tizen.org/privilege/internet";
54 const std::string NETHER_NETNS_NAME_NONE = "";
55 const std::string NETHER_NETNS_NAME_TEST = "nether_test_network_ns";
56 const std::string NETNS_RUN_DIR = "/var/run/netns"; // taken from iproute2
57 const std::string NETHER_NETNS_SETUP_COMMAND = "/usr/bin/setup-nether-tests-nns.sh " + NETHER_NETNS_NAME_TEST;
58 const std::string NETHER_NETNS_TEARDOWN_COMMAND = "/usr/bin/teardown-nether-tests-nns.sh " + NETHER_NETNS_NAME_TEST;
59 const std::string NETHER_DNS_SETUP_COMMAND = "/usr/bin/setup-nether-tests-dns.sh";
60 const std::string NETHER_DNS_TEARDOWN_COMMAND = "/usr/bin/teardown-nether-tests-dns.sh";
63 const ssize_t NET_BUFFER_SIZE = 1024;
64 const int UDP_MESSAGES_COUNT = 20000;
65 const int TCP_MESSAGES_COUNT = 20000;
67 const uint16_t UDP_TEST_PORT = 12000;
68 const uint16_t TCP_TEST_PORT = 12000;
70 const std::string REMOTE_INTERFACE_ADDRESS = "10.1.0.2";
71 const std::string REMOTE_INTERFACE_NAME = "veth1";
72 const std::string LOCAL_HOST_TEST_SERVER_ADDRESS = "127.0.0.1";
73 const std::string LOCAL_TEST_MCAST_GROUP = "225.0.0.250";
74 const std::string DNS_TEST_ADDRESS = "www.samsung.com";
75 const std::string ANY_INTERFACE = "";
77 const char TTL_MCAST_RESTRIC_SUBNET = 1;
79 const int MONITOR_TIMEOUT = 1000; // ms
81 enum class NetherInternetAccess {
87 void runShellScriptInChildAndWait(const std::string &command)
89 RUNNER_ASSERT_MSG(system(command.c_str()) != -1, "Couldn't run command: " << command);
93 class ScopedShellScriptRunner final {
95 ScopedShellScriptRunner(const std::string &setupCmd, const std::string &teardownCmd)
96 : m_teardownCmd(teardownCmd)
98 runShellScriptInChildAndWait(setupCmd);
101 ~ScopedShellScriptRunner()
103 SafeCleanup::run([this]() {
104 runShellScriptInChildAndWait(m_teardownCmd);
108 ScopedShellScriptRunner(const ScopedShellScriptRunner &) = delete;
109 ScopedShellScriptRunner &operator=(const ScopedShellScriptRunner &) = delete;
112 std::string m_teardownCmd;
116 void createChildProcess(const std::function<int(int)> &procedure, pid_t &childPid, int &childPipeFd)
119 RUNNER_ASSERT_ERRNO_MSG(pipe2(pipeFd, O_DIRECT) == 0, "pipe() failed");
122 RUNNER_ASSERT_ERRNO_MSG(pid != -1, "fork() failed");
126 TEMP_FAILURE_RETRY(close(pipeFd[1]));
128 childPipeFd = pipeFd[0];
132 TestRunnerSingleton::Instance().Terminate();
135 close(STDOUT_FILENO);
136 close(STDERR_FILENO);
140 int retStatus = EXIT_FAILURE;
142 int devNullFd = TEMP_FAILURE_RETRY(open("/dev/null", O_WRONLY));
143 if (devNullFd == -1) {
147 if (TEMP_FAILURE_RETRY(dup2(devNullFd, STDIN_FILENO)) == -1) {
151 if (TEMP_FAILURE_RETRY(dup2(devNullFd, STDOUT_FILENO)) == -1) {
155 if (TEMP_FAILURE_RETRY(dup2(devNullFd, STDERR_FILENO)) == -1) {
159 retStatus = procedure(pipeFd[1]);
166 int switchToNetworkNamespace(const std::string &netnsName)
168 if (netnsName == NETHER_NETNS_NAME_NONE) {
172 const std::string netnsPath { NETNS_RUN_DIR + "/" + netnsName };
173 if (netnsPath.length() >= PATH_MAX) {
177 int netNsFd = open(netnsPath.c_str(), O_RDONLY);
182 // uses an existing network name-space (previously created by "ip netns" command)
183 if (setns(netNsFd, CLONE_NEWNET) == -1) {
192 class TemporaryNormalTestUser
195 TemporaryNormalTestUser(const std::string &userName)
196 : m_user(userName, GUM_USERTYPE_NORMAL, false)
203 return m_user.getUid();
207 TemporaryTestUser m_user;
211 class InternetLocalAppInstallHelper : public AppInstallHelper
214 InternetLocalAppInstallHelper(const std::string &namePrefix, uid_t uid, NetherInternetAccess access)
215 : AppInstallHelper(namePrefix, uid)
217 setInstallType(app_install_type::SM_APP_INSTALL_LOCAL);
218 if (access == NetherInternetAccess::ACCESS_GRANTED) {
219 addPrivilege(INTERNET_ACCESS_PRIVILEGE);
235 AppContext(const std::string &appId, uid_t appUID, gid_t appGID)
242 const std::string &appId() const
247 void setAppId(const std::string &appId)
257 void setUID(uid_t appUID)
267 void setGID(gid_t appGID)
279 class ScopedAppContext : public AppContext
282 ScopedAppContext(const std::string &appPrefix, NetherInternetAccess access)
283 : m_user(appPrefix + "_user")
284 , m_installHelper(appPrefix + "_app_normal", m_user.getUid(), access)
285 , m_scopedInstaller(m_installHelper)
287 setAppId(m_installHelper.getAppId());
288 setUID(m_installHelper.getUID());
289 setGID(m_installHelper.getGID());
293 TemporaryNormalTestUser m_user;
294 InternetLocalAppInstallHelper m_installHelper;
