package acl
import (
lru "github.com/hashicorp/golang-lru"
"net"
"testing"
)
func TestEngine_ResolveAndMatch(t *testing.T) {
cache, _ := lru.NewARC(4)
e := &Engine{
DefaultAction: ActionDirect,
Entries: []Entry{
{
Net: nil,
Domain: "google.com",
Suffix: false,
All: false,
Action: ActionProxy,
ActionArg: "",
},
{
Net: nil,
Domain: "evil.corp",
Suffix: true,
All: false,
Action: ActionHijack,
ActionArg: "good.org",
},
{
Net: &net.IPNet{
IP: net.ParseIP("10.0.0.0"),
Mask: net.CIDRMask(8, 32),
},
Domain: "",
Suffix: false,
All: false,
Action: ActionProxy,
ActionArg: "",
},
{
Net: nil,
Domain: "",
Suffix: false,
All: true,
Action: ActionBlock,
ActionArg: "",
},
},
Cache: cache,
}
tests := []struct {
name string
addr string
want Action
want1 string
wantErr bool
}{
{
name: "domain direct",
addr: "google.com",
want: ActionProxy,
want1: "",
},
{
name: "domain suffix 1",
addr: "evil.corp",
want: ActionHijack,
want1: "good.org",
wantErr: true,
},
{
name: "domain suffix 2",
addr: "notevil.corp",
want: ActionBlock,
want1: "",
wantErr: true,
},
{
name: "domain suffix 3",
addr: "im.real.evil.corp",
want: ActionHijack,
want1: "good.org",
wantErr: true,
},
{
name: "ip match",
addr: "10.2.3.4",
want: ActionProxy,
want1: "",
},
{
name: "ip mismatch",
addr: "100.5.6.0",
want: ActionBlock,
want1: "",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, got1, _, err := e.ResolveAndMatch(tt.addr)
if (err != nil) != tt.wantErr {
t.Errorf("ResolveAndMatch() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != tt.want {
t.Errorf("ResolveAndMatch() got = %v, want %v", got, tt.want)
}
if got1 != tt.want1 {
t.Errorf("ResolveAndMatch() got1 = %v, want %v", got1, tt.want1)
}
})
}
}