1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <gtest/gtest.h>
17
18 #include "iservice_registry.h"
19 #include "system_ability_definition.h"
20
21 #include "iptables_type.h"
22 #include "net_manager_constants.h"
23 #include "netnative_log_wrapper.h"
24 #include "netsys_controller.h"
25
26 namespace OHOS {
27 namespace NetsysNative {
28 using namespace testing::ext;
29 using namespace NetManagerStandard;
30 class FirewallManagerTest : public testing::Test {
31 public:
32 static void SetUpTestCase();
33 static void TearDownTestCase();
34 void SetUp();
35 void TearDown();
36 };
37
SetUpTestCase()38 void FirewallManagerTest::SetUpTestCase() {}
39
TearDownTestCase()40 void FirewallManagerTest::TearDownTestCase() {}
41
SetUp()42 void FirewallManagerTest::SetUp() {}
43
TearDown()44 void FirewallManagerTest::TearDown()
45 {
46 NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_UNDOZABLE, 0, FirewallRule::RULE_DENY);
47 }
48
49 /**
50 * @tc.name: FirewallEnableChainTest001
51 * @tc.desc: Test FirewallManager FirewallEnableChain.
52 * @tc.type: FUNC
53 */
54 HWTEST_F(FirewallManagerTest, FirewallEnableChainTest001, TestSize.Level1)
55 {
56 // CHAIN_OHFW_DOZABLE, enable
57 int32_t ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_DOZABLE, true);
58 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
59 }
60
61 /**
62 * @tc.name: FirewallEnableChainTest002
63 * @tc.desc: Test FirewallManager FirewallEnableChain.
64 * @tc.type: FUNC
65 */
66 HWTEST_F(FirewallManagerTest, FirewallEnableChainTest002, TestSize.Level1)
67 {
68 // CHAIN_OHFW_DOZABLE, disable
69 int32_t ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_DOZABLE, false);
70 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
71 }
72
73 /**
74 * @tc.name: FirewallEnableChainTest003
75 * @tc.desc: Test FirewallManager FirewallEnableChain.
76 * @tc.type: FUNC
77 */
78 HWTEST_F(FirewallManagerTest, FirewallEnableChainTest003, TestSize.Level1)
79 {
80 // CHAIN_OHFW_UNDOZABLE, enable
81 int32_t ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_UNDOZABLE, true);
82 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
83 }
84
85 /**
86 * @tc.name: FirewallEnableChainTest004
87 * @tc.desc: Test FirewallManager FirewallEnableChain.
88 * @tc.type: FUNC
89 */
90 HWTEST_F(FirewallManagerTest, FirewallEnableChainTest004, TestSize.Level1)
91 {
92 // CHAIN_OHFW_UNDOZABLE, disable
93 int32_t ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_UNDOZABLE, false);
94 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
95 }
96
97 /**
98 * @tc.name: FirewallEnableChainTest005
99 * @tc.desc: Test FirewallManager FirewallEnableChain.
100 * @tc.type: FUNC
101 */
102 HWTEST_F(FirewallManagerTest, FirewallEnableChainTest005, TestSize.Level1)
103 {
104 // CHAIN_OHFW_UNDOZABLE, disable
105 int32_t ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_DOZABLE, true);
106 ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_DOZABLE, true);
107 EXPECT_EQ(ret, -1);
108 }
109
110 /**
111 * @tc.name: FirewallEnableChainTest006
112 * @tc.desc: Test FirewallManager FirewallEnableChain.
113 * @tc.type: FUNC
114 */
115 HWTEST_F(FirewallManagerTest, FirewallEnableChainTest006, TestSize.Level1)
116 {
117 // CHAIN_OHFW_UNDOZABLE, disable
118 int32_t ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_DOZABLE, false);
119 ret = NetsysController::GetInstance().FirewallEnableChain(ChainType::CHAIN_OHFW_DOZABLE, false);
120 EXPECT_EQ(ret, -1);
121 }
122
123 /**
124 * @tc.name: FirewallSetUidRuleTest001
125 * @tc.desc: Test FirewallManager FirewallSetUidRule.