295 ScopedInstaller m_scopedInstaller;
299 void runProcedureInNetAppContext(
300 const std::string &appPrefix,
301 const std::function<void(void)> &procedure,
302 const NetherInternetAccess access = NetherInternetAccess::ACCESS_DENIED)
304 ScopedAppContext scopedAppContext(appPrefix, access);
306 auto smackLabel = scopedAppContext.appId();
307 auto appUID = scopedAppContext.getUID();
308 auto appGID = scopedAppContext.getGID();
310 // run client procedure in app context
311 runInChildParentWait([=]() {
312 Api::setProcessLabel(smackLabel);
313 RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(appUID, appGID) == 0,
314 "drop_root_privileges() failed");
324 : m_monitorIsRunning(false)
325 , m_receivedBytes(0ull)
330 NetServer(const NetServer &) = delete;
331 NetServer &operator=(const NetServer &) = delete;
335 SafeCleanup::run([this]() {
340 void start(const std::string &netnsName = NETHER_NETNS_NAME_NONE)
342 std::unique_lock<std::mutex> lock(m_monitorMutex);
344 RUNNER_ASSERT_MSG(!m_monitorIsRunning, "Monitor thread is already running");
346 createChildProcess([=] (int pipeFd) -> int {
347 if (netnsName != NETHER_NETNS_NAME_NONE) {
348 if (switchToNetworkNamespace(netnsName) == -1) {
352 return serverProcedure(pipeFd);
353 }, m_serverPid, m_serverPipeFd);
357 m_monitorThread = std::move(std::thread(&NetServer::monitorThreadProc, this));
359 m_monitorSyncPoint.wait(lock, [this]() {
360 return m_monitorIsRunning;
371 uint64_t getReceivedBytes() const
373 RUNNER_ASSERT_MSG(!isAlive(), "Cannot read statistics. Server is still running: " << (*this));
374 return m_receivedBytes;
380 return waitpid(m_serverPid, &status, WNOHANG) == 0;
383 virtual int serverProcedure(int) = 0;
385 virtual std::string getDescription() const = 0;
388 void notifyManager(int pipeFd)
391 ssize_t ret = TEMP_FAILURE_RETRY(write(pipeFd, &c, sizeof(c)));
398 void waitForServer() const
400 pollfd pfd { m_serverPipeFd, POLLIN, 0 };
402 int ret = TEMP_FAILURE_RETRY(poll(&pfd, 1, MONITOR_TIMEOUT));
403 RUNNER_ASSERT_ERRNO_MSG(ret >= 0, "poll() failed");
405 if (pfd.revents & POLLIN) {
407 ssize_t len = TEMP_FAILURE_RETRY(read(m_serverPipeFd, &c, sizeof(c)));
408 RUNNER_ASSERT_ERRNO_MSG(len >= 0, "Read pipe failed");
412 ssize_t collectStatistics()
414 char buffer[NET_BUFFER_SIZE];
416 ssize_t ret = TEMP_FAILURE_RETRY(read(m_serverPipeFd, buffer, sizeof(buffer)));
418 m_receivedBytes += static_cast<uint64_t>(ret);
424 void closeServerPipe()
426 if (m_serverPipeFd == -1) {
430 close(m_serverPipeFd);
434 void stopServerProcess()
436 if (m_serverPid == -1) {
445 RUNNER_ASSERT_ERRNO_MSG(kill(m_serverPid, SIGTERM) == 0, "kill() failed");
449 pid_t ret = TEMP_FAILURE_RETRY(waitpid(m_serverPid, &status, WUNTRACED | WCONTINUED));
450 RUNNER_ASSERT_ERRNO_MSG(ret != -1, "waitpid() failed");
451 } while (!WIFEXITED(status) && !WIFSIGNALED(status));
459 std::lock_guard<std::mutex> lock(m_monitorMutex);
460 m_monitorIsRunning = false;
463 if (m_monitorThread.joinable()) {
464 m_monitorThread.join();
468 void monitorThreadProc()
470 std::unique_lock<std::mutex> lock(m_monitorMutex);
471 m_monitorIsRunning = true;
474 m_monitorSyncPoint.notify_one();
478 pollfd pollFd{ m_serverPipeFd, POLLIN, 0 };
480 while (m_monitorIsRunning) {
484 int ret = TEMP_FAILURE_RETRY(poll(&pollFd, 1, MONITOR_TIMEOUT));
490 if (ret > 0 && (pollFd.revents & POLLIN)) {
491 if (collectStatistics() == -1) {
500 m_monitorIsRunning = false;
505 std::thread m_monitorThread;
506 bool m_monitorIsRunning;
507 std::mutex m_monitorMutex;
508 std::condition_variable m_monitorSyncPoint;
511 uint64_t m_receivedBytes;
515 friend std::ostream &operator<<(std::ostream &os, const NetServer &);
519 std::ostream &operator<<(std::ostream &os, const NetServer &server)
521 os << server.getDescription();
526 class UDPServer : public NetServer
529 UDPServer(uint16_t port, int protocol = IPPROTO_UDP)
532 , m_protocol(protocol)
535 virtual ~UDPServer() {}
537 virtual std::string getDescription() const override
539 return "UDPServer port: " + std::to_string(m_port);
542 virtual bool applyExtraSocketOptions(int)
547 virtual int serverProcedure(int pipeFd) override
549 FdUniquePtr pipePtr(&pipeFd);
551 int sockFd = socket(AF_INET, SOCK_DGRAM, m_protocol);
556 SockUniquePtr sockPtr(&sockFd);
559 if (setsockopt(sockFd, SOL_SOCKET, SO_REUSEADDR, static_cast<const void *>(&optionValue) , sizeof(int)) == -1) {
