Add IP blocking functionality to HAProxy Manager
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 1m1s
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 1m1s
- Add blocked_ips database table to store blocked IP addresses - Implement API endpoints for IP blocking management: - GET /api/blocked-ips: List all blocked IPs - POST /api/blocked-ips: Block an IP address - DELETE /api/blocked-ips: Unblock an IP address - Update HAProxy configuration generation to include blocked IP ACLs - Create blocked IP page template for denied access - Add comprehensive API documentation for WHP integration - Include test script for IP blocking functionality - Update .gitignore with Python patterns - Add CLAUDE.md for codebase documentation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
184
scripts/test-ip-blocking.sh
Executable file
184
scripts/test-ip-blocking.sh
Executable file
@@ -0,0 +1,184 @@
|
||||
#!/bin/bash
|
||||
|
||||
# HAProxy Manager IP Blocking Test Script
|
||||
# This script tests the IP blocking functionality
|
||||
|
||||
BASE_URL="http://localhost:8000"
|
||||
API_KEY="${HAPROXY_API_KEY:-}"
|
||||
TEST_IP="192.168.100.50"
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
# Function to print colored output
|
||||
print_status() {
|
||||
local status=$1
|
||||
local message=$2
|
||||
|
||||
if [ "$status" = "PASS" ]; then
|
||||
echo -e "${GREEN}✓ PASS${NC}: $message"
|
||||
elif [ "$status" = "FAIL" ]; then
|
||||
echo -e "${RED}✗ FAIL${NC}: $message"
|
||||
else
|
||||
echo -e "${YELLOW}? INFO${NC}: $message"
|
||||
fi
|
||||
}
|
||||
|
||||
# Function to make API request
|
||||
api_request() {
|
||||
local method=$1
|
||||
local endpoint=$2
|
||||
local data=$3
|
||||
|
||||
local headers=""
|
||||
if [ -n "$API_KEY" ]; then
|
||||
headers="-H \"Authorization: Bearer $API_KEY\""
|
||||
fi
|
||||
|
||||
if [ -n "$data" ]; then
|
||||
headers="$headers -H \"Content-Type: application/json\" -d '$data'"
|
||||
fi
|
||||
|
||||
eval "curl -s -w '\n%{http_code}' $headers -X $method $BASE_URL$endpoint"
|
||||
}
|
||||
|
||||
echo "HAProxy Manager IP Blocking Test Suite"
|
||||
echo "======================================"
|
||||
echo "Base URL: $BASE_URL"
|
||||
echo "API Key: ${API_KEY:-"Not configured"}"
|
||||
echo "Test IP: $TEST_IP"
|
||||
echo ""
|
||||
|
||||
# Test 1: Get current blocked IPs
|
||||
print_status "INFO" "Testing GET /api/blocked-ips endpoint..."
|
||||
response=$(api_request "GET" "/api/blocked-ips")
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
body=$(echo "$response" | head -n -1)
|
||||
|
||||
if [ "$http_code" = "200" ] || [ "$http_code" = "401" ]; then
|
||||
print_status "PASS" "Get blocked IPs endpoint working (status: $http_code)"
|
||||
echo "Current blocked IPs: $body"
|
||||
else
|
||||
print_status "FAIL" "Get blocked IPs failed with status $http_code"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
||||
# Test 2: Block an IP
|
||||
print_status "INFO" "Testing POST /api/blocked-ips endpoint..."
|
||||
block_data='{
|
||||
"ip_address": "'$TEST_IP'",
|
||||
"reason": "Test blocking from script",
|
||||
"blocked_by": "Test Script"
|
||||
}'
|
||||
|
||||
response=$(api_request "POST" "/api/blocked-ips" "$block_data")
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
body=$(echo "$response" | head -n -1)
|
||||
|
||||
if [ "$http_code" = "200" ] || [ "$http_code" = "201" ]; then
|
||||
print_status "PASS" "Block IP endpoint working - IP $TEST_IP blocked"
|
||||
echo "Response: $body"
|
||||
elif [ "$http_code" = "409" ]; then
|
||||
print_status "INFO" "IP $TEST_IP is already blocked"
|
||||
elif [ "$http_code" = "401" ]; then
|
||||
print_status "FAIL" "Authentication required (check API key)"
|
||||
else
|
||||
print_status "FAIL" "Block IP failed with status $http_code"
|
||||
echo "Response: $body"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
||||
# Test 3: Try to block same IP again (should get 409)
|
||||
print_status "INFO" "Testing duplicate block (should fail)..."
