This is an automated email from the ASF dual-hosted git repository.
cmcfarlen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 736f3c6b90 Fix legacy acl (#12078)
736f3c6b90 is described below
commit 736f3c6b90c5f6ecbbc5667e929c9b00a0d5b914
Author: Chris McFarlen <ch...@mcfarlen.us>
AuthorDate: Tue Mar 4 13:53:36 2025 -0600
Fix legacy acl (#12078)
* Update legacy mode and fix autests
(cherry picked from commit 0b37b19db7ac5c258176c1d567893af48feb89c2)
* match expected remap for legacy mode to 9.2
(cherry picked from commit 631ff2554c574981e41a4aa76412e0b77618b888)
* add more tests with src_ip
(cherry picked from commit 3d4ec00c8c54822ec97cfa782204e060b7e17dd5)
---------
Co-authored-by: Chris McFarlen <cmcfar...@apple.com>
---
src/proxy/http/remap/UrlRewrite.cc | 18 ++++-
tests/gold_tests/remap/all_acl_combinations.py | 62 ++++++++------
tests/gold_tests/remap/deactivate_ip_allow.py | 108 +++++++++++++------------
tests/gold_tests/remap/remap_acl.test.py | 4 +-
4 files changed, 116 insertions(+), 76 deletions(-)
diff --git a/src/proxy/http/remap/UrlRewrite.cc
b/src/proxy/http/remap/UrlRewrite.cc
index 7db0bac4db..10f35ae24c 100644
--- a/src/proxy/http/remap/UrlRewrite.cc
+++ b/src/proxy/http/remap/UrlRewrite.cc
@@ -559,7 +559,23 @@ UrlRewrite::PerformACLFiltering(HttpTransact::State *s,
const url_mapping *const
Dbg(dbg_ctl_url_rewrite, "%d: ACL filter %s rule matches by ip: %s, by
method: %s", rule_index,
(rp->allow_flag ? "allow" : "deny"), (ip_matches ? "true" :
"false"), (method_matches ? "true" : "false"));
- if (ip_matches) {
+ if (_acl_behavior_policy == ACLBehaviorPolicy::ACL_BEHAVIOR_LEGACY) {
+ s->skip_ip_allow_yaml = false;
+ Dbg(dbg_ctl_url_rewrite, "Doing legacy filtering ip:%s method:%s",
ip_matches ? "matched" : "didn't match",
+ method_matches ? "matched" : "didn't match");
+ bool match = ip_matches && method_matches;
+ if (match && s->client_connection_allowed) { // make sure that a
previous filter did not DENY
+ Dbg(dbg_ctl_url_rewrite, "matched ACL filter rule, %s request",
rp->allow_flag ? "allowing" : "denying");
+ s->client_connection_allowed = rp->allow_flag ? true : false;
+ } else {
+ if (!s->client_connection_allowed) {
+ Dbg(dbg_ctl_url_rewrite, "Previous ACL filter rule denied request,
continuing to deny it");
+ } else {
+ Dbg(dbg_ctl_url_rewrite, "did NOT match ACL filter rule, %s
request", rp->allow_flag ? "denying" : "allowing");
+ s->client_connection_allowed = rp->allow_flag ? false : true;
+ }
+ }
+ } else if (ip_matches) {
// The rule matches. Handle the method according to the rule.
if (method_matches) {
// Did they specify allowing the listed methods, or denying them?
