xah30/AuraVPN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1f82bc41c03d2acb2cd3ebcbbca0385c0f8ee15d
AuraVPN/crates/aura-cli/tests/nat.rs
T
xah30 c6f0d7af9b feat(cli): auto-NAT + privilege drop + Windows named-pipe admin 
Three v2-hardening features in aura-cli, one pass:

- nat::NatGuard: RAII auto-config of IP forwarding + MASQUERADE on server
  startup. Linux (sysctl ip_forward + iptables -t nat MASQUERADE) and
  macOS (sysctl ip.forwarding + pfctl with /tmp/aura-nat.conf). dry_run
  works on every platform (logs "would run: ..."). Reverts everything in
  Drop. New [server.nat] {auto, egress_iface, dry_run}; absent section =
  back-compat no-op. Removes v1's "manual NAT/forwarding" step.
- privdrop::drop_to_user: drop euid/gid after binding TUN + privileged
  ports. Linux setresuid/setresgid, macOS setgid+setuid (permanent drop),
  Windows no-op with warning. New [server] / [client] run_as = "..."
  (optional). Skipped with info-log if already non-root.
- admin: split transport into cfg(unix) Unix-socket and cfg(windows) Tokio
  named-pipe modules sharing one JSON-line serve/request flow over
  AsyncRead/AsyncWrite. DEFAULT_SOCKET = "/tmp/aura-admin.sock" on Unix,
  r"\\.\pipe\aura-admin" on Windows. Removes v1's "admin Unix-only".

Deps: nix 0.29 user feature under [target.'cfg(unix)'.dependencies] (cli-
local, not workspace). Workspace: 155 tests passed (+13), clippy -D warnings
clean, fmt clean.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-27 02:09:38 +03:00

28 lines
1.3 KiB
Rust
Raw Blame History

//! Integration tests for the auto-NAT helper (`aura_cli::nat::NatGuard`).
//!
//! These tests only exercise the dry-run code path. Real NAT mutation needs root and a host with
//! `iptables` (Linux) or `pfctl` (macOS), neither of which is appropriate for the unit test runner.
//! The dry-run path is platform-portable: it logs `would run: ...` for both the Linux and macOS
//! plans and never touches the host. The same code path is what the operator can use to inspect
//! the apply plan with `cargo run -- server --config ...` when `[server.nat] dry_run = true`.
use aura_cli::nat::NatGuard;
/// Dry-run is supported on every host (Linux, macOS, Windows) and returns a guard with no
/// recorded rollback commands. Dropping it logs the "would undo" lines without panicking.
#[test]
fn dry_run_enable_succeeds() {
let guard = NatGuard::enable("10.7.0.0/24", "eth0", true)
.expect("dry_run NatGuard::enable must succeed");
drop(guard);
}
/// The dry-run path tolerates arbitrary interface names — it never tries to look them up, just
/// logs what it would do. Also exercises a different pool CIDR.
#[test]
fn dry_run_enable_accepts_any_iface_name() {
let guard = NatGuard::enable("192.168.99.0/24", "en0", true)
.expect("dry_run must succeed with any iface name");
drop(guard);
}
Reference in New Issue View Git Blame Copy Permalink