MyFavMirrors/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2025-11-07 21:02:51 -05:00
Code Issues Packages Projects Releases Wiki Activity

policy: reject unsupported fields (#2764)

Browse Source
This commit is contained in:
Kristoffer Dalby
2025-09-12 14:47:56 +02:00
committed by GitHub
parent 1b1c989268
commit 2938d03878
10 changed files with 1177 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
integration/cli_test.go
View File

@@ -1885,7 +1885,7 @@ func TestPolicyBrokenConfigCommand(t *testing.T) {
policyFilePath,
},
)
assert.ErrorContains(t, err, "compiling filter rules: invalid action")
assert.ErrorContains(t, err, `invalid action "unknown-action"`)
// The new policy was invalid, the old one should still be in place, which
// is none.

6
integration/route_test.go
View File

@@ -1481,7 +1481,7 @@ func TestSubnetRouteACL(t *testing.T) {
wantClientFilter := []filter.Match{
{
IPProto: views.SliceOf([]ipproto.Proto{
ipproto.TCP, ipproto.UDP, ipproto.ICMPv4, ipproto.ICMPv6,
ipproto.TCP, ipproto.UDP,
}),
Srcs: []netip.Prefix{
netip.MustParsePrefix("100.64.0.1/32"),
@@ -1513,7 +1513,7 @@ func TestSubnetRouteACL(t *testing.T) {
wantSubnetFilter := []filter.Match{
{
IPProto: views.SliceOf([]ipproto.Proto{
ipproto.TCP, ipproto.UDP, ipproto.ICMPv4, ipproto.ICMPv6,
ipproto.TCP, ipproto.UDP,
}),
Srcs: []netip.Prefix{
netip.MustParsePrefix("100.64.0.1/32"),
@@ -1535,7 +1535,7 @@ func TestSubnetRouteACL(t *testing.T) {
},
{
IPProto: views.SliceOf([]ipproto.Proto{
ipproto.TCP, ipproto.UDP, ipproto.ICMPv4, ipproto.ICMPv6,
ipproto.TCP, ipproto.UDP,
}),
Srcs: []netip.Prefix{
netip.MustParsePrefix("100.64.0.1/32"),