diff --git a/tests/gold_tests/remap/all_acl_combinations.py
b/tests/gold_tests/remap/all_acl_combinations.py
index 0f76101e47..bf8b4f646f 100644
--- a/tests/gold_tests/remap/all_acl_combinations.py
+++ b/tests/gold_tests/remap/all_acl_combinations.py
@@ -56,50 +56,50 @@ all_acl_combinations = [
[ 1, "legacy", "", "",
ALLOW_GET, 200, 403, ],
[ 2, "legacy", "", "",
DENY_GET, 403, 200, ],
[ 3, "legacy", "", "",
DENY_GET_AND_POST, 403, 403, ],
- [ 4, "legacy", "", "@action=allow
@method=GET", ALLOW_GET_AND_POST, 200, 200, ],
+ [ 4, "legacy", "", "@action=allow
@method=GET", ALLOW_GET_AND_POST, 200, 403, ],
[ 5, "legacy", "", "@action=allow
@method=GET", ALLOW_GET, 200, 403, ],
- [ 6, "legacy", "", "@action=allow
@method=GET", DENY_GET, 200, 200, ],
- [ 7, "legacy", "", "@action=allow
@method=GET", DENY_GET_AND_POST, 200, 403, ],
+ [ 6, "legacy", "", "@action=allow
@method=GET", DENY_GET, 403, 403, ],
+ [ 7, "legacy", "", "@action=allow
@method=GET", DENY_GET_AND_POST, 403, 403, ],
[ 8, "legacy", "", "@action=deny
@method=GET", ALLOW_GET_AND_POST, 403, 200, ],
[ 9, "legacy", "", "@action=deny
@method=GET", ALLOW_GET, 403, 403, ],
[ 10, "legacy", "", "@action=deny
@method=GET", DENY_GET, 403, 200, ],
[ 11, "legacy", "", "@action=deny
@method=GET", DENY_GET_AND_POST, 403, 403, ],
- [ 12, "legacy", "@action=allow @method=GET", "",
ALLOW_GET_AND_POST, 200, 200, ],
+ [ 12, "legacy", "@action=allow @method=GET", "",
ALLOW_GET_AND_POST, 200, 403, ],
[ 13, "legacy", "@action=allow @method=GET", "",
ALLOW_GET, 200, 403, ],
- [ 14, "legacy", "@action=allow @method=GET", "",
DENY_GET, 200, 200, ],
- [ 15, "legacy", "@action=allow @method=GET", "",
DENY_GET_AND_POST, 200, 403, ],
- [ 16, "legacy", "@action=allow @method=GET", "@action=allow
@method=GET", ALLOW_GET_AND_POST, 200, 200, ],
+ [ 14, "legacy", "@action=allow @method=GET", "",
DENY_GET, 403, 403, ],
+ [ 15, "legacy", "@action=allow @method=GET", "",
DENY_GET_AND_POST, 403, 403, ],
+ [ 16, "legacy", "@action=allow @method=GET", "@action=allow
@method=GET", ALLOW_GET_AND_POST, 200, 403, ],
[ 17, "legacy", "@action=allow @method=GET", "@action=allow
@method=GET", ALLOW_GET, 200, 403, ],
- [ 18, "legacy", "@action=allow @method=GET", "@action=allow
@method=GET", DENY_GET, 200, 200, ],
- [ 19, "legacy", "@action=allow @method=GET", "@action=allow
@method=GET", DENY_GET_AND_POST, 200, 403, ],
- [ 20, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", ALLOW_GET_AND_POST, 200, 200, ],
- [ 21, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", ALLOW_GET, 200, 403, ],
- [ 22, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", DENY_GET, 200, 200, ],
- [ 23, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", DENY_GET_AND_POST, 200, 403, ],
- [ 24, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", ALLOW_GET_AND_POST, 200, 200, ],
- [ 25, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", ALLOW_GET, 200, 200, ],
- [ 26, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", DENY_GET, 200, 200, ],
- [ 27, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", DENY_GET_AND_POST, 200, 200, ],
+ [ 18, "legacy", "@action=allow @method=GET", "@action=allow
@method=GET", DENY_GET, 403, 403, ],
