[ ] Forwarded, X-Forwarded-For, X-Real-IP should be mangled, probably on the fuzzer level
[ ] test HTTP limits - the client key must be computed the resolved client IP (e.g. there should be 2 different resource usage counters for the same IP and different Forwarded values)
[ ] test that trusted_ip_from works in recursive fashion, i.e. doesn't stop on a trusted IP
[ ] check that IPs and subnets in both IPv4 and IPv6 formats are correctly handled for trusted_ip_from. Test many entries for the config option.
[ ] Test dynamic configuration reloading with different trusted_ip_from values
Need to test functionality from https://github.com/tempesta-tech/tempesta/issues/934 :
block_ip on
with and without the newtrusted_ip_from
option without any forwarded headersForwarded
,X-Forwarded-For
,X-Real-IP
(see https://github.com/tempesta-tech/tempesta/issues/1350) . One value per a header and different order of the headers must be tested.Forwarded
,X-Forwarded-For
,X-Real-IP
should be mangled, probably on the fuzzer leveltrusted_ip_from
works in recursive fashion, i.e. doesn't stop on a trusted IPtrusted_ip_from
. Test many entries for the config option.trusted_ip_from
values