563 struct sockaddr_in serverAddress;
564 memset(&serverAddress, 0, sizeof(serverAddress));
565 serverAddress.sin_family = AF_INET;
566 serverAddress.sin_addr.s_addr = htonl(INADDR_ANY);
567 serverAddress.sin_port = htons(m_port);
569 if (bind(sockFd, reinterpret_cast<struct sockaddr *>(&serverAddress), sizeof(serverAddress)) == -1) {
573 if (!applyExtraSocketOptions(sockFd)) {
577 struct sockaddr_in clntAddress;
578 socklen_t clntAddressLength = static_cast<socklen_t>(sizeof(clntAddress));
579 char receiveBuffer[NET_BUFFER_SIZE];
581 notifyManager(pipeFd);
584 ssize_t len = TEMP_FAILURE_RETRY(recvfrom(sockFd, receiveBuffer, sizeof(receiveBuffer), 0,
585 reinterpret_cast<struct sockaddr *>(&clntAddress), &clntAddressLength));
597 ssize_t ret = TEMP_FAILURE_RETRY(write(pipeFd, &receiveBuffer[pos], len));
616 class UDPServerApp : public UDPServer
619 UDPServerApp(uint16_t port, int protocol, const AppContext &appContext)
620 : UDPServer(port, protocol)
621 , m_appContext(appContext)
625 virtual int serverProcedure(int pipeFd) override
627 Api::setProcessLabel(m_appContext.appId());
628 RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(m_appContext.getUID(), m_appContext.getGID()) == 0,
629 "drop_root_privileges() failed");
631 return UDPServer::serverProcedure(pipeFd);
635 AppContext m_appContext;
638 class UDPMulticastServer : public UDPServer
641 UDPMulticastServer(uint16_t port, int protocol,
642 const std::string &mcastGroup, const std::string &networkInterface)
643 : UDPServer(port, protocol)
644 , m_mcastGroup(mcastGroup)
645 , m_networkInterface(networkInterface)
649 bool applyExtraSocketOptions(int sockFd) override
651 struct ip_mreq multicastRequest;
652 memset(&multicastRequest, 0, sizeof(multicastRequest));
654 in_addr_t mcastGroupAddr = inet_addr(m_mcastGroup.c_str());
655 if (!IN_MULTICAST(ntohl(mcastGroupAddr))) {
659 multicastRequest.imr_multiaddr.s_addr = mcastGroupAddr;
661 if (m_networkInterface == ANY_INTERFACE) {
662 multicastRequest.imr_interface.s_addr = INADDR_ANY;
664 struct ifreq interfaceRequest;
665 memset(&interfaceRequest, 0, sizeof(interfaceRequest));
667 interfaceRequest.ifr_addr.sa_family = AF_INET;
668 strncpy(interfaceRequest.ifr_name, m_networkInterface.c_str(), IFNAMSIZ);
669 interfaceRequest.ifr_name[IFNAMSIZ - 1] = '\0';
671 if (ioctl(sockFd, SIOCGIFADDR, &interfaceRequest) == -1) {
675 struct sockaddr_in *addr = reinterpret_cast<struct sockaddr_in *>(&interfaceRequest.ifr_addr);
676 multicastRequest.imr_interface.s_addr = addr->sin_addr.s_addr;
679 return setsockopt(sockFd, IPPROTO_IP, IP_ADD_MEMBERSHIP,
680 static_cast<const void *>(&multicastRequest), sizeof(multicastRequest)) == 0;
684 std::string m_mcastGroup;
685 std::string m_networkInterface;
689 class UDPMulticastServerApp : public UDPMulticastServer
692 UDPMulticastServerApp(uint16_t port, int protocol, const std::string &mcastGroup, const std::string &networkInterface,
693 const AppContext &appContext)
694 : UDPMulticastServer(port, protocol, mcastGroup, networkInterface)
695 , m_appContext(appContext)
699 virtual int serverProcedure(int pipeFd) override
701 Api::setProcessLabel(m_appContext.appId());
702 RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(m_appContext.getUID(), m_appContext.getGID()) == 0,
703 "drop_root_privileges() failed");
705 return UDPServer::serverProcedure(pipeFd);
709 AppContext m_appContext;
713 class TCPServer : public NetServer
716 explicit TCPServer(uint16_t port)
721 virtual ~TCPServer() {}
723 virtual std::string getDescription() const override
725 return "TCPServer port: " + std::to_string(m_port);
728 virtual int serverProcedure(int pipeFd) override
730 FdUniquePtr pipePtr(&pipeFd);
732 int sockFd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
737 SockUniquePtr sockPtr(&sockFd);
740 if (setsockopt(sockFd, SOL_SOCKET, SO_REUSEADDR, static_cast<const void *>(&optionValue) , sizeof(int)) == -1) {
744 struct sockaddr_in serverAddress;
745 memset(&serverAddress, 0, sizeof(serverAddress));
746 serverAddress.sin_family = AF_INET;
747 serverAddress.sin_addr.s_addr = htonl(INADDR_ANY);
748 serverAddress.sin_port = htons(m_port);
750 if (bind(sockFd, reinterpret_cast<struct sockaddr *>(&serverAddress), sizeof(serverAddress)) == -1) {
754 if (listen(sockFd, 1) == -1) {
758 struct sockaddr_in clntAddress;
759 socklen_t clntAddressLength = static_cast<socklen_t>(sizeof(clntAddress));