+ [ 19, "legacy", "@action=allow @method=GET", "@action=allow
@method=GET", DENY_GET_AND_POST, 403, 403, ],
+ [ 20, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", ALLOW_GET_AND_POST, 403, 403, ],
+ [ 21, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", ALLOW_GET, 403, 403, ],
+ [ 22, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", DENY_GET, 403, 403, ],
+ [ 23, "legacy", "@action=allow @method=GET", "@action=deny
@method=GET", DENY_GET_AND_POST, 403, 403, ],
+ [ 24, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", ALLOW_GET_AND_POST, 403, 403, ],
+ [ 25, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", ALLOW_GET, 403, 403, ],
+ [ 26, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", DENY_GET, 403, 403, ],
+ [ 27, "legacy", "@action=allow @method=GET", "@action=allow
@method=POST", DENY_GET_AND_POST, 403, 403, ],
[ 28, "legacy", "@action=allow @method=GET", "@action=deny
@method=POST", ALLOW_GET_AND_POST, 200, 403, ],
[ 29, "legacy", "@action=allow @method=GET", "@action=deny
@method=POST", ALLOW_GET, 200, 403, ],
- [ 30, "legacy", "@action=allow @method=GET", "@action=deny
@method=POST", DENY_GET, 200, 403, ],
- [ 31, "legacy", "@action=allow @method=GET", "@action=deny
@method=POST", DENY_GET_AND_POST, 200, 403, ],
+ [ 30, "legacy", "@action=allow @method=GET", "@action=deny
@method=POST", DENY_GET, 403, 403, ],
+ [ 31, "legacy", "@action=allow @method=GET", "@action=deny
@method=POST", DENY_GET_AND_POST, 403, 403, ],
[ 32, "legacy", "@action=deny @method=GET", "",
ALLOW_GET_AND_POST, 403, 200, ],
[ 33, "legacy", "@action=deny @method=GET", "",
ALLOW_GET, 403, 403, ],
[ 34, "legacy", "@action=deny @method=GET", "",
DENY_GET, 403, 200, ],
[ 35, "legacy", "@action=deny @method=GET", "",
DENY_GET_AND_POST, 403, 403, ],
- [ 36, "legacy", "@action=deny @method=GET", "@action=allow
@method=GET", ALLOW_GET_AND_POST, 403, 200, ],
+ [ 36, "legacy", "@action=deny @method=GET", "@action=allow
@method=GET", ALLOW_GET_AND_POST, 403, 403, ],
[ 37, "legacy", "@action=deny @method=GET", "@action=allow
@method=GET", ALLOW_GET, 403, 403, ],
- [ 38, "legacy", "@action=deny @method=GET", "@action=allow
@method=GET", DENY_GET, 403, 200, ],
+ [ 38, "legacy", "@action=deny @method=GET", "@action=allow
@method=GET", DENY_GET, 403, 403, ],
[ 39, "legacy", "@action=deny @method=GET", "@action=allow
@method=GET", DENY_GET_AND_POST, 403, 403, ],
[ 40, "legacy", "@action=deny @method=GET", "@action=deny
@method=GET", ALLOW_GET_AND_POST, 403, 200, ],
[ 41, "legacy", "@action=deny @method=GET", "@action=deny
@method=GET", ALLOW_GET, 403, 403, ],
[ 42, "legacy", "@action=deny @method=GET", "@action=deny
@method=GET", DENY_GET, 403, 200, ],
[ 43, "legacy", "@action=deny @method=GET", "@action=deny
@method=GET", DENY_GET_AND_POST, 403, 403, ],
[ 44, "legacy", "@action=deny @method=GET", "@action=allow
@method=POST", ALLOW_GET_AND_POST, 403, 200, ],
- [ 45, "legacy", "@action=deny @method=GET", "@action=allow
@method=POST", ALLOW_GET, 403, 200, ],
+ [ 45, "legacy", "@action=deny @method=GET", "@action=allow
@method=POST", ALLOW_GET, 403, 403, ],
[ 46, "legacy", "@action=deny @method=GET", "@action=allow
