#!/bin/bash source testlib || exit 1 #### Zijn alle paginas uberhaubt opvraagbaar zonder errors? DESCRIPTION1="Basic pagina check" PAGE="firewall/listfirewall.php?show=input" VERIFYPOSITIVE="Firewall opnieuw starten" scc_add DESCRIPTION1="Basic pagina check" PAGE="firewall/listblocks.php" VERIFYPOSITIVE="(Alle adressen|All adresses)" scc_add DESCRIPTION1="Basic pagina check" PAGE="firewall/listservices.php" VERIFYPOSITIVE="(IPSEC verkeer|IPSEC traffic)" scc_add DESCRIPTION1="Basic pagina check" PAGE="firewall/listadmins.php" VERIFYPOSITIVE="altijd toegang tot de webinterface" scc_add #### Ruim oude zooi quick and dirty op DESCRIPTION1="Oude zooi opruimen" PAGE="firewall/editblock.php?name=testblok&del=1" IGNOREERROR=1 scc_add DESCRIPTION1="Oude zooi opruimen" PAGE="firewall/editservice.php?id=1234/tcp&del=1" IGNOREERROR=1 scc_add DESCRIPTION1="Oude zooi opruimen" PAGE="firewall/editfirewall.php?ruletxt=ipblock,testblok,zone_FW,,service,/icmp,deny,,&del=1" IGNOREERROR=1 scc_add #### Voeg test blokken en services toe DESCRIPTION1="Maak testipblok aan" PAGE="firewall/editblock.php" METHOD="post" POSTBODY="new_name=testblok&new_startip=0.0.0.0&new_endip=255.255.255.255&save=1" VERIFYPOSITIVE="testblok gewijzigd" scc_add DESCRIPTION1="controleer testblok" PAGE="firewall/listblocks.php" VERIFYPOSITIVE="testblok" scc_add DESCRIPTION1="Maak testservice aan" PAGE="firewall/editservice.php" METHOD="post" POSTBODY="fields[port]=1234&fields[proto]=tcp&fields[desc]=testservice&save=1" VERIFYPOSITIVE="Service definitie 1234/tcp gewijzigd" scc_add DESCRIPTION1="controleer testservice" PAGE="firewall/listservices.php" VERIFYPOSITIVE="testservice" scc_add #Voer de set tot zo ver uit: scc_test || exit 1 #### Test of firewall daadwerkelijk 'effect' heeft scc_new DESCRIPTION1="Maak icmp allow regel aan" PAGE="firewall/editfirewall.php" METHOD="post" POSTBODY="new_dstserviceandtype=service!/icmp&new_access=allow&new_dsttype=zone_FW&new_src=testblok&new_srctype=ipblock&save=1" VERIFYPOSITIVE="toegevoegd" scc_add scc_test || exit 1 DESCRIPTION1="Onthoud firewall regel ID" CMD="cat /etc/firewall/firewall|cut -f 3 -d' '|grep '[0-9]'|tail -1"; ID=`sshtest` || exit 1 echo "Kunnen we server pingen?" ping -w1 -c1 $IP || exit 1 scc_new DESCRIPTION1="Verander allow in deny regel" PAGE="firewall/editfirewall.php?ruletxt=$ID" METHOD="post" POSTBODY="new_dstserviceandtype=service!/icmp&new_access=deny&new_dsttype=zone_FW&new_src=testblok&new_srctype=ipblock&save=1" VERIFYPOSITIVE="veranderd in" scc_add scc_test || exit 1 echo "Server mag nu niet meer pingbaar zijn:" ping -w1 -c1 $IP && exit 1 #### Ruim oude zooi quick and dirty op scc_new DESCRIPTION1="Oude zooi opruimen" PAGE="firewall/editblock.php?name=testblok&del=1" IGNOREERROR=1 scc_add DESCRIPTION1="Oude zooi opruimen" PAGE="firewall/editfirewall.php?ruletxt=$ID&del=1" IGNOREERROR=1 scc_add DESCRIPTION1="Oude zooi opruimen" PAGE="firewall/editservice.php?id=1234/tcp&del=1" IGNOREERROR=1 scc_add scc_test || exit 1