haproxy/tests/ports.cfg
Willy Tarreau 7f96a8474c MEDIUM: tools: make str2sa_range() validate callers' port specifications
Now str2sa_range() will enforce the caller's port specification passed
using the PA_O_PORT_* flags, and will return an error on failure. For
optional ports, values 0-65535 will be enforced. For mandatory ports,
values 1-65535 are enforced. In case of ranges, it is also verified that
the upper bound is not lower than the lower bound, as this used to result
in empty listeners.

I couldn't find an easy way to test this using VTC since the purpose is
to trigger parse errors, so instead a test file is provided as
tests/ports.cfg with comments about what errors are expected for each
line.
2020-09-16 22:08:08 +02:00

74 lines
3.4 KiB
INI

# This is used to validate the address/port parser using "haproxy -c -f $file".
# Some errors will be returned, they are expected to match the documented ones.
frontend f1
log 127.0.0.1 local0
log 127.0.0.1:10000 local0
log 127.0.0.1:10001-10010 local0 # port range not permitted here in '127.0.0.1:10001-10010'
log 127.0.0.1:+10011 local0 # port offset not permitted here in ':::+10011'
log 127.0.0.1:-10012 local0 # port offset not permitted here in ':::-10012'
bind : # missing port specification in ':'
bind :11001
bind :::11002
bind :::11003-11010
bind :::+11011 # port offset not permitted here in ':::+11011'
bind :::-11012 # port offset not permitted here in ':::-11012'
frontend f2
bind :::0 # invalid port '0'
bind :::0-11 # invalid port '0'
bind :::65016- # invalid port ''
bind :::65016-1024 # invalid port range '65016-1024'
bind :::65016--1024 # invalid port '-1024'
bind :::66016-1024 # invalid port '66016'
backend b2
source :12001
source :::12002
source :::12003-12010 # port range not permitted here in '127.0.0.1:12003-12010'
source :::+12011 # port offset not permitted here in ':::+12011'
source :::-12012 # port offset not permitted here in ':::-12012'
backend b3
server s1 :
server s2 localhost:13001
server s3 :13002
server s4 :+13003
server s5 :-13004
server s6 :13005-13010 # port range not permitted here in ':13005-13010'
backend b4
server s1 : addr 0.0.0.1:14001 # addr: port specification not permitted here
backend b5
server s1 : source localhost:15000
server s1 : source 0.0.0.1:15001
server s2 : source 0.0.0.1:+15002 # port offset not permitted here in '0.0.0.1:+15002'
server s3 : source 0.0.0.1:-15003 # port offset not permitted here in '0.0.0.1:-15003'
server s4 : source 0.0.0.1:15004-15010
backend b6
server s1 : source 0.0.0.0 usesrc localhost:16000
server s1 : source 0.0.0.0 usesrc 0.0.0.1:16001
server s2 : source 0.0.0.0 usesrc 0.0.0.1:+16002 # port offset not permitted here in '0.0.0.1:+16002'
server s3 : source 0.0.0.0 usesrc 0.0.0.1:-16003 # port offset not permitted here in '0.0.0.1:-16003'
server s4 : source 0.0.0.0 usesrc 0.0.0.1:16004-16010 # port range not permitted here in '0.0.0.1:16004-16010'
backend b7
server s1 : socks4 0.0.0.1 # missing port specification in '0.0.0.1'
server s2 : socks4 localhost:18000
server s2 : socks4 0.0.0.1:18001
server s3 : socks4 0.0.0.1:+18002 # port offset not permitted here in '0.0.0.1:+18002'
server s4 : socks4 0.0.0.1:-18003 # port offset not permitted here in '0.0.0.1:-18003'
server s5 : socks4 0.0.0.1:18004-18010 # port range not permitted here in '0.0.0.1:18004-18010'
backend b8
tcp-check connect addr 0.0.0.1
tcp-check connect addr 0.0.0.1:
tcp-check connect addr localhost:19000
tcp-check connect addr 0.0.0.1:19001
tcp-check connect addr 0.0.0.1:+19002 # port offset not permitted here in '0.0.0.1:+19002'
tcp-check connect addr 0.0.0.1:-19003 # port offset not permitted here in '0.0.0.1:-19003'
tcp-check connect addr 0.0.0.1:19004-19005 # port range not permitted here in '0.0.0.1:19004-19010'