@method=POST", DENY_GET, 403, 200, ],
- [ 47, "legacy", "@action=deny @method=GET", "@action=allow
@method=POST", DENY_GET_AND_POST, 403, 200, ],
+ [ 47, "legacy", "@action=deny @method=GET", "@action=allow
@method=POST", DENY_GET_AND_POST, 403, 403, ],
[ 48, "legacy", "@action=deny @method=GET", "@action=deny
@method=POST", ALLOW_GET_AND_POST, 403, 403, ],
[ 49, "legacy", "@action=deny @method=GET", "@action=deny
@method=POST", ALLOW_GET, 403, 403, ],
[ 50, "legacy", "@action=deny @method=GET", "@action=deny
@method=POST", DENY_GET, 403, 403, ],
@@ -140,6 +140,22 @@ all_acl_combinations = [
[ 85, "modern", "@action=set_deny @method=GET", "@action=set_deny
@method=GET", ALLOW_GET, 403, 200, ],
[ 86, "modern", "@action=set_deny @method=GET", "@action=set_deny
@method=GET", DENY_GET, 403, 200, ],
[ 87, "modern", "@action=set_deny @method=GET", "@action=set_deny
@method=GET", DENY_GET_AND_POST, 403, 200, ],
+ [ 88, "legacy", "@action=allow @src_ip=127.0.0.1", "",
ALLOW_GET_AND_POST, 200, 200, ],
+ [ 89, "legacy", "@action=allow @src_ip=127.0.0.1", "",
ALLOW_GET, 200, 403, ],
+ [ 90, "legacy", "@action=allow @src_ip=127.0.0.1", "",
DENY_GET, 403, 200, ],
+ [ 91, "legacy", "@action=allow @src_ip=127.0.0.1", "",
DENY_GET_AND_POST, 403, 403, ],
+ [ 92, "legacy", "@action=deny @src_ip=127.0.0.1", "",
ALLOW_GET_AND_POST, 403, 403, ],
+ [ 93, "legacy", "@action=deny @src_ip=127.0.0.1", "",
ALLOW_GET, 403, 403, ],
+ [ 94, "legacy", "@action=deny @src_ip=127.0.0.1", "",
DENY_GET, 403, 403, ],
+ [ 95, "legacy", "@action=deny @src_ip=127.0.0.1", "",
DENY_GET_AND_POST, 403, 403, ],
+ [ 96, "legacy", "@action=allow @src_ip=192.0.2.1/24", "",
ALLOW_GET_AND_POST, 403, 403, ],
+ [ 97, "legacy", "@action=allow @src_ip=192.0.2.1/24", "",
ALLOW_GET, 403, 403, ],
+ [ 98, "legacy", "@action=allow @src_ip=192.0.2.0/24", "",
DENY_GET, 403, 403, ],
+ [ 99, "legacy", "@action=allow @src_ip=192.0.2.0/24", "",
DENY_GET_AND_POST, 403, 403, ],
+ [100, "legacy", "@action=deny @src_ip=192.0.2.1/24", "",
ALLOW_GET_AND_POST, 200, 200, ],
+ [101, "legacy", "@action=deny @src_ip=192.0.2.1/24", "",
ALLOW_GET, 200, 403, ],
+ [102, "legacy", "@action=deny @src_ip=192.0.2.0/24", "",
DENY_GET, 403, 200, ],
+ [103, "legacy", "@action=deny @src_ip=192.0.2.0/24", "",
DENY_GET_AND_POST, 403, 403, ],
]
# yapf: enable
diff --git a/tests/gold_tests/remap/deactivate_ip_allow.py
b/tests/gold_tests/remap/deactivate_ip_allow.py
index 12763bc1ed..c3ef1fae43 100644
--- a/tests/gold_tests/remap/deactivate_ip_allow.py
+++ b/tests/gold_tests/remap/deactivate_ip_allow.py
@@ -61,58 +61,66 @@ ip_allow:
# yapf: disable
keys = ["index", "policy", "inline", "named_acl", "deactivate_ip_allow",
"ip_allow", "GET response", "POST response"]
deactivate_ip_allow_combinations = [
- [ 0, "legacy", "", "", False,
ALLOW_GET_AND_POST, 200, 200, ],
- [ 1, "legacy", "", "", False, ALLOW_GET,
200, 403, ],
- [ 2, "legacy", "", "", False, DENY_GET,
403, 200, ],
- [ 3, "legacy", "", "", False,
DENY_GET_AND_POST, 403, 403, ],
- [ 4, "legacy", "", "", False, DENY_ALL,
None, None, ],
- [ 5, "legacy", "", "", True,
ALLOW_GET_AND_POST, 200, 200, ],
- [ 6, "legacy", "", "", True, ALLOW_GET,
200, 200, ],
- [ 7, "legacy", "", "", True, DENY_GET,
200, 200, ],
- [ 8, "legacy", "", "", True,
DENY_GET_AND_POST, 200, 200, ],
- [ 9, "legacy", "", "", True, DENY_ALL,
200, 200, ],
- [ 10, "legacy", "@action=allow @method=GET", "", False,
ALLOW_GET_AND_POST, 200, 200, ],
- [ 11, "legacy", "@action=allow @method=GET", "", False, ALLOW_GET,
200, 403, ],
- [ 12, "legacy", "@action=allow @method=GET", "", False, DENY_GET,
200, 200, ],
- [ 13, "legacy", "@action=allow @method=GET", "", False,
DENY_GET_AND_POST, 200, 403, ],
- [ 14, "legacy", "@action=allow @method=GET", "", False, DENY_ALL,
None, None, ],
- [ 15, "legacy", "@action=allow @method=GET", "", True,
ALLOW_GET_AND_POST, 200, 200, ],
- [ 16, "legacy", "@action=allow @method=GET", "", True, ALLOW_GET,
200, 200, ],
- [ 17, "legacy", "@action=allow @method=GET", "", True, DENY_GET,
200, 200, ],
- [ 18, "legacy", "@action=allow @method=GET", "", True,
DENY_GET_AND_POST, 200, 200, ],
- [ 19, "legacy", "@action=allow @method=GET", "", True, DENY_ALL,
200, 200, ],
- [ 20, "legacy", "@action=deny @method=GET", "", False,
ALLOW_GET_AND_POST, 403, 200, ],
- [ 21, "legacy", "@action=deny @method=GET", "", False, ALLOW_GET,
403, 403, ],
- [ 22, "legacy", "@action=deny @method=GET", "", False, DENY_GET,
403, 200, ],
- [ 23, "legacy", "@action=deny @method=GET", "", False,
DENY_GET_AND_POST, 403, 403, ],
- [ 24, "legacy", "@action=deny @method=GET", "", False, DENY_ALL,
None, None, ],
- [ 25, "legacy", "@action=deny @method=GET", "", True,
ALLOW_GET_AND_POST, 403, 200, ],
- [ 26, "legacy", "@action=deny @method=GET", "", True, ALLOW_GET,
403, 200, ],
- [ 27, "legacy", "@action=deny @method=GET", "", True, DENY_GET,
403, 200, ],
- [ 28, "legacy", "@action=deny @method=GET", "", True,
DENY_GET_AND_POST, 403, 200, ],
- [ 29, "legacy", "@action=deny @method=GET", "", True, DENY_ALL,
403, 200, ],
+ [ 0, "legacy", "", "", False,
ALLOW_GET_AND_POST, 200, 200, ],
+ [ 1, "legacy", "", "", False,
ALLOW_GET, 200, 403, ],
+ [ 2, "legacy", "", "", False,
DENY_GET, 403, 200, ],
+ [ 3, "legacy", "", "", False,
DENY_GET_AND_POST, 403, 403, ],
+ [ 4, "legacy", "", "", False,
DENY_ALL, None, None, ],
+ [ 5, "legacy", "", "", True,
ALLOW_GET_AND_POST, 200, 200, ],
+ [ 6, "legacy", "", "", True,
ALLOW_GET, 200, 200, ],
+ [ 7, "legacy", "", "", True,
DENY_GET, 200, 200, ],
+ [ 8, "legacy", "", "", True,
DENY_GET_AND_POST, 200, 200, ],
+ [ 9, "legacy", "", "", True,
DENY_ALL, 200, 200, ],
+ [ 10, "legacy", "@action=allow @method=GET", "", False,
ALLOW_GET_AND_POST, 200, 403, ],
+ [ 11, "legacy", "@action=allow @method=GET", "", False,
ALLOW_GET, 200, 403, ],
+ [ 12, "legacy", "@action=allow @method=GET", "", False,
DENY_GET, 403, 403, ],
+ [ 13, "legacy", "@action=allow @method=GET", "", False,
DENY_GET_AND_POST, 403, 403, ],
+ [ 14, "legacy", "@action=allow @method=GET", "", False,
DENY_ALL, None, None, ],
+ [ 15, "legacy", "@action=allow @method=GET", "", True,
ALLOW_GET_AND_POST, 200, 403, ],
+ [ 16, "legacy", "@action=allow @method=GET", "", True,
ALLOW_GET, 200, 403, ],
+ [ 17, "legacy", "@action=allow @method=GET", "", True,
DENY_GET, 200, 403, ],
+ [ 18, "legacy", "@action=allow @method=GET", "", True,
DENY_GET_AND_POST, 200, 403, ],