760 char receiveBuffer[NET_BUFFER_SIZE];
762 notifyManager(pipeFd);
765 int acceptedSocketFd = TEMP_FAILURE_RETRY(accept(sockFd, reinterpret_cast<struct sockaddr *>(&clntAddress),
766 &clntAddressLength));
767 if (acceptedSocketFd == -1) {
771 SockUniquePtr acceptSockPtr(&acceptedSocketFd);
774 ssize_t len = TEMP_FAILURE_RETRY(recv(acceptedSocketFd, receiveBuffer, sizeof(receiveBuffer), 0));
785 ssize_t ret = TEMP_FAILURE_RETRY(write(pipeFd, &receiveBuffer[pos], len));
804 class TCPServerApp : public TCPServer
807 TCPServerApp(int port, const AppContext &appContext)
809 , m_appContext(appContext)
813 virtual int serverProcedure(int pipeFd) override
815 Api::setProcessLabel(m_appContext.appId());
816 RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(m_appContext.getUID(), m_appContext.getGID()) == 0,
817 "drop_root_privileges() failed");
819 return TCPServer::serverProcedure(pipeFd);
823 AppContext m_appContext;
830 NetClient(const std::string &appPrefix, NetherInternetAccess access, int msgCount)
831 : m_appPrefix(appPrefix)
833 , m_msgCount(msgCount)
837 NetClient(const NetClient &) = delete;
838 NetClient &operator=(const NetClient &) = delete;
842 runProcedureInNetAppContext(m_appPrefix, [this]() { clientProcedure(); } , m_access);
845 virtual void clientProcedure() = 0;
848 std::string m_appPrefix;
849 NetherInternetAccess m_access;
853 class UDPClientApp : public NetClient
856 UDPClientApp(const std::string &appPrefix, NetherInternetAccess access, int msgCount,
857 int protocol, const std::string &hostName, uint16_t port)
858 : NetClient(appPrefix, access, msgCount)
859 , m_protocol(protocol)
860 , m_hostName(hostName)
865 virtual bool applyExtraSocketOptions(int)
871 virtual void clientProcedure() override
873 int sockFd = socket(AF_INET, SOCK_DGRAM, m_protocol);
874 RUNNER_ASSERT_ERRNO_MSG(sockFd >= 0, "socket() failed");
875 SockUniquePtr sockPtr(&sockFd);
877 struct hostent *server = gethostbyname(m_hostName.c_str());
878 RUNNER_ASSERT_MSG(server != nullptr, "Couldn't find host " << m_hostName
879 << " h_errno = " << hstrerror(h_errno));
881 RUNNER_ASSERT_MSG (applyExtraSocketOptions(sockFd), "Couldn't prepare socket");
883 struct sockaddr_in serverAddress;
884 memset(&serverAddress, 0, sizeof(serverAddress));
885 serverAddress.sin_family = AF_INET;
886 memcpy(&serverAddress.sin_addr.s_addr, server->h_addr, server->h_length);
887 serverAddress.sin_port = htons(m_port);
889 char sendBuffer[NET_BUFFER_SIZE];
891 memset(sendBuffer, 'X', sizeof(sendBuffer));
892 size_t serverAddressLength = sizeof(serverAddress);
894 int msgCount = m_msgCount;
895 while (msgCount-- > 0) {
896 ssize_t len = sizeof(sendBuffer);
899 ssize_t ret = TEMP_FAILURE_RETRY(sendto(sockFd, &sendBuffer[pos], len, 0,
900 reinterpret_cast<struct sockaddr *>(&serverAddress), serverAddressLength));
901 RUNNER_ASSERT_ERRNO_MSG(ret >= 0, "sendto() failed");
909 std::string m_hostName;
913 class UDPMulticastClientApp : public UDPClientApp
916 UDPMulticastClientApp(const std::string &appPrefix, NetherInternetAccess access, int msgCount,
917 int protocol, const std::string &hostName, uint16_t port, char ttl, bool enableLoop)
918 : UDPClientApp(appPrefix, access, msgCount, protocol, hostName, port)
920 , m_enableLoop(enableLoop)
924 virtual bool applyExtraSocketOptions(int sockFd) override
926 if (setsockopt(sockFd, IPPROTO_IP, IP_MULTICAST_TTL, static_cast<void *>(&m_ttl), sizeof(m_ttl)) == -1) {
930 char multicastEnableLoop = m_enableLoop ? 1 : 0;
931 return setsockopt(sockFd, IPPROTO_IP, IP_MULTICAST_LOOP, static_cast<void *>(&multicastEnableLoop),
932 sizeof(multicastEnableLoop)) == 0;
940 class TCPClientApp : public NetClient
943 TCPClientApp(const std::string &appPrefix, NetherInternetAccess access, int msgCount,
944 const std::string &hostName, int port, bool expectConnectionError)
945 : NetClient(appPrefix, access, msgCount)
946 , m_hostName(hostName)
948 , m_expectConnectionError(expectConnectionError)
953 virtual void clientProcedure() override
955 int sockFd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
956 RUNNER_ASSERT_ERRNO_MSG(sockFd >= 0, "socket() failed");
957 SockUniquePtr sockPtr(&sockFd);
959 struct hostent *server = gethostbyname(m_hostName.c_str());
960 RUNNER_ASSERT_MSG(server != nullptr, "Couldn't find host " << m_hostName
961 << " h_errno = " << hstrerror(h_errno));
963 struct sockaddr_in serverAddress;
