Rename IP specific function, add missing test case
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
parent
cffa040474
commit
83a538cc95
2 changed files with 24 additions and 4 deletions
11
acls.go
11
acls.go
|
@ -150,7 +150,11 @@ func (h *Headscale) UpdateACLRules() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func generateACLRules(machines []Machine, aclPolicy ACLPolicy, stripEmaildomain bool) ([]tailcfg.FilterRule, error) {
|
||||
func generateACLRules(
|
||||
machines []Machine,
|
||||
aclPolicy ACLPolicy,
|
||||
stripEmaildomain bool,
|
||||
) ([]tailcfg.FilterRule, error) {
|
||||
rules := []tailcfg.FilterRule{}
|
||||
|
||||
for index, acl := range aclPolicy.ACLs {
|
||||
|
@ -160,7 +164,7 @@ func generateACLRules(machines []Machine, aclPolicy ACLPolicy, stripEmaildomain
|
|||
|
||||
srcIPs := []string{}
|
||||
for innerIndex, src := range acl.Sources {
|
||||
srcs, err := generateACLPolicySrcIP(machines, aclPolicy, src, stripEmaildomain)
|
||||
srcs, err := generateACLPolicySrc(machines, aclPolicy, src, stripEmaildomain)
|
||||
if err != nil {
|
||||
log.Error().
|
||||
Msgf("Error parsing ACL %d, Source %d", index, innerIndex)
|
||||
|
@ -311,7 +315,7 @@ func sshCheckAction(duration string) (*tailcfg.SSHAction, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
func generateACLPolicySrcIP(
|
||||
func generateACLPolicySrc(
|
||||
machines []Machine,
|
||||
aclPolicy ACLPolicy,
|
||||
src string,
|
||||
|
@ -427,6 +431,7 @@ func parseProtocol(protocol string) ([]int, bool, error) {
|
|||
// - a user
|
||||
// - a group
|
||||
// - a tag
|
||||
// - a host
|
||||
// and transform these in IPAddresses.
|
||||
func expandAlias(
|
||||
machines []Machine,
|
||||
|
|
17
acls_test.go
17
acls_test.go
|
@ -1041,7 +1041,7 @@ func Test_expandAlias(t *testing.T) {
|
|||
wantErr: false,
|
||||
},
|
||||
{
|
||||
name: "simple host",
|
||||
name: "simple host by ip",
|
||||
args: args{
|
||||
alias: "10.0.0.1",
|
||||
machines: []Machine{},
|
||||
|
@ -1051,6 +1051,21 @@ func Test_expandAlias(t *testing.T) {
|
|||
want: []string{"10.0.0.1"},
|
||||
wantErr: false,
|
||||
},
|
||||
{
|
||||
name: "simple host by hostname alias",
|
||||
args: args{
|
||||
alias: "testy",
|
||||
machines: []Machine{},
|
||||
aclPolicy: ACLPolicy{
|
||||
Hosts: Hosts{
|
||||
"testy": netip.MustParsePrefix("10.0.0.132/32"),
|
||||
},
|
||||
},
|
||||
stripEmailDomain: true,
|
||||
},
|
||||
want: []string{"10.0.0.132/32"},
|
||||
wantErr: false,
|
||||
},
|
||||
{
|
||||
name: "simple CIDR",
|
||||
args: args{
|
||||
|
|
Loading…
Reference in a new issue