Negative scenarios to test NGFW using AIOQUIC
1.How to use connection_ff.py and why
This will be used to send the first flight connection id with your own given number as connection id
move /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py as connection_orig.py for backup purpose (mv /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py connection_orig.py) Replace /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py with connection_ff.py on the machine where you will run http3_client.py (mv connection_ff.py /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py) Start running server and client You will notice peer connection id will be "0011223344556677" (change line number 314 with with own number)
2.How to use http3_client_fd.py and http3_server_fd.py and why
This will send the random file of size 100MB with name 10Gigfile1.pdf in chucks of data with multiple stream id(not multiplexing) make changes in line number 502,464,468(http3_client_fd.py): 485 (http3_server_fd.py)according to your wish
Copy http3_client_fd.py and place it in the aioquic/examples folder on your client machine Copy http3_server_fd.py and place it in the aioquic/examples folder on your sever machine Start the server(http3_server_fd.py) and client(http3_client_fd.py
You will notice file being copied(not actual file but breaking it into parts and transfering)
3.How to use connection_cid.py and interop_test.py and why
This files will be used to run multiple cases like stream id ,connection id, padding , frame types
move /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py as connection_orig.py for backup purpose (mv /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py connection_orig.py) Replace /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py with connection_cid.py on the machine where you will run http3_client.py (mv connection_cid.py /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py) Move interop_test.py to aioquic/examples folder (mv interop_test.py aioquic/examples) Start running server Make changes in the line 96 on interop_test.py 96 Server("kdaquic", '172.16.2.2', port=4433, retry_port=4433, verify_mode=ssl.CERT_NONE), here "kdaquic" is my server name and "172.16.2.2" is my ip on which server started running
Run which ever testcase you want with python aioquic/examples/interop_test.py --server kdaquic --test test_cid_not_in_list -v here "kdaquic" is my server name and "test_cid_not_in_list" is method present in interop_test.py
You will get an output as kdaquic -------- M------- ---
here kdaquic is my server name
Note:- You can use interop_test.py as a script with out even replacing /usr/local/lib/python3.8/dist-packages/aioquic/quic/connection.py with connection_cid.py but note that connection id cases will not work
Note:- To run the "test_retry" interop testcase,you need to provide "--retry" command line argument on machine where your "http3_server.py" is running. (--retry demo:app)
4.How to use http3_client_conn_mig.py and Why
Run this file same like as the http3_client.py(python3 examples/http3_client_conn_mig.py --ca-certs tests/pycacert.pem https://172.16.2.2:4433/ -v). This script will do the connection migration and will use the new ip address to download the contents. This script will do connection migration just before start of content download and not in the middle(Uncomment & comment code depending when you wanted to do connection migration(before start of contents download or after completion of contents download))