diff --git a/pkg/router/template/template_helper.go b/pkg/router/template/template_helper.go index 3bf0c821b..8f2d9053e 100644 --- a/pkg/router/template/template_helper.go +++ b/pkg/router/template/template_helper.go @@ -376,17 +376,30 @@ func parseIPList(list string) string { return "" } + var validIPs []string + ipList := strings.Fields(list) for _, ip := range ipList { - if net.ParseIP(ip) == nil { - if _, _, err := net.ParseCIDR(ip); err != nil { - log.V(7).Info("parseIPList found not IP/CIDR item", "value", ip, "err", err) - return "" - } + // check if it's a valid IP + if net.ParseIP(ip) != nil { + validIPs = append(validIPs, ip) + } else if _, _, err := net.ParseCIDR(ip); err == nil { + // check if it's a valid CIDR + validIPs = append(validIPs, ip) + } else { + // Log invalid IP/CIDR + customErr := fmt.Errorf("invalid IP/CIDR address: %s", ip) + log.V(0).Error(customErr, "parseIPList found invalid IP/CIDR", ip) } } - log.V(7).Info("parseIPList parsed the list", "value", list) - return list + + if len(validIPs) == 0 { + return "" + } + + result := strings.Join(validIPs, " ") + log.V(7).Info("parseIPList parsed the list", "validIPs", result) + return result } var helperFunctions = template.FuncMap{ diff --git a/pkg/router/template/template_helper_test.go b/pkg/router/template/template_helper_test.go index 03b1177bc..e651d2f05 100644 --- a/pkg/router/template/template_helper_test.go +++ b/pkg/router/template/template_helper_test.go @@ -981,33 +981,40 @@ func TestGenerateHAProxyWhiteListFile(t *testing.T) { func TestParseIPList(t *testing.T) { testCases := []struct { - name string - input string - expectedEmpty bool + name string + input string + expectedEmpty bool + expectedReturn string }{ { - name: "All mixed", - input: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 2600:14a0::/40", + name: "All mixed", + input: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 2600:14a0::/40", + expectedReturn: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 2600:14a0::/40", }, { - name: "IPs only", - input: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 64:ff9b::192.168.0.1 172.16.14.10", + name: "IPs only", + input: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 64:ff9b::192.168.0.1 172.16.14.10", + expectedReturn: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 64:ff9b::192.168.0.1 172.16.14.10", }, { - name: "CIDRs only", - input: "192.168.1.0/16 2001:0db8:85a3:0000:0000:8a2e:0370:7334/48 172.16.14.10/24 2001:0db8:85a3::8a2e:0370:10/64 2600:14a0::/40", + name: "CIDRs only", + input: "192.168.1.0/16 2001:0db8:85a3:0000:0000:8a2e:0370:7334/48 172.16.14.10/24 2001:0db8:85a3::8a2e:0370:10/64 2600:14a0::/40", + expectedReturn: "192.168.1.0/16 2001:0db8:85a3:0000:0000:8a2e:0370:7334/48 172.16.14.10/24 2001:0db8:85a3::8a2e:0370:10/64 2600:14a0::/40", }, { - name: "IPv6 only", - input: "2001:0db8:85a3:0000:0000:8a2e:0370:7334 2001:0db8:85a3::8a2e:370:10/64 2001:db8::2:1 ::ffff:192.168.0.1 2600:14a0::/40", + name: "IPv6 only", + input: "2001:0db8:85a3:0000:0000:8a2e:0370:7334 2001:0db8:85a3::8a2e:370:10/64 2001:db8::2:1 ::ffff:192.168.0.1 2600:14a0::/40", + expectedReturn: "2001:0db8:85a3:0000:0000:8a2e:0370:7334 2001:0db8:85a3::8a2e:370:10/64 2001:db8::2:1 ::ffff:192.168.0.1 2600:14a0::/40", }, { - name: "IPv4 only", - input: "192.168.10.10 10.168.12.10/8 8.8.8.8 172.16.0.0/24", + name: "IPv4 only", + input: "192.168.10.10 10.168.12.10/8 8.8.8.8 172.16.0.0/24", + expectedReturn: "192.168.10.10 10.168.12.10/8 8.8.8.8 172.16.0.0/24", }, { - name: "Single IP", - input: "192.168.15.15", + name: "Single IP", + input: "192.168.15.15", + expectedReturn: "192.168.15.15", }, { // as behavior as the previous (regexp) approach @@ -1036,9 +1043,10 @@ func TestParseIPList(t *testing.T) { expectedEmpty: true, }, { - name: "Wrong IPv4 CIDR", - input: "192.168.10.5/64", - expectedEmpty: true, + name: "Wrong IPv4 CIDR", + input: "192.168.10.5/64", + expectedEmpty: true, + expectedReturn: "", }, { name: "Wrong IPv6 CIDR", @@ -1046,9 +1054,46 @@ func TestParseIPList(t *testing.T) { expectedEmpty: true, }, { - name: "Wrong IP in a list", - input: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 10.", - expectedEmpty: true, + name: "Wrong IPv4 in an IPs only list", + input: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 10.", + expectedEmpty: false, + expectedReturn: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1", + }, + { + name: "Wrong IPv6 in an IPs only list", + input: "192.168.1.0 2001:0db8:85a3:0000:0000:8a2e:0370 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 10.", + expectedEmpty: false, + expectedReturn: "192.168.1.0 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1", + }, + { + name: "Wrong IPv4 in an IPv4 list", + input: "192.168.1.0 10.10.0.1 192.168. 10.", + expectedEmpty: false, + expectedReturn: "192.168.1.0 10.10.0.1", + }, + { + name: "Wrong IPv6 in an IPv6 list", + input: "2001:0db8:85a3:0000:8a2e:0370:7334 2001:0db8:85a3::8a2e:370:10/64 2001:db8::2:1 ::ffff:192.168.0.1 :/40", + expectedEmpty: false, + expectedReturn: "2001:0db8:85a3::8a2e:370:10/64 2001:db8::2:1 ::ffff:192.168.0.1", + }, + { + name: "All mixed type with invalid IPv4", + input: "192.168.1 2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 2600:14a0::/40", + expectedEmpty: false, + expectedReturn: "2001:0db8:85a3:0000:0000:8a2e:0370:7334 172.16.14.10/24 2001:0db8:85a3::8a2e:370:10/64 64:ff9b::192.168.0.1 2600:14a0::/40", + }, + { + name: "Wrong IPv4 CIDR in a CIDRs only list", + input: "192.168.1./16 2001:0db8:85a3:0000:0000:8a2e:0370:7334/48 172.16.14.10/24 2001:0db8:85a3::8a2e:0370:10/64 2600:14a0::/40", + expectedEmpty: false, + expectedReturn: "2001:0db8:85a3:0000:0000:8a2e:0370:7334/48 172.16.14.10/24 2001:0db8:85a3::8a2e:0370:10/64 2600:14a0::/40", + }, + { + name: "Wrong IPv6 CIDR in a CIDRs only list", + input: "192.168.1.0/16 2001:0db8:85a3:0000:0000:8a2e:0370/48 172.16.14.10/24 2001:0db8:85a3::8a2e:0370:10/64 2600:14a0::/40", + expectedEmpty: false, + expectedReturn: "192.168.1.0/16 172.16.14.10/24 2001:0db8:85a3::8a2e:0370:10/64 2600:14a0::/40", }, } @@ -1061,7 +1106,7 @@ func TestParseIPList(t *testing.T) { } return } - if got != tc.input { + if tc.expectedEmpty && got != "" || got != tc.expectedReturn { t.Errorf("Failure: expected %q, got %q", tc.input, got) } })