ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
13059e056817393b10cd552e83e42862cc81987a
prowler/tests/providers/aws/services/ec2/lib/security_groups_test.py
Pepe Fagoaga 13059e0568 fix(ec2-securitygroups): Handle IPv6 public (#2690)
2023-08-09 10:08:30 +02:00

62 lines
2.0 KiB
Python
Raw Blame History

import pytest
from prowler.providers.aws.services.ec2.lib.security_groups import _is_cidr_public
class Test_security_groups:
def test__is_cidr_public_Public_IPv4_all_IPs_any_address_false(self):
cidr = "0.0.0.0/0"
assert _is_cidr_public(cidr)
def test__is_cidr_public_Public_IPv4__all_IPs_any_address_true(self):
cidr = "0.0.0.0/0"
assert _is_cidr_public(cidr, any_address=True)
def test__is_cidr_public_Public_IPv4_any_address_false(self):
cidr = "84.28.12.2/32"
assert _is_cidr_public(cidr)
def test__is_cidr_public_Public_IPv4_any_address_true(self):
cidr = "84.28.12.2/32"
assert not _is_cidr_public(cidr, any_address=True)
def test__is_cidr_public_Private_IPv4(self):
cidr = "10.0.0.0/8"
assert not _is_cidr_public(cidr, any_address=True)
def test__is_cidr_public_Private_IPv4_any_address_true(self):
cidr = "10.0.0.0/8"
assert not _is_cidr_public(cidr)
def test__is_cidr_public_Bad_Private_IPv4(self):
cidr = "10.0.0.0/0"
with pytest.raises(ValueError) as ex:
_is_cidr_public(cidr)
assert ex.type == ValueError
assert ex.match(f"{cidr} has host bits set")
def test__is_cidr_public_Public_IPv6_all_IPs_any_address_false(self):
cidr = "::/0"
assert _is_cidr_public(cidr)
def test__is_cidr_public_Public_IPv6_all_IPs_any_adress_true(self):
cidr = "::/0"
assert _is_cidr_public(cidr, any_address=True)
def test__is_cidr_public_Public_IPv6(self):
cidr = "cafe:cafe:cafe:cafe::/64"
assert _is_cidr_public(cidr)
def test__is_cidr_public_Public_IPv6_any_adress_true(self):
cidr = "cafe:cafe:cafe:cafe::/64"
assert not _is_cidr_public(cidr, any_address=True)
def test__is_cidr_public_Private_IPv6(self):
cidr = "fc00::/7"
assert not _is_cidr_public(cidr)
def test__is_cidr_public_Private_IPv6_any_adress_true(self):
cidr = "fc00::/7"
assert not _is_cidr_public(cidr, any_address=True)
Reference in New Issue View Git Blame Copy Permalink