+ [ 19, "legacy", "@action=allow @method=GET", "", True,
DENY_ALL, 200, 403, ],
+ [ 20, "legacy", "@action=deny @method=GET", "", False,
ALLOW_GET_AND_POST, 403, 200, ],
+ [ 21, "legacy", "@action=deny @method=GET", "", False,
ALLOW_GET, 403, 403, ],
+ [ 22, "legacy", "@action=deny @method=GET", "", False,
DENY_GET, 403, 200, ],
+ [ 23, "legacy", "@action=deny @method=GET", "", False,
DENY_GET_AND_POST, 403, 403, ],
+ [ 24, "legacy", "@action=deny @method=GET", "", False,
DENY_ALL, None, None, ],
+ [ 25, "legacy", "@action=deny @method=GET", "", True,
ALLOW_GET_AND_POST, 403, 200, ],
+ [ 26, "legacy", "@action=deny @method=GET", "", True,
ALLOW_GET, 403, 200, ],
+ [ 27, "legacy", "@action=deny @method=GET", "", True,
DENY_GET, 403, 200, ],
+ [ 28, "legacy", "@action=deny @method=GET", "", True,
DENY_GET_AND_POST, 403, 200, ],
+ [ 29, "legacy", "@action=deny @method=GET", "", True,
DENY_ALL, 403, 200, ],
+ [ 30, "legacy", "@action=allow @src_ip=127.0.0.1", "", False,
DENY_ALL, None, None, ],
+ [ 31, "legacy", "@action=allow @src_ip=127.0.0.1", "", True,
DENY_ALL, 200, 200, ],
+ [ 32, "legacy", "@action=deny @src_ip=127.0.0.1", "", False,
DENY_ALL, None, None, ],
+ [ 33, "legacy", "@action=deny @src_ip=127.0.0.1", "", True,
DENY_ALL, 403, 403, ],
+ [ 34, "legacy", "@action=allow @src_ip=192.0.2.1/24", "", False,
DENY_ALL, None, None, ],
+ [ 35, "legacy", "@action=allow @src_ip=192.0.2.1/24", "", True,
DENY_ALL, 403, 403, ],
+ [ 36, "legacy", "@action=deny @src_ip=192.0.2.0/24", "", False,
DENY_ALL, None, None, ],
+ [ 37, "legacy", "@action=deny @src_ip=192.0.2.0/24", "", True,
DENY_ALL, 200, 200, ],
# Verify in legacy mode that add_allow acts just like allow, and add_deny
acts just like deny.
- [ 30, "legacy", "@action=add_allow @method=GET", "", False,
ALLOW_GET_AND_POST, 200, 200, ],
- [ 31, "legacy", "@action=add_allow @method=GET", "", False, ALLOW_GET,
200, 403, ],
- [ 32, "legacy", "@action=add_allow @method=GET", "", False, DENY_GET,
200, 200, ],
- [ 33, "legacy", "@action=add_allow @method=GET", "", False,
DENY_GET_AND_POST, 200, 403, ],
- [ 34, "legacy", "@action=add_allow @method=GET", "", False, DENY_ALL,
None, None, ],
- [ 35, "legacy", "@action=add_allow @method=GET", "", True,
ALLOW_GET_AND_POST, 200, 200, ],
- [ 36, "legacy", "@action=add_allow @method=GET", "", True, ALLOW_GET,
200, 200, ],
- [ 37, "legacy", "@action=add_allow @method=GET", "", True, DENY_GET,
200, 200, ],
- [ 38, "legacy", "@action=add_allow @method=GET", "", True,
DENY_GET_AND_POST, 200, 200, ],
- [ 39, "legacy", "@action=add_allow @method=GET", "", True, DENY_ALL,
200, 200, ],
- [ 40, "legacy", "@action=add_deny @method=GET", "", False,
ALLOW_GET_AND_POST, 403, 200, ],
- [ 41, "legacy", "@action=add_deny @method=GET", "", False, ALLOW_GET,
403, 403, ],
- [ 42, "legacy", "@action=add_deny @method=GET", "", False, DENY_GET,
403, 200, ],
- [ 43, "legacy", "@action=add_deny @method=GET", "", False,
DENY_GET_AND_POST, 403, 403, ],
- [ 44, "legacy", "@action=add_deny @method=GET", "", False, DENY_ALL,
None, None, ],
- [ 45, "legacy", "@action=add_deny @method=GET", "", True,
ALLOW_GET_AND_POST, 403, 200, ],
- [ 46, "legacy", "@action=add_deny @method=GET", "", True, ALLOW_GET,