964 memset(&serverAddress, 0, sizeof(serverAddress));
965 serverAddress.sin_family = AF_INET;
966 memcpy(&serverAddress.sin_addr.s_addr, server->h_addr, server->h_length);
967 serverAddress.sin_port = htons(m_port);
968 size_t serverAddressLength = sizeof(serverAddress);
970 int ret = TEMP_FAILURE_RETRY(connect(sockFd,
971 reinterpret_cast<struct sockaddr *>(&serverAddress),serverAddressLength));
972 if (ret == -1 && m_expectConnectionError) {
976 RUNNER_ASSERT_ERRNO_MSG(ret == 0, "Couldn't connect to " << m_hostName);
978 char sendBuffer[NET_BUFFER_SIZE];
979 memset(sendBuffer, 'X', sizeof(sendBuffer));
981 int msgCount = m_msgCount;
982 while (msgCount-- > 0) {
983 ssize_t len = sizeof(sendBuffer);
986 ssize_t ret = TEMP_FAILURE_RETRY(send(sockFd, &sendBuffer[pos], len, 0));
987 RUNNER_ASSERT_ERRNO_MSG(ret >= 0, "send() failed");
994 std::string m_hostName;
996 bool m_expectConnectionError;
1000 RUNNER_TEST_GROUP_INIT(NETHER_REMOTE_CONNECTION)
1003 RUNNER_CHILD_TEST(nether_check_udp_connection_internet_access_granted)
1005 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1006 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1007 NETHER_NETNS_TEARDOWN_COMMAND);
1009 UDPServer udpServer(UDP_TEST_PORT);
1010 udpServer.start(NETHER_NETNS_NAME_TEST);
1012 UDPClientApp udpClientApp("nether_test_uciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT,
1013 IPPROTO_UDP, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT);
1014 udpClientApp.start();
1016 RUNNER_ASSERT_MSG(udpServer.isAlive(), "UDP server was not running");
1018 RUNNER_ASSERT_MSG(udpServer.getReceivedBytes() > 0, "UDP server didn't receive any data");
1022 RUNNER_CHILD_TEST(nether_check_udp_connection_internet_access_denied)
1024 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1025 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1026 NETHER_NETNS_TEARDOWN_COMMAND);
1028 UDPServer udpServer(UDP_TEST_PORT);
1029 udpServer.start(NETHER_NETNS_NAME_TEST);
1031 UDPClientApp udpClientApp("nether_test_uciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT,
1032 IPPROTO_UDP, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT);
1033 udpClientApp.start();
1035 RUNNER_ASSERT_MSG(udpServer.isAlive(), "UDP server was not running");
1037 RUNNER_ASSERT_MSG(udpServer.getReceivedBytes() == 0, "UDP server received some data");
1041 RUNNER_CHILD_TEST(nether_check_udp_lite_connection_internet_access_granted)
1043 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1044 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1045 NETHER_NETNS_TEARDOWN_COMMAND);
1047 UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE);
1048 udpLiteServer.start(NETHER_NETNS_NAME_TEST);
1050 UDPClientApp udpClientApp("nether_test_ulciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT,
1051 IPPROTO_UDPLITE, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT);
1052 udpClientApp.start();
1054 RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDPLite server was not running");
1055 udpLiteServer.stop();
1056 RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() > 0, "UDPLite server didn't receive any data");
1060 RUNNER_CHILD_TEST(nether_check_udp_lite_connection_internet_access_denied)
1062 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1063 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1064 NETHER_NETNS_TEARDOWN_COMMAND);
1066 UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE);
1067 udpLiteServer.start(NETHER_NETNS_NAME_TEST);
1069 UDPClientApp udpClientApp("nether_test_ulciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT,
1070 IPPROTO_UDPLITE, REMOTE_INTERFACE_ADDRESS, UDP_TEST_PORT);
1071 udpClientApp.start();
1073 RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running");
1074 udpLiteServer.stop();
1075 RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() == 0, "UDP server received some data");
1079 RUNNER_CHILD_TEST(nether_check_tcp_connection_internet_access_granted)
1081 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1082 NETHER_NETNS_TEARDOWN_COMMAND);
1084 TCPServer tcpServer(TCP_TEST_PORT);
1085 tcpServer.start(NETHER_NETNS_NAME_TEST);
1087 TCPClientApp tcpClientApp("nether_test_tciag", NetherInternetAccess::ACCESS_GRANTED, TCP_MESSAGES_COUNT,
1088 REMOTE_INTERFACE_ADDRESS, TCP_TEST_PORT, false);
1089 tcpClientApp.start();
1091 RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running");
