jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix blocklist setting when source and list have mixed ip versions

Browse Source
This commit is contained in:
Johannes Zellner
2021-04-07 17:31:04 +02:00
parent 114a5ee2b1
commit 5ae5566ce8
2 changed files with 200 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

196
src/test/network-test.js Normal file
View File

@@ -0,0 +1,196 @@
/* global it:false */
/* global describe:false */
/* global before:false */
'use strict';
var network = require('../network.js'),
fs = require('fs'),
path = require('path'),
paths = require('../paths.js'),
BoxError = require('../boxerror.js'),
expect = require('expect.js');
describe('Network', function () {
describe('Blocklist', function () {
before(function () {
fs.mkdirSync(path.dirname(paths.FIREWALL_BLOCKLIST_FILE));
});
it('can get empty blocklist', function (done) {
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('');
done();
});
});
it('can set empty blocklist', function (done) {
network.setBlocklist('', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('\n');
done();
});
});
});
it('can set single IPv4 in blocklist', function (done) {
network.setBlocklist('192.168.178.1', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('192.168.178.1\n');
done();
});
});
});
it('can set single IPv6 in blocklist', function (done) {
network.setBlocklist('2a02:8106:2f:bb00:7afc:5703:ee71:3ef8', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('2a02:8106:2f:bb00:7afc:5703:ee71:3ef8\n');
done();
});
});
});
it('can set mixed IPs with comment in blocklist', function (done) {
network.setBlocklist('2a02:8106:2f:bb00:7afc:5703:ee71:3ef8\n# some comment\n192.168.178.1', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('2a02:8106:2f:bb00:7afc:5703:ee71:3ef8\n# some comment\n192.168.178.1\n');
done();
});
});
});
it('can set single IPv4 range in blocklist', function (done) {
network.setBlocklist('192.168.178.1/24', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('192.168.178.1/24\n');
done();
});
});
});
it('can set single IPv6 range in blocklist', function (done) {
network.setBlocklist('2001:db8::', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('2001:db8::\n');
done();
});
});
});
it('cannot set IPv4 in blocklist if source is same', function (done) {
network.setBlocklist('127.0.0.1', { ip: '127.0.0.1' }, function (error) {
expect(error).to.be.a(BoxError);
expect(error.reason).to.equal(BoxError.BAD_FIELD);
done();
});
});
it('cannot set IPv6 in blocklist if source is same', function (done) {
network.setBlocklist('2001:db8:1234::1', { ip: '2001:db8:1234::1' }, function (error) {
expect(error).to.be.a(BoxError);
expect(error.reason).to.equal(BoxError.BAD_FIELD);
done();
});
});
it('cannot set IPv4 range in blocklist if source is same', function (done) {
network.setBlocklist('127.0.0.1/32', { ip: '127.0.0.1' }, function (error) {
expect(error).to.be.a(BoxError);
expect(error.reason).to.equal(BoxError.BAD_FIELD);
done();
});
});
it('cannot set IPv6 range in blocklist if source is same', function (done) {
network.setBlocklist('2001:db8:1234:::', { ip: '2001:db8:1234::1' }, function (error) {
expect(error).to.be.a(BoxError);
expect(error.reason).to.equal(BoxError.BAD_FIELD);
done();
});
});
it('can set IPv4 in blocklist if source is IPv6', function (done) {
network.setBlocklist('192.168.178.1', { ip: '2001:db8:1234::1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('192.168.178.1\n');
done();
});
});
});
it('can set IPv6 in blocklist if source is IPv4', function (done) {
network.setBlocklist('2001:db8:1234::1', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('2001:db8:1234::1\n');
done();
});
});
});
it('can set IPv4 range in blocklist if source is IPv6', function (done) {
network.setBlocklist('192.168.178.1/32', { ip: '2001:db8:1234::1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('192.168.178.1/32\n');
done();
});
});
});
it('can set IPv6 range in blocklist if source is IPv4', function (done) {
network.setBlocklist('2001:db8:1234::', { ip: '127.0.0.1' }, function (error) {
expect(error).to.equal(null);
network.getBlocklist(function (error, result) {
expect(error).to.equal(null);
expect(result).to.equal('2001:db8:1234::\n');
done();
});
});
});
});
});