IPStrategy for selecting IP in whitelist
This commit is contained in:
SALLEYRON Julien
Traefiker Bot
parent
1ec4e03738
commit
00728e711c
65 changed files with 2444 additions and 1837 deletions
|
|
@ -403,17 +403,18 @@ func TestDockerBuildConfiguration(t *testing.T) {
|
|||
label.TraefikFrontendAuthForwardTLSInsecureSkipVerify: "true",
|
||||
label.TraefikFrontendAuthHeaderField: "X-WebAuth-User",
|
||||
|
||||
label.TraefikFrontendEntryPoints: "http,https",
|
||||
label.TraefikFrontendPassHostHeader: "true",
|
||||
label.TraefikFrontendPassTLSCert: "true",
|
||||
label.TraefikFrontendPriority: "666",
|
||||
label.TraefikFrontendRedirectEntryPoint: "https",
|
||||
label.TraefikFrontendRedirectRegex: "nope",
|
||||
label.TraefikFrontendRedirectReplacement: "nope",
|
||||
label.TraefikFrontendRedirectPermanent: "true",
|
||||
label.TraefikFrontendRule: "Host:traefik.io",
|
||||
label.TraefikFrontendWhiteListSourceRange: "10.10.10.10",
|
||||
label.TraefikFrontendWhiteListUseXForwardedFor: "true",
|
||||
label.TraefikFrontendEntryPoints: "http,https",
|
||||
label.TraefikFrontendPassHostHeader: "true",
|
||||
label.TraefikFrontendPassTLSCert: "true",
|
||||
label.TraefikFrontendPriority: "666",
|
||||
label.TraefikFrontendRedirectEntryPoint: "https",
|
||||
label.TraefikFrontendRedirectRegex: "nope",
|
||||
label.TraefikFrontendRedirectReplacement: "nope",
|
||||
label.TraefikFrontendRedirectPermanent: "true",
|
||||
label.TraefikFrontendRule: "Host:traefik.io",
|
||||
label.TraefikFrontendWhiteListSourceRange: "10.10.10.10",
|
||||
label.TraefikFrontendWhiteListIPStrategyExcludedIPS: "10.10.10.10,10.10.10.11",
|
||||
label.TraefikFrontendWhiteListIPStrategyDepth: "5",
|
||||
|
||||
label.TraefikFrontendRequestHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
|
||||
label.TraefikFrontendResponseHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
|
||||
|
|
@ -484,8 +485,11 @@ func TestDockerBuildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
WhiteList: &types.WhiteList{
|
||||
SourceRange: []string{"10.10.10.10"},
|
||||
UseXForwardedFor: true,
|
||||
SourceRange: []string{"10.10.10.10"},
|
||||
IPStrategy: &types.IPStrategy{
|
||||
Depth: 5,
|
||||
ExcludedIPs: []string{"10.10.10.10", "10.10.10.11"},
|
||||
},
|
||||
},
|
||||
Headers: &types.Headers{
|
||||
CustomRequestHeaders: map[string]string{
|
||||
|
|
|
|||
|
|
@ -347,17 +347,18 @@ func TestSwarmBuildConfiguration(t *testing.T) {
|
|||
label.TraefikFrontendAuthForwardTLSInsecureSkipVerify: "true",
|
||||
label.TraefikFrontendAuthHeaderField: "X-WebAuth-User",
|
||||
|
||||
label.TraefikFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
label.TraefikFrontendEntryPoints: "http,https",
|
||||
label.TraefikFrontendPassHostHeader: "true",
|
||||
label.TraefikFrontendPassTLSCert: "true",
|
||||
label.TraefikFrontendPriority: "666",
|
||||
label.TraefikFrontendRedirectEntryPoint: "https",
|
||||
label.TraefikFrontendRedirectRegex: "nope",
|
||||
label.TraefikFrontendRedirectReplacement: "nope",
|
||||
label.TraefikFrontendRule: "Host:traefik.io",
|
||||
label.TraefikFrontendWhiteListSourceRange: "10.10.10.10",
|
||||
label.TraefikFrontendWhiteListUseXForwardedFor: "true",
|
||||
label.TraefikFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
label.TraefikFrontendEntryPoints: "http,https",
|
||||
label.TraefikFrontendPassHostHeader: "true",
|
||||
label.TraefikFrontendPassTLSCert: "true",
|
||||
label.TraefikFrontendPriority: "666",
|
||||
label.TraefikFrontendRedirectEntryPoint: "https",
|
||||
label.TraefikFrontendRedirectRegex: "nope",
|
||||
label.TraefikFrontendRedirectReplacement: "nope",
|
||||
label.TraefikFrontendRule: "Host:traefik.io",
|
||||
label.TraefikFrontendWhiteListSourceRange: "10.10.10.10",
|
||||
label.TraefikFrontendWhiteListIPStrategyExcludedIPS: "10.10.10.10,10.10.10.11",
|
||||
label.TraefikFrontendWhiteListIPStrategyDepth: "5",
|
||||
|
||||
label.TraefikFrontendRequestHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
|
||||
label.TraefikFrontendResponseHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
|
||||
|
|
@ -426,8 +427,11 @@ func TestSwarmBuildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
WhiteList: &types.WhiteList{
|
||||
SourceRange: []string{"10.10.10.10"},
|
||||
UseXForwardedFor: true,
|
||||
SourceRange: []string{"10.10.10.10"},
|
||||
IPStrategy: &types.IPStrategy{
|
||||
Depth: 5,
|
||||
ExcludedIPs: []string{"10.10.10.10", "10.10.10.11"},
|
||||
},
|
||||
},
|
||||
Headers: &types.Headers{
|
||||
CustomRequestHeaders: map[string]string{
|
||||
|
|
|
|||
|
|
@ -301,17 +301,18 @@ func TestSegmentBuildConfiguration(t *testing.T) {
|
|||
label.Prefix + "sauternes." + label.SuffixFrontendAuthForwardTLSInsecureSkipVerify: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendAuthHeaderField: "X-WebAuth-User",
|
||||
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendEntryPoints: "http,https",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendPassHostHeader: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendPassTLSCert: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendPriority: "666",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectEntryPoint: "https",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectRegex: "nope",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectReplacement: "nope",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectPermanent: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendWhiteListSourceRange: "10.10.10.10",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendWhiteListUseXForwardedFor: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendAuthBasic: "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendEntryPoints: "http,https",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendPassHostHeader: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendPassTLSCert: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendPriority: "666",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectEntryPoint: "https",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectRegex: "nope",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectReplacement: "nope",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRedirectPermanent: "true",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendWhiteListSourceRange: "10.10.10.10",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendWhiteListIPStrategyExcludedIPS: "10.10.10.10,10.10.10.11",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendWhiteListIPStrategyDepth: "5",
|
||||
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendRequestHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
|
||||
label.Prefix + "sauternes." + label.SuffixFrontendResponseHeaders: "Access-Control-Allow-Methods:POST,GET,OPTIONS || Content-type: application/json; charset=utf-8",
|
||||
|
|
@ -377,8 +378,11 @@ func TestSegmentBuildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
WhiteList: &types.WhiteList{
|
||||
SourceRange: []string{"10.10.10.10"},
|
||||
UseXForwardedFor: true,
|
||||
SourceRange: []string{"10.10.10.10"},
|
||||
IPStrategy: &types.IPStrategy{
|
||||
Depth: 5,
|
||||
ExcludedIPs: []string{"10.10.10.10", "10.10.10.11"},
|
||||
},
|
||||
},
|
||||
Headers: &types.Headers{
|
||||
CustomRequestHeaders: map[string]string{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue