Firewall/test_firewall.py at master · TitaniumKnight1/Firewall · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#!/usr/bin/env python3
# -*- coding: utf-8 -*-

"""
Firewall Test Script

This script creates a test PCAP file with various packets and demonstrates
how to use the firewall.py to process it.

Note: This is for educational purposes only.
"""

import os
import sys
from scapy.all import IP, TCP, UDP, ICMP, Ether, wrpcap

def create_test_pcap(file_path):
    """
    Create a test PCAP file with various packet types.
    """
    # Create a list to store packets
    packets = []

    # Create some TCP SYN packets (new connection attempts)
    # Outbound HTTP request
    packets.append(Ether()/IP(src="192.168.1.2", dst="93.184.216.34")/
                  TCP(sport=52000, dport=80, flags="S"))

    # Inbound SYN-ACK response
    packets.append(Ether()/IP(src="93.184.216.34", dst="192.168.1.2")/
                  TCP(sport=80, dport=52000, flags="SA"))

    # Outbound ACK to establish connection
    packets.append(Ether()/IP(src="192.168.1.2", dst="93.184.216.34")/
                  TCP(sport=52000, dport=80, flags="A"))

    # Outbound HTTP GET request data
    packets.append(Ether()/IP(src="192.168.1.2", dst="93.184.216.34")/
                  TCP(sport=52000, dport=80, flags="PA")/
                  "GET / HTTP/1.1\r\nHost: example.com\r\n\r\n")

    # Inbound HTTP response data
    packets.append(Ether()/IP(src="93.184.216.34", dst="192.168.1.2")/
                  TCP(sport=80, dport=52000, flags="PA")/
                  "HTTP/1.1 200 OK\r\n\r\n<html>...</html>")

    # Connection teardown
    packets.append(Ether()/IP(src="192.168.1.2", dst="93.184.216.34")/
                  TCP(sport=52000, dport=80, flags="FA"))

    packets.append(Ether()/IP(src="93.184.216.34", dst="192.168.1.2")/
                  TCP(sport=80, dport=52000, flags="FA"))

    packets.append(Ether()/IP(src="192.168.1.2", dst="93.184.216.34")/
                  TCP(sport=52000, dport=80, flags="A"))

    # UDP DNS query (outbound)
    packets.append(Ether()/IP(src="192.168.1.2", dst="8.8.8.8")/
                  UDP(sport=53012, dport=53)/"DNS QUERY")

    # UDP DNS response (inbound)
    packets.append(Ether()/IP(src="8.8.8.8", dst="192.168.1.2")/
                  UDP(sport=53, dport=53012)/"DNS RESPONSE")

    # ICMP Echo Request (ping)
    packets.append(Ether()/IP(src="192.168.1.2", dst="8.8.8.8")/
                  ICMP(type=8, code=0))  # type 8 = echo request

    # ICMP Echo Reply
    packets.append(Ether()/IP(src="8.8.8.8", dst="192.168.1.2")/
                  ICMP(type=0, code=0))  # type 0 = echo reply

    # Attempt from blocked IP
    packets.append(Ether()/IP(src="192.168.1.100", dst="192.168.1.2")/
                  TCP(sport=45123, dport=22, flags="S"))

    # Telnet connection attempt (should be rejected)
    packets.append(Ether()/IP(src="192.168.1.10", dst="192.168.1.2")/
                  TCP(sport=54321, dport=23, flags="S"))

    # Write packets to pcap file
    wrpcap(file_path, packets)
    print(f"Created test PCAP file with {len(packets)} packets: {file_path}")

def main():
    # Create the test PCAP file
    pcap_file = "test_packets.pcap"
    create_test_pcap(pcap_file)

    # Run the firewall on the PCAP file
    rules_file = "rules.json"
    log_file = "firewall_test.log"

    # Check if firewall.py exists in the current directory
    if not os.path.exists("firewall.py"):
        print("Error: firewall.py not found in the current directory.")
        return 1

    # Print guidance
    print("\nTo test the firewall with this PCAP file, run:")
    print(f"python firewall.py --pcap {pcap_file} --rules {rules_file} --log {log_file} --verbose")

    return 0

if __name__ == "__main__":
    sys.exit(main())