1093 RUNNER_ASSERT_MSG(tcpServer.getReceivedBytes() > 0, "TCP server didn't receive any data");
1097 RUNNER_CHILD_TEST(nether_check_tcp_connection_internet_access_denied)
1099 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1100 NETHER_NETNS_TEARDOWN_COMMAND);
1102 TCPServer tcpServer(TCP_TEST_PORT);
1103 tcpServer.start(NETHER_NETNS_NAME_TEST);
1105 TCPClientApp tcpClientApp("nether_test_tciad", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT,
1106 REMOTE_INTERFACE_ADDRESS, TCP_TEST_PORT, true);
1107 tcpClientApp.start();
1109 RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running");
1111 RUNNER_ASSERT_MSG(tcpServer.getReceivedBytes() == 0, "TCP server received some data");
1114 // Communication between application and local service
1115 RUNNER_TEST_GROUP_INIT(NETHER_LOCAL_SERVICE_CONNECTION)
1118 RUNNER_CHILD_TEST(nether_check_udp_local_connection_internet_access_granted)
1120 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1121 UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDP);
1122 udpLiteServer.start();
1124 UDPClientApp udpClientApp("nether_test_ulciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT,
1125 IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1126 udpClientApp.start();
1128 RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running");
1129 udpLiteServer.stop();
1130 RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() > 0, "UDP server didn't receive any data");
1134 RUNNER_CHILD_TEST(nether_check_udp_local_connection_internet_access_denied)
1136 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1137 UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDP);
1138 udpLiteServer.start();
1140 UDPClientApp udpClientApp("nether_test_ulciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT,
1141 IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1142 udpClientApp.start();
1144 RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running");
1145 udpLiteServer.stop();
1146 RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() > 0, "UDP server didn't receive any data");
1150 RUNNER_CHILD_TEST(nether_check_udp_lite_local_connection_internet_access_granted)
1152 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1153 UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE);
1154 udpLiteServer.start();
1156 UDPClientApp udpClientApp("nether_test_ullciag", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT,
1157 IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1158 udpClientApp.start();
1160 RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running");
1161 udpLiteServer.stop();
1162 RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() > 0, "UDP server didn't receive any data");
1166 RUNNER_CHILD_TEST(nether_check_udp_lite_local_connection_internet_access_denied)
1168 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1169 UDPServer udpLiteServer(UDP_TEST_PORT, IPPROTO_UDPLITE);
1170 udpLiteServer.start();
1172 UDPClientApp udpClientApp("nether_test_ullciad", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT,
1173 IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1174 udpClientApp.start();
1176 RUNNER_ASSERT_MSG(udpLiteServer.isAlive(), "UDP server was not running");
1177 udpLiteServer.stop();
1178 RUNNER_ASSERT_MSG(udpLiteServer.getReceivedBytes() > 0, "UDP server didn't receive any data");
1182 RUNNER_CHILD_TEST(nether_check_tcp_local_connection_internet_access_granted)
1184 TCPServer tcpServer(TCP_TEST_PORT);
1187 TCPClientApp tcpClientApp("nether_test_tlciad", NetherInternetAccess::ACCESS_GRANTED, TCP_MESSAGES_COUNT,
1188 LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, false);
1189 tcpClientApp.start();
1191 RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running");
1193 RUNNER_ASSERT_MSG(tcpServer.getReceivedBytes() > 0, "TCP server didn't receive any data");
1197 RUNNER_CHILD_TEST(nether_check_tcp_local_connection_internet_access_denied)
1199 TCPServer tcpServer(TCP_TEST_PORT);
1202 TCPClientApp tcpClientApp("nether_test_tlciad", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT,
1203 LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, false);
1204 tcpClientApp.start();
1206 RUNNER_ASSERT_MSG(tcpServer.isAlive(), "TCP server was not running");
1208 RUNNER_ASSERT_MSG(tcpServer.getReceivedBytes() > 0, "TCP server didn't receive any data");
1212 // Applications mustn't communicate with each other even if access to the Internet is granted.