|
||||
response=$(api_request "POST" "/api/blocked-ips" "$block_data")
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
|
||||
if [ "$http_code" = "409" ]; then
|
||||
print_status "PASS" "Duplicate block correctly rejected with 409"
|
||||
else
|
||||
print_status "FAIL" "Unexpected status $http_code for duplicate block"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
||||
# Test 4: Get blocked IPs to verify our IP is there
|
||||
print_status "INFO" "Verifying IP is in blocked list..."
|
||||
response=$(api_request "GET" "/api/blocked-ips")
|
||||
body=$(echo "$response" | head -n -1)
|
||||
|
||||
if echo "$body" | grep -q "$TEST_IP"; then
|
||||
print_status "PASS" "IP $TEST_IP found in blocked list"
|
||||
else
|
||||
print_status "FAIL" "IP $TEST_IP not found in blocked list"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
||||
# Test 5: Unblock the IP
|
||||
print_status "INFO" "Testing DELETE /api/blocked-ips endpoint..."
|
||||
unblock_data='{"ip_address": "'$TEST_IP'"}'
|
||||
|
||||
response=$(api_request "DELETE" "/api/blocked-ips" "$unblock_data")
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
body=$(echo "$response" | head -n -1)
|
||||
|
||||
if [ "$http_code" = "200" ]; then
|
||||
print_status "PASS" "Unblock IP endpoint working - IP $TEST_IP unblocked"
|
||||
echo "Response: $body"
|
||||
elif [ "$http_code" = "404" ]; then
|
||||
print_status "INFO" "IP $TEST_IP was not in blocked list"
|
||||
elif [ "$http_code" = "401" ]; then
|
||||
print_status "FAIL" "Authentication required (check API key)"
|
||||
else
|
||||
print_status "FAIL" "Unblock IP failed with status $http_code"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
||||
# Test 6: Try to unblock non-existent IP (should get 404)
|
||||
print_status "INFO" "Testing unblock of non-existent IP..."
|
||||
fake_data='{"ip_address": "1.2.3.4"}'
|
||||
response=$(api_request "DELETE" "/api/blocked-ips" "$fake_data")
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
|
||||
if [ "$http_code" = "404" ]; then
|
||||
print_status "PASS" "Non-existent IP correctly returned 404"
|
||||
else
|
||||
print_status "FAIL" "Unexpected status $http_code for non-existent IP"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
|
||||
# Test 7: Test missing IP address in request
|
||||
print_status "INFO" "Testing requests with missing IP address..."
|
||||
invalid_data='{}'
|
||||
|
||||
response=$(api_request "POST" "/api/blocked-ips" "$invalid_data")
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
if [ "$http_code" = "400" ]; then
|
||||
print_status "PASS" "Block request with missing IP correctly returned 400"
|
||||
else
|
||||
print_status "FAIL" "Unexpected status $http_code for missing IP in block request"
|
||||
fi
|
||||
|
||||
response=$(api_request "DELETE" "/api/blocked-ips" "$invalid_data")
|
||||
http_code=$(echo "$response" | tail -n 1)
|
||||
if [ "$http_code" = "400" ]; then
|
||||
print_status "PASS" "Unblock request with missing IP correctly returned 400"
|
||||
else
|
||||
print_status "FAIL" "Unexpected status $http_code for missing IP in unblock request"
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "======================================"
|
||||
echo "IP Blocking tests completed"
|
||||
echo ""
|
||||
echo "To manually test the blocked page:"
|
||||
echo "1. Block an IP: curl -X POST $BASE_URL/api/blocked-ips -H 'Authorization: Bearer YOUR_KEY' -H 'Content-Type: application/json' -d '{\"ip_address\": \"YOUR_IP\"}'"
|
||||
echo "2. Access any domain through HAProxy from that IP"
|
||||
echo "3. You should see the 'Access Denied' page"
|
||||
Reference in New Issue
Block a user