homelab/traefik
1
0
Fork 0
Code Activity

doc: clarify usage for ratelimit's excludedIPs

Browse source
This commit is contained in:
mpl 2021-06-07 17:46:14 +02:00 committed by GitHub
parent c10c7619d3
commit 2560626419
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 62 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

25
pkg/ip/strategy_test.go
View file

@ -74,34 +74,35 @@ func TestDepthStrategy_GetIP(t *testing.T) {
}
}
func TestExcludedIPsStrategy_GetIP(t *testing.T) {
func TestTrustedIPsStrategy_GetIP(t *testing.T) {
testCases := []struct {
desc string
excludedIPs []string
trustedIPs []string
xForwardedFor string
expected string
useRemote bool
}{
{
desc: "Use excluded all IPs",
excludedIPs: []string{"10.0.0.4", "10.0.0.3", "10.0.0.2", "10.0.0.1"},
desc: "Trust all IPs",
trustedIPs: []string{"10.0.0.4", "10.0.0.3", "10.0.0.2", "10.0.0.1"},
xForwardedFor: "10.0.0.4,10.0.0.3,10.0.0.2,10.0.0.1",
expected: "",
},
{
desc: "Use excluded IPs",
excludedIPs: []string{"10.0.0.2", "10.0.0.1"},
desc: "Do not trust all IPs",
trustedIPs: []string{"10.0.0.2", "10.0.0.1"},
xForwardedFor: "10.0.0.4,10.0.0.3,10.0.0.2,10.0.0.1",
expected: "10.0.0.3",
},
{
desc: "Use excluded IPs CIDR",
excludedIPs: []string{"10.0.0.1/24"},
desc: "Do not trust all IPs with CIDR",
trustedIPs: []string{"10.0.0.1/24"},
xForwardedFor: "127.0.0.1,10.0.0.4,10.0.0.3,10.0.0.2,10.0.0.1",
expected: "127.0.0.1",
},
{
desc: "Use excluded all IPs CIDR",
excludedIPs: []string{"10.0.0.1/24"},
desc: "Trust all IPs with CIDR",
trustedIPs: []string{"10.0.0.1/24"},
xForwardedFor: "10.0.0.4,10.0.0.3,10.0.0.2,10.0.0.1",
expected: "",
},
@ -112,10 +113,10 @@ func TestExcludedIPsStrategy_GetIP(t *testing.T) {
t.Run(test.desc, func(t *testing.T) {
t.Parallel()
checker, err := NewChecker(test.excludedIPs)
checker, err := NewChecker(test.trustedIPs)
require.NoError(t, err)
strategy := CheckerStrategy{Checker: checker}
strategy := PoolStrategy{Checker: checker}
req := httptest.NewRequest(http.MethodGet, "http://127.0.0.1", nil)
req.Header.Set(xForwardedFor, test.xForwardedFor)
actual := strategy.GetIP(req)