1213 RUNNER_TEST_GROUP_INIT(NETHER_LOCAL_INTER_APP_CONNECTION)
1216 RUNNER_CHILD_TEST(nether_check_udp_local_inter_app_connection_internet_access_granted)
1218 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1219 ScopedAppContext appContext("nether_test_uliaciag_a", NetherInternetAccess::ACCESS_GRANTED);
1220 UDPServerApp udpServerApp(UDP_TEST_PORT, IPPROTO_UDP, appContext);
1221 udpServerApp.start();
1223 UDPClientApp udpClientApp("nether_test_uliaciag_b", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT,
1224 IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1225 udpClientApp.start();
1227 RUNNER_ASSERT_MSG(udpServerApp.isAlive(), "UDP server was not running");
1228 udpServerApp.stop();
1229 RUNNER_ASSERT_MSG(udpServerApp.getReceivedBytes() == 0, "UDP server received some data");
1233 RUNNER_CHILD_TEST(nether_check_udp_local_inter_app_connection_internet_access_denied)
1235 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1236 ScopedAppContext appContext("nether_test_uliaciad_a", NetherInternetAccess::ACCESS_DENIED);
1237 UDPServerApp udpServerApp(UDP_TEST_PORT, IPPROTO_UDP, appContext);
1238 udpServerApp.start();
1240 UDPClientApp udpClientApp("nether_test_uliaciad_b", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT,
1241 IPPROTO_UDP, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1242 udpClientApp.start();
1244 RUNNER_ASSERT_MSG(udpServerApp.isAlive(), "UDP server was not running");
1245 udpServerApp.stop();
1246 RUNNER_ASSERT_MSG(udpServerApp.getReceivedBytes() == 0, "UDP server received some data");
1250 RUNNER_CHILD_TEST(nether_check_udp_lite_local_inter_app_connection_internet_access_granted)
1252 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1253 ScopedAppContext appContext("nether_test_ulliaciag_a", NetherInternetAccess::ACCESS_GRANTED);
1254 UDPServerApp udpLiteServerApp(UDP_TEST_PORT, IPPROTO_UDPLITE, appContext);
1255 udpLiteServerApp.start();
1257 UDPClientApp udpClientApp("nether_ulliaciag_b", NetherInternetAccess::ACCESS_GRANTED, UDP_MESSAGES_COUNT,
1258 IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1259 udpClientApp.start();
1261 RUNNER_ASSERT_MSG(udpLiteServerApp.isAlive(), "UDP server was not running");
1262 udpLiteServerApp.stop();
1263 RUNNER_ASSERT_MSG(udpLiteServerApp.getReceivedBytes() == 0, "UDP server received some data");
1267 RUNNER_CHILD_TEST(nether_check_udp_lite_local_inter_app_connection_internet_access_denied)
1269 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1270 ScopedAppContext appContext("nether_test_ulliaciad_a", NetherInternetAccess::ACCESS_DENIED);
1271 UDPServerApp udpLiteServerApp(UDP_TEST_PORT, IPPROTO_UDPLITE, appContext);
1272 udpLiteServerApp.start();
1274 UDPClientApp udpClientApp("nether_ulliaciad_b", NetherInternetAccess::ACCESS_DENIED, UDP_MESSAGES_COUNT,
1275 IPPROTO_UDPLITE, LOCAL_HOST_TEST_SERVER_ADDRESS, UDP_TEST_PORT);
1276 udpClientApp.start();
1278 RUNNER_ASSERT_MSG(udpLiteServerApp.isAlive(), "UDP server was not running");
1279 udpLiteServerApp.stop();
1280 RUNNER_ASSERT_MSG(udpLiteServerApp.getReceivedBytes() == 0, "UDP server received some data");
1284 RUNNER_CHILD_TEST(nether_check_tcp_local_inter_app_connection_internet_access_granted)
1286 ScopedAppContext appContext("nether_test_tliaciag_a", NetherInternetAccess::ACCESS_GRANTED);
1287 TCPServerApp tcpServerApp(TCP_TEST_PORT, appContext);
1288 tcpServerApp.start();
1290 TCPClientApp tcpClientApp("nether_test_tliaciag_b", NetherInternetAccess::ACCESS_GRANTED, TCP_MESSAGES_COUNT,
1291 LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, true);
1292 tcpClientApp.start();
1294 RUNNER_ASSERT_MSG(tcpServerApp.isAlive(), "TCP server was not running");
1295 tcpServerApp.stop();
1296 RUNNER_ASSERT_MSG(tcpServerApp.getReceivedBytes() == 0, "TCP server received some data");
1300 RUNNER_CHILD_TEST(nether_check_tcp_local_inter_app_connection_internet_access_denied)
1302 ScopedAppContext appContext("nether_test_tliaciad_a", NetherInternetAccess::ACCESS_DENIED);
1303 TCPServerApp tcpServerApp(TCP_TEST_PORT, appContext);
1304 tcpServerApp.start();
1306 TCPClientApp tcpClientApp("nether_test_tliaciad_b", NetherInternetAccess::ACCESS_DENIED, TCP_MESSAGES_COUNT,
1307 LOCAL_HOST_TEST_SERVER_ADDRESS, TCP_TEST_PORT, true);
1308 tcpClientApp.start();
1310 RUNNER_ASSERT_MSG(tcpServerApp.isAlive(), "TCP server was not running");
1311 tcpServerApp.stop();
1312 RUNNER_ASSERT_MSG(tcpServerApp.getReceivedBytes() == 0, "TCP server received some data");
1316 RUNNER_TEST_GROUP_INIT(NETHER_MULTICAST)
1319 RUNNER_CHILD_TEST(nether_check_multicast_inter_app_connection_access_granted)
1321 // one app acts as a server (receiver), the second as a sender
1322 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1323 ScopedAppContext appContext("nether_test_miacag_a", NetherInternetAccess::ACCESS_GRANTED);
1324 UDPMulticastServerApp udpMulticastServerApp(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP,
1325 ANY_INTERFACE, appContext);
1326 udpMulticastServerApp.start();
1328 UDPMulticastClientApp udpMulticastClientApp("nether_test_miacag_b", NetherInternetAccess::ACCESS_GRANTED,
