openvidu/openvidu-test-e2e/docker/chrome/script.sh

#!/bin/bash

docker run -d --name chrome-iptables -p 4444:4444 -p 6080:6080 -p 5900:5900 --cap-add=SYS_ADMIN --cap-add=NET_ADMIN elastestbrowsers/chrome:latest

sleep 3

docker exec -i chrome-iptables bash <<'EOF'

sudo apt-get -y update && sudo apt-get -y install iptables && sudo apt-get -y install terminator && sudo apt-get -y install lsof

# UDP rules (DROP all)

sudo iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 4444 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 6080 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 5900 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 4200 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 4443 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 3478 -j ACCEPT

sudo iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 443 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 4444 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 6080 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 5900 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 4200 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 4443 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 3478 -j ACCEPT

sudo iptables -A OUTPUT -p tcp --sport 53 -j ACCEPT
sudo iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
sudo iptables -A OUTPUT -p udp --sport 53 -j ACCEPT
sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
sudo iptables -A INPUT -p tcp --sport 53 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 53 -j ACCEPT
sudo iptables -A INPUT -p udp --sport 53 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 53 -j ACCEPT

sudo iptables -A OUTPUT -p tcp -j DROP

sudo iptables -A OUTPUT -p udp --dport 0:65535 -j DROP
sudo iptables -A INPUT -p udp --dport 0:65535 -j DROP

exit
EOF


# sudo iptables -L --line-numbers
# sudo iptables -D INPUT 1
# sudo iptables -D OUTPUT 1

# turnadmin -l -N "ip=127.0.0.1 dbname=0 password=turn connect_timeout=30"
# turnadmin -a -u USER -r openvidu -p PASS -N "ip=127.0.0.1 dbname=0 password=turn connect_timeout=30"
# turnadmin -d -u USER -r openvidu -N "ip=127.0.0.1 dbname=0 password=turn connect_timeout=30"


# google-chrome -start-maximized -disable-infobars -no-first-run -ignore-certificate-errors -use-fake-device-for-media-stream -use-fake-ui-for-media-stream
openvidu-test-e2e: bash script for docker restricted-networks testing container 2018-06-27 14:57:30 +02:00			`#!/bin/bash`

			`docker run -d --name chrome-iptables -p 4444:4444 -p 6080:6080 -p 5900:5900 --cap-add=SYS_ADMIN --cap-add=NET_ADMIN elastestbrowsers/chrome:latest`

			`sleep 3`

			`docker exec -i chrome-iptables bash <<'EOF'`

			`sudo apt-get -y update && sudo apt-get -y install iptables && sudo apt-get -y install terminator && sudo apt-get -y install lsof`

			`# UDP rules (DROP all)`

openvidu-test-e2e: restricted chrome iptables rules updated 2018-07-12 15:25:45 +02:00			`sudo iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 4444 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 6080 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 5900 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 4200 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 4443 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 3478 -j ACCEPT`

			`sudo iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --sport 443 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --sport 4444 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --sport 6080 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --sport 5900 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --sport 4200 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --sport 4443 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --sport 3478 -j ACCEPT`
openvidu-test-e2e: bash script for docker restricted-networks testing container 2018-06-27 14:57:30 +02:00
DELETE /api/sessions/{sessionId} 2018-07-05 14:05:09 +02:00			`sudo iptables -A OUTPUT -p tcp --sport 53 -j ACCEPT`
			`sudo iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT`
			`sudo iptables -A OUTPUT -p udp --sport 53 -j ACCEPT`
			`sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT`
			`sudo iptables -A INPUT -p tcp --sport 53 -j ACCEPT`
			`sudo iptables -A INPUT -p tcp --dport 53 -j ACCEPT`
			`sudo iptables -A INPUT -p udp --sport 53 -j ACCEPT`
			`sudo iptables -A INPUT -p udp --dport 53 -j ACCEPT`

openvidu-test-e2e: restricted chrome iptables rules updated 2018-07-12 15:25:45 +02:00			`sudo iptables -A OUTPUT -p tcp -j DROP`
openvidu-test-e2e: bash script for docker restricted-networks testing container 2018-06-27 14:57:30 +02:00
DELETE /api/sessions/{sessionId} 2018-07-05 14:05:09 +02:00			`sudo iptables -A OUTPUT -p udp --dport 0:65535 -j DROP`
			`sudo iptables -A INPUT -p udp --dport 0:65535 -j DROP`

openvidu-test-e2e: bash script for docker restricted-networks testing container 2018-06-27 14:57:30 +02:00			`exit`
			`EOF`



			`# sudo iptables -L --line-numbers`
			`# sudo iptables -D INPUT 1`
			`# sudo iptables -D OUTPUT 1`

			`# turnadmin -l -N "ip=127.0.0.1 dbname=0 password=turn connect_timeout=30"`
			`# turnadmin -a -u USER -r openvidu -p PASS -N "ip=127.0.0.1 dbname=0 password=turn connect_timeout=30"`
			`# turnadmin -d -u USER -r openvidu -N "ip=127.0.0.1 dbname=0 password=turn connect_timeout=30"`


			`# google-chrome -start-maximized -disable-infobars -no-first-run -ignore-certificate-errors -use-fake-device-for-media-stream -use-fake-ui-for-media-stream`