403, 200, ],
- [ 47, "legacy", "@action=add_deny @method=GET", "", True, DENY_GET,
403, 200, ],
- [ 48, "legacy", "@action=add_deny @method=GET", "", True,
DENY_GET_AND_POST, 403, 200, ],
- [ 49, "legacy", "@action=add_deny @method=GET", "", True, DENY_ALL,
403, 200, ],
+ [ 38, "legacy", "@action=add_allow @method=GET", "", False,
ALLOW_GET_AND_POST, 200, 403, ],
+ [ 39, "legacy", "@action=add_allow @method=GET", "", False,
ALLOW_GET, 200, 403, ],
+ [ 40, "legacy", "@action=add_allow @method=GET", "", False,
DENY_GET, 403, 403, ],
+ [ 41, "legacy", "@action=add_allow @method=GET", "", False,
DENY_GET_AND_POST, 403, 403, ],
+ [ 42, "legacy", "@action=add_allow @method=GET", "", False,
DENY_ALL, None, None, ],
+ [ 43, "legacy", "@action=add_allow @method=GET", "", True,
ALLOW_GET_AND_POST, 200, 403, ],
+ [ 44, "legacy", "@action=add_allow @method=GET", "", True,
ALLOW_GET, 200, 403, ],
+ [ 45, "legacy", "@action=add_allow @method=GET", "", True,
DENY_GET, 200, 403, ],
+ [ 46, "legacy", "@action=add_allow @method=GET", "", True,
DENY_GET_AND_POST, 200, 403, ],
+ [ 47, "legacy", "@action=add_allow @method=GET", "", True,
DENY_ALL, 200, 403, ],
+ [ 48, "legacy", "@action=add_deny @method=GET", "", False,
ALLOW_GET_AND_POST, 403, 200, ],
+ [ 49, "legacy", "@action=add_deny @method=GET", "", False,
ALLOW_GET, 403, 403, ],
+ [ 50, "legacy", "@action=add_deny @method=GET", "", False,
DENY_GET, 403, 200, ],
+ [ 51, "legacy", "@action=add_deny @method=GET", "", False,
DENY_GET_AND_POST, 403, 403, ],
+ [ 52, "legacy", "@action=add_deny @method=GET", "", False,
DENY_ALL, None, None, ],
+ [ 53, "legacy", "@action=add_deny @method=GET", "", True,
ALLOW_GET_AND_POST, 403, 200, ],
+ [ 54, "legacy", "@action=add_deny @method=GET", "", True,
ALLOW_GET, 403, 200, ],
+ [ 55, "legacy", "@action=add_deny @method=GET", "", True,
DENY_GET, 403, 200, ],
+ [ 56, "legacy", "@action=add_deny @method=GET", "", True,
DENY_GET_AND_POST, 403, 200, ],
+ [ 57, "legacy", "@action=add_deny @method=GET", "", True,
DENY_ALL, 403, 200, ],
]
all_deactivate_ip_allow_tests = [dict(zip(keys, test)) for test in
deactivate_ip_allow_combinations]
# yapf: enable
diff --git a/tests/gold_tests/remap/remap_acl.test.py
b/tests/gold_tests/remap/remap_acl.test.py
index d70f6655e9..32ea37c6f6 100644
--- a/tests/gold_tests/remap/remap_acl.test.py
+++ b/tests/gold_tests/remap/remap_acl.test.py
@@ -484,7 +484,7 @@ for idx, test in enumerate(all_acl_combination_tests):
test["POST response"],
)
Test_remap_acl(
- "{0} {1} {2}".format(test["inline"], test["named_acl"],
test["ip_allow"]),
+ "allcombo-{0} {1} {2} {3}".format(idx, test["inline"],
test["named_acl"], test["ip_allow"]),
replay_file=replay_file_name,
ip_allow_content=test["ip_allow"],
deactivate_ip_allow=False,
@@ -509,7 +509,7 @@ for idx, test in enumerate(all_deactivate_ip_allow_tests):
test["POST response"],
)
Test_remap_acl(
- "{0} {1} {2}".format(test["inline"], test["named_acl"],
test["ip_allow"]),
+ "ipallow-{0} {1} {2} {3}".format(idx, test["inline"],
test["named_acl"], test["ip_allow"]),
replay_file=replay_file_name,
ip_allow_content=test["ip_allow"],
deactivate_ip_allow=test["deactivate_ip_allow"],
