| 45 | } |
| 46 | |
| 47 | func TestRulesNoRules(t *testing.T) { |
| 48 | ip, _, _ := net.ParseCIDR("1.2.3.4/24") |
| 49 | |
| 50 | policy, _ := NewPolicy(true, []Rule{}) |
| 51 | |
| 52 | allowed, rule := policy.Allowed(ip, 80) |
| 53 | assert.True(t, allowed, "expected to be allowed as no rules and default allow") |
| 54 | assert.Nil(t, rule, "expected to be nil as no rules") |
| 55 | |
| 56 | policy, _ = NewPolicy(false, []Rule{}) |
| 57 | |
| 58 | allowed, rule = policy.Allowed(ip, 80) |
| 59 | assert.False(t, allowed, "expected to be denied as no rules and default deny") |
| 60 | assert.Nil(t, rule, "expected to be nil as no rules") |
| 61 | } |
| 62 | |
| 63 | func TestRulesMatchIPAndPort(t *testing.T) { |
| 64 | ip1, ipnet1, _ := net.ParseCIDR("1.2.3.4/24") |