126 * @tc.type: FUNC
127 */
128 HWTEST_F(FirewallManagerTest, FirewallSetUidRuleTest001, TestSize.Level1)
129 {
130 NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_DOZABLE, 0, FirewallRule::RULE_DENY);
131 // CHAIN_OHFW_DOZABLE, root, RULE_ALLOW
132 int32_t ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_DOZABLE, 0,
133 FirewallRule::RULE_ALLOW);
134 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
135 }
136
137 /**
138 * @tc.name: FirewallSetUidRuleTest002
139 * @tc.desc: Test FirewallManager FirewallSetUidRule.
140 * @tc.type: FUNC
141 */
142 HWTEST_F(FirewallManagerTest, FirewallSetUidRuleTest002, TestSize.Level1)
143 {
144 // CHAIN_OHFW_DOZABLE, root, RULE_DENY
145 int32_t ret =
146 NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_DOZABLE, 0, FirewallRule::RULE_DENY);
147 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
148 }
149
150 /**
151 * @tc.name: FirewallSetUidRuleTest003
152 * @tc.desc: Test FirewallManager FirewallSetUidRule.
153 * @tc.type: FUNC
154 */
155 HWTEST_F(FirewallManagerTest, FirewallSetUidRuleTest003, TestSize.Level1)
156 {
157 NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_UNDOZABLE, 0, FirewallRule::RULE_ALLOW);
158 // CHAIN_OHFW_UNDOZABLE, root, RULE_ALLOW
159 int32_t ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_UNDOZABLE, 0,
160 FirewallRule::RULE_DENY);
161 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
162 }
163
164 /**
165 * @tc.name: FirewallSetUidRuleTest004
166 * @tc.desc: Test FirewallManager FirewallSetUidRule.
167 * @tc.type: FUNC
168 */
169 HWTEST_F(FirewallManagerTest, FirewallSetUidRuleTest004, TestSize.Level1)
170 {
171 // CHAIN_OHFW_UNDOZABLE, root, RULE_DENY
172 int32_t ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_UNDOZABLE, 0,
173 FirewallRule::RULE_ALLOW);
174 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
175 }
176
177 /**
178 * @tc.name: FirewallSetUidRuleTest005
179 * @tc.desc: Test FirewallManager FirewallSetUidRule.
180 * @tc.type: FUNC
181 */
182 HWTEST_F(FirewallManagerTest, FirewallSetUidRuleTest005, TestSize.Level1)
183 {
184 // CHAIN_OHFW_UNDOZABLE, root, RULE_DENY
185 int32_t ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_DOZABLE, 0,
186 FirewallRule::RULE_ALLOW);
187 ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_DOZABLE, 0,
188 FirewallRule::RULE_ALLOW);
189 EXPECT_EQ(ret, -1);
190 }
191
192 /**
193 * @tc.name: FirewallSetUidRuleTest006
194 * @tc.desc: Test FirewallManager FirewallSetUidRule.
195 * @tc.type: FUNC
196 */
197 HWTEST_F(FirewallManagerTest, FirewallSetUidRuleTest006, TestSize.Level1)
198 {
199 // CHAIN_OHFW_UNDOZABLE, root, RULE_DENY
200 int32_t ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_UNDOZABLE, 0,
201 FirewallRule::RULE_DENY);
202 ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_UNDOZABLE, 0,
203 FirewallRule::RULE_DENY);
204 EXPECT_EQ(ret, -1);
205 ret = NetsysController::GetInstance().FirewallSetUidRule(ChainType::CHAIN_OHFW_UNDOZABLE, 0,
206 FirewallRule::RULE_ALLOW);
207 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
208 }
209
210 /**
211 * @tc.name: FirewallSetUidsAllowedListChainTest001
212 * @tc.desc: Test FirewallManager FirewallSetUidsAllowedListChain.
