Merge pull request #20 from softonic/bugfix/filter-adaptive-rules

Bugfix/filter adaptive rules

app/actor/armor_actor.go

@@ -102,7 +102,7 @@ func getIPsAlreadyBlockedFromRules(g *GCPArmorActor, securityPolicy string) ([]s
 
 	for _, singleRule := range resp.Rules {
 
-		if *singleRule.Action != "allow" {
+		if *singleRule.Action != "allow" && singleRule.Match.Config.SrcIpRanges != nil {
 
 			sourceIps = computepb.SecurityPolicyRuleMatcherConfig{
 				SrcIpRanges: singleRule.Match.Config.SrcIpRanges,
@@ -280,7 +280,7 @@ func uniqueItems(sourceIPs []string, exceptionsIPs []string) []string {
 		count := 0
 		for _, armorIps := range exceptionsIPs {
 			ipWithMaskES = elasticIps
-			if ipWithMaskES == armorIps {
+			if ipWithMaskES == armorIps || ipWithMaskES == armorIps+"/32" || ipWithMaskES+"/32" == armorIps {
 				count++
 			}
 		}

app/actor/armor_actor_test.go

@@ -20,6 +20,7 @@ func TestDetectWhichOfTheseIPsAreNotBlocked(t *testing.T) {
 	elasticIPs := []string{
 		"1.1.1.1",
 		"2.2.2.2",
+		"2.2.2.2",
 	}
 
 	armorIPs := []string{
@@ -34,6 +35,8 @@ func TestDetectWhichOfTheseIPsAreNotBlocked(t *testing.T) {
 
 	result := uniqueItems(elasticIPs, armorIPs)
 
+	result = removeDuplicateStr(result)
+
 	if !reflect.DeepEqual(expected, result) {
 		t.Errorf("Error actual = %v, and Expected = %v.", result, expected)
 	}
@@ -55,6 +58,7 @@ func TestDetectWhichOfTheseIPsAreNotExcluded(t *testing.T) {
 	elasticIPs := []string{
 		"1.1.1.1",
 		"2.2.2.2",
+		"2.2.2.2",
 	}
 
 	exceptionsIPs := []string{
@@ -69,6 +73,8 @@ func TestDetectWhichOfTheseIPsAreNotExcluded(t *testing.T) {
 
 	result := uniqueItems(elasticIPs, exceptionsIPs)
 
+	result = removeDuplicateStr(result)
+
 	if !reflect.DeepEqual(expected, result) {
 		t.Errorf("Error actual = %v, and Expected = %v.", result, expected)
 	}