Test suite: always check for firewall leaks
Originally created by Tails on #5644 (Redmine)
Should we check for firewall leaks in every scenario, or at least, in every scenario that involves the Internet?
If we want to fully replace the manual leak check we’ve been doing until now, yes, we do want this. I don’t see why we would not want this. Feel free to re-add a
todo/discusstag (and perhaps raise the discussion on tails-dev) if there’s some good reason I’ve missed that makes it worth discussing this any further. —intrigeri
Actually, we don’t want to do it for all features/scenarios involving
the Internet (think about e.g. unsafe_browser.feature). Instead we
could:
- add a tag
@uses_tor(which is relevant for other things, like retrying when Tor fails (#5770 (closed))) to all features/scenarios that uses Tor. - add a
Before('@uses_tor')hook that starts the sniffer, and aAfter('@uses_tor')hook that check for leaks.
Looks good. —intrigeri
We’d still keep the current firewall leak checker steps for the features
and scenarios that need more control, like the
firewall_leaks.feature:s anti-tests.
Implemented in branch test/firewall-check-tag (note: it depends on
branch test/reorg being merged first). Once merged, please remove the
following test (and sub-tests) from the manual test
suite:
- Verify that all destinations reached from an intensive Tails session are tor routers or authorities …
Feature Branch: test/7821-tor
Related issues
- Related to #7821 (closed)