review fix: clarify buildFirewallRules test

fingerprintjs · Jan 5, 2024 · 6f0ec1b · 6f0ec1b
1 parent ab90eef
commit 6f0ec1b
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 13 deletions.
diff --git a/src/server/botd-firewall/buildFirewallRules.test.ts b/src/server/botd-firewall/buildFirewallRules.test.ts
@@ -3,6 +3,7 @@ import { describe, expect, it } from 'vitest';
 
 describe('buildFirewallRules', () => {
   it('should build a single firewall rule correctly', async () => {
+    // Already assumed to be all unique due to how out database is set up
     const blockedIps = ['192.168.0.1', '10.0.0.1', '172.16.0.1'];
     const expectedRules = [
       {
@@ -23,18 +24,18 @@ describe('buildFirewallRules', () => {
       '140.184.133.152',
       '253.221.155.217',
       '195.43.16.78',
+      '2.2.2.1',
       '2.2.2.2',
-      '2.2.2.2',
-      '2.2.2.2',
-      '2.2.2.2',
-      '2.2.2.2',
-      '3.3.3.3',
-      '3.3.3.3',
-      '3.3.3.3',
-      '3.3.3.3',
+      '2.2.2.3',
+      '2.2.2.4',
+      '2.2.2.5',
+      '3.3.3.1',
+      '3.3.3.2',
       '3.3.3.3',
-      '4.4.4.4',
-      '4.4.4.4',
+      '3.3.3.4',
+      '3.3.3.5',
+      '4.4.4.1',
+      '4.4.4.2',
     ];
     const expectedRules = [
       {
@@ -46,17 +47,17 @@ describe('buildFirewallRules', () => {
       {
         action: 'block',
         description: 'Block Bot IP addresses #2',
-        expression: 'http.x_forwarded_for in {"2.2.2.2" "2.2.2.2" "2.2.2.2" "2.2.2.2" "2.2.2.2"}',
+        expression: 'http.x_forwarded_for in {"2.2.2.1" "2.2.2.2" "2.2.2.3" "2.2.2.4" "2.2.2.5"}',
       },
       {
         action: 'block',
         description: 'Block Bot IP addresses #3',
-        expression: 'http.x_forwarded_for in {"3.3.3.3" "3.3.3.3" "3.3.3.3" "3.3.3.3" "3.3.3.3"}',
+        expression: 'http.x_forwarded_for in {"3.3.3.1" "3.3.3.2" "3.3.3.3" "3.3.3.4" "3.3.3.5"}',
       },
       {
         action: 'block',
         description: 'Block Bot IP addresses #4',
-        expression: 'http.x_forwarded_for in {"4.4.4.4" "4.4.4.4"}',
+        expression: 'http.x_forwarded_for in {"4.4.4.1" "4.4.4.2"}',
       },
     ];
     const rules = await buildFirewallRules(blockedIps, 5);

diff --git a/src/server/botd-firewall/buildFirewallRules.ts b/src/server/botd-firewall/buildFirewallRules.ts
@@ -22,6 +22,7 @@ export type CloudflareRule = {
 };
 
 export const buildFirewallRules = async (
+  // Already assumed to be unique IP addresses due to how out database is set up
   blockedIps: string[],
   maxIpsPerRule = MAX_IPS_PER_RULE,
 ): Promise<CloudflareRule[]> => {