blob: 79ae0de367e6e3210723774f962d3e750b5364ce (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
Then(/^the firewall leak detector has detected (.*?) leaks$/) do |type|
next if @skip_steps_while_restoring_background
leaks = FirewallLeakCheck.new(@sniffer.pcap_file, get_tor_relays)
case type.downcase
when 'ipv4 tcp'
if leaks.ipv4_tcp_leaks.empty?
save_pcap_file
raise "Couldn't detect any IPv4 TCP leaks"
end
when 'ipv4 non-tcp'
if leaks.ipv4_nontcp_leaks.empty?
save_pcap_file
raise "Couldn't detect any IPv4 non-TCP leaks"
end
when 'ipv6'
if leaks.ipv6_leaks.empty?
save_pcap_file
raise "Couldn't detect any IPv6 leaks"
end
when 'non-ip'
if leaks.nonip_leaks.empty?
save_pcap_file
raise "Couldn't detect any non-IP leaks"
end
else
raise "Incorrect packet type '#{type}'"
end
end
Given(/^I disable Tails' firewall$/) do
next if @skip_steps_while_restoring_background
@vm.execute("/usr/local/sbin/do_not_ever_run_me")
iptables = @vm.execute("iptables -L -n -v").stdout.chomp.split("\n")
for line in iptables do
if !line[/Chain (INPUT|OUTPUT|FORWARD) \(policy ACCEPT/] and
!line[/pkts[[:blank:]]+bytes[[:blank:]]+target/] and
!line.empty?
raise "The Tails firewall was not successfully disabled:\n#{iptables}"
end
end
end
When(/^I do a TCP DNS lookup of "(.*?)"$/) do |host|
next if @skip_steps_while_restoring_background
lookup = @vm.execute("host -T #{host} #{$some_dns_server}", $live_user)
assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}")
end
When(/^I do a UDP DNS lookup of "(.*?)"$/) do |host|
next if @skip_steps_while_restoring_background
lookup = @vm.execute("host #{host} #{$some_dns_server}", $live_user)
assert(lookup.success?, "Failed to resolve #{host}:\n#{lookup.stdout}")
end
When(/^I send some ICMP pings$/) do
next if @skip_steps_while_restoring_background
# We ping an IP address to avoid a DNS lookup
ping = @vm.execute("ping -c 5 #{$some_dns_server}", $live_user)
assert(ping.success?, "Failed to ping #{$some_dns_server}:\n#{ping.stderr}")
end
|