1329 UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, true);
1330 udpMulticastClientApp.start();
1332 RUNNER_ASSERT_MSG(udpMulticastServerApp.isAlive(), "UDP multicast server was not running");
1333 udpMulticastServerApp.stop();
1334 RUNNER_ASSERT_MSG(udpMulticastServerApp.getReceivedBytes() > 0, "UDP multicast server didn't receive any data");
1338 RUNNER_CHILD_TEST(nether_check_multicast_inter_app_connection_access_denied)
1340 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1341 ScopedAppContext appContext("nether_test_miacad_a", NetherInternetAccess::ACCESS_DENIED);
1342 UDPMulticastServerApp udpMulticastServerApp(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP,
1343 ANY_INTERFACE, appContext);
1344 udpMulticastServerApp.start();
1346 UDPMulticastClientApp udpMulticastClientApp("nether_test_miacad_b", NetherInternetAccess::ACCESS_DENIED,
1347 UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, true);
1348 udpMulticastClientApp.start();
1350 RUNNER_ASSERT_MSG(udpMulticastServerApp.isAlive(), "UDP multicast server was not running");
1351 udpMulticastServerApp.stop();
1352 RUNNER_ASSERT_MSG(udpMulticastServerApp.getReceivedBytes() == 0, "UDP multicast server received some data");
1356 RUNNER_CHILD_TEST(nether_check_multicast_remote_connection_app_sender_access_granted)
1358 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1359 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1360 NETHER_NETNS_TEARDOWN_COMMAND);
1362 UDPMulticastServer udpMulticastServer(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, REMOTE_INTERFACE_NAME);
1363 udpMulticastServer.start(NETHER_NETNS_NAME_TEST);
1365 UDPMulticastClientApp udpMulticastClientApp("nether_test_mrcasag", NetherInternetAccess::ACCESS_GRANTED,
1366 UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, false);
1367 udpMulticastClientApp.start();
1369 RUNNER_ASSERT_MSG(udpMulticastServer.isAlive(), "UDP multicast server was not running");
1370 udpMulticastServer.stop();
1371 RUNNER_ASSERT_MSG(udpMulticastServer.getReceivedBytes() > 0, "UDP multicast server didn't receive any data");
1375 RUNNER_CHILD_TEST(nether_check_multicast_remote_connection_app_sender_access_denied)
1377 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of UDP traffic is finished.");
1378 ScopedShellScriptRunner networkNSRunner(NETHER_NETNS_SETUP_COMMAND,
1379 NETHER_NETNS_TEARDOWN_COMMAND);
1381 UDPMulticastServer udpMulticastServer(UDP_TEST_PORT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, REMOTE_INTERFACE_NAME);
1382 udpMulticastServer.start(NETHER_NETNS_NAME_TEST);
1384 UDPMulticastClientApp udpMulticastClientApp("nether_test_mrcasad", NetherInternetAccess::ACCESS_DENIED,
1385 UDP_MESSAGES_COUNT, IPPROTO_UDP, LOCAL_TEST_MCAST_GROUP, UDP_TEST_PORT, TTL_MCAST_RESTRIC_SUBNET, false);
1386 udpMulticastClientApp.start();
1388 RUNNER_ASSERT_MSG(udpMulticastServer.isAlive(), "UDP multicast server was not running");
1389 udpMulticastServer.stop();
1390 RUNNER_ASSERT_MSG(udpMulticastServer.getReceivedBytes() == 0, "UDP multicast server received some data");
1394 RUNNER_TEST_GROUP_INIT(NETHER_LOCAL_DNS_CONNECTION)
1397 RUNNER_CHILD_TEST(nether_check_gethostbyname_internet_access_granted)
1399 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of DNS queries is finished.");
1401 ScopedShellScriptRunner networkDNSRunner(NETHER_DNS_SETUP_COMMAND,
1402 NETHER_DNS_TEARDOWN_COMMAND);
1404 const auto getHostAddress = [](void) {
1405 struct hostent *server = gethostbyname(DNS_TEST_ADDRESS.c_str());
1406 RUNNER_ASSERT_MSG(server != nullptr, "Couldn't find host "
1407 << DNS_TEST_ADDRESS << " h_errno = " << h_errno);
1409 runProcedureInNetAppContext("nether_test_giag", getHostAddress, NetherInternetAccess::ACCESS_GRANTED);
1413 RUNNER_CHILD_TEST(nether_check_gethostbyname_internet_access_denied)
1415 RUNNER_IGNORED_MSG("Disabled until the implementation of handling of DNS queries is finished.");
1417 ScopedShellScriptRunner networkDNSRunner(NETHER_DNS_SETUP_COMMAND,
1418 NETHER_DNS_TEARDOWN_COMMAND);
1420 const auto getHostAddress = [](void) {
1421 struct hostent *server = gethostbyname(DNS_TEST_ADDRESS.c_str());
1422 RUNNER_ASSERT_MSG(server == nullptr, "Host was found " << DNS_TEST_ADDRESS);
1425 runProcedureInNetAppContext("nether_test_giad", getHostAddress, NetherInternetAccess::ACCESS_DENIED);
1429 void checkRawSocket(void)
1431 const std::vector<int> protocols {
1436 for (const auto protocol : protocols) {
1437 int sockFd = socket(AF_INET, SOCK_RAW, protocol);
1438 RUNNER_ASSERT_ERRNO_MSG(sockFd == -1, "RAW socket was successfully created for protocol " << protocol);
1443 RUNNER_TEST_GROUP_INIT(NETHER_RAW_SOCKET)
1446 RUNNER_CHILD_TEST(nether_check_raw_socket_access_granted)
1448 runProcedureInNetAppContext("nether_test_rsag", checkRawSocket, NetherInternetAccess::ACCESS_GRANTED);
1452 RUNNER_CHILD_TEST(nether_check_raw_socket_access_denied)
1454 runProcedureInNetAppContext("nether_test_rsad", checkRawSocket, NetherInternetAccess::ACCESS_DENIED);
1458 int main(int argc, char *argv[])
1460 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);