213 * @tc.type: FUNC
214 */
215 HWTEST_F(FirewallManagerTest, FirewallSetUidsAllowedListChainTest001, TestSize.Level1)
216 {
217 // CHAIN_OHFW_DOZABLE, <root>
218 std::vector<uint32_t> uids;
219 uids.push_back(0);
220 int32_t ret =
221 NetsysController::GetInstance().FirewallSetUidsAllowedListChain(ChainType::CHAIN_OHFW_DOZABLE, uids);
222 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
223 }
224
225 /**
226 * @tc.name: FirewallSetUidsAllowedListChainTest002
227 * @tc.desc: Test FirewallManager FirewallSetUidsAllowedListChain.
228 * @tc.type: FUNC
229 */
230 HWTEST_F(FirewallManagerTest, FirewallSetUidsAllowedListChainTest002, TestSize.Level1)
231 {
232 // CHAIN_OHFW_UNDOZABLE, <root, system>
233 std::vector<uint32_t> uids;
234 uids.push_back(0);
235 uids.push_back(20010034);
236 int32_t ret =
237 NetsysController::GetInstance().FirewallSetUidsAllowedListChain(ChainType::CHAIN_OHFW_DOZABLE, uids);
238 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
239 }
240
241 /**
242 * @tc.name: FirewallSetUidsAllowedListChainTest003
243 * @tc.desc: Test FirewallManager FirewallSetUidsAllowedListChain.
244 * @tc.type: FUNC
245 */
246 HWTEST_F(FirewallManagerTest, FirewallSetUidsAllowedListChainTest003, TestSize.Level1)
247 {
248 // CHAIN_OHFW_UNDOZABLE, <root, system>
249 std::vector<uint32_t> uids;
250 uids.push_back(0);
251 uids.push_back(20010034);
252 int32_t ret =
253 NetsysController::GetInstance().FirewallSetUidsAllowedListChain(ChainType::CHAIN_OHFW_UNDOZABLE, uids);
254 EXPECT_EQ(ret, -1);
255 }
256
257 /**
258 * @tc.name: FirewallSetUidsDeniedListChainTest001
259 * @tc.desc: Test FirewallManager FirewallSetUidsDeniedListChain.
260 * @tc.type: FUNC
261 */
262 HWTEST_F(FirewallManagerTest, FirewallSetUidsDeniedListChainTest001, TestSize.Level1)
263 {
264 // CHAIN_OHFW_DOZABLE, <root>
265 std::vector<uint32_t> uids;
266 uids.push_back(0);
267 int32_t ret =
268 NetsysController::GetInstance().FirewallSetUidsDeniedListChain(ChainType::CHAIN_OHFW_UNDOZABLE, uids);
269 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
270 }
271
272 /**
273 * @tc.name: FirewallSetUidsDeniedListChainTest002
274 * @tc.desc: Test FirewallManager FirewallSetUidsDeniedListChain.
275 * @tc.type: FUNC
276 */
277 HWTEST_F(FirewallManagerTest, FirewallSetUidsDeniedListChainTest002, TestSize.Level1)
278 {
279 // CHAIN_OHFW_UNDOZABLE, <root, system>
280 std::vector<uint32_t> uids;
281 uids.push_back(0);
282 uids.push_back(20010034);
283 int32_t ret =
284 NetsysController::GetInstance().FirewallSetUidsDeniedListChain(ChainType::CHAIN_OHFW_UNDOZABLE, uids);
285 EXPECT_EQ(ret, NetManagerStandard::NETMANAGER_SUCCESS);
286 }
287
288 /**
289 * @tc.name: FirewallSetUidsDeniedListChainTest003
290 * @tc.desc: Test FirewallManager FirewallSetUidsDeniedListChain.
291 * @tc.type: FUNC
292 */
293 HWTEST_F(FirewallManagerTest, FirewallSetUidsDeniedListChainTest003, TestSize.Level1)
294 {
295 // CHAIN_OHFW_UNDOZABLE, <root, system>
296 std::vector<uint32_t> uids;
297 uids.push_back(0);
298 uids.push_back(20010034);
299 int32_t ret = NetsysController::GetInstance().FirewallSetUidsDeniedListChain(ChainType::CHAIN_OHFW_DOZABLE, uids);
300 EXPECT_EQ(ret, -1);
301 }
302 } // namespace NetsysNative
303 } // namespace OHOS
304