Skip to content

Commit 2b3ff5d

Browse files
ajtmsajtms
authored
Fix /32 validation for PrivateRange on firewall and firewall policy (#25313)
* Fixed /32 only being valid for 255.255.255.255/32. Updated firewall and firewall policy tests to test that other /32 subnets are considered valid. * Recorded new session records for the updated tests. * Updated the changelog
1 parent 869dda5 commit 2b3ff5d

File tree

6 files changed

+991
-860
lines changed

6 files changed

+991
-860
lines changed

src/Network/Network.Test/ScenarioTests/AzureFirewallPolicyTests.ps1

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1517,7 +1517,7 @@ function Test-AzureFirewallPolicyPrivateRangeCRUD {
15171517
$privateRange2 = @("IANAPrivateRanges", "0.0.0.0/0", "66.92.0.0/16")
15181518
$privateRange1 = @("3.3.0.0/24", "98.0.0.0/8","10.227.16.0/20")
15191519
$privateRange2Translated = @("0.0.0.0/0", "66.92.0.0/16", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10")
1520-
$privateRange3 = @("255.255.255.255/32")
1520+
$privateRange3 = @("255.255.255.255/32", "0.0.0.0/32", "1.0.0.0/32", "0.0.0.1/32")
15211521

15221522
try {
15231523

@@ -1543,7 +1543,7 @@ function Test-AzureFirewallPolicyPrivateRangeCRUD {
15431543
$getAzureFirewallPolicy = Get-AzFirewallPolicy -Name $azureFirewallPolicyName -ResourceGroupName $rgname
15441544
Assert-AreEqualArray $privateRange2Translated $getAzureFirewallPolicy.PrivateRange
15451545

1546-
# Test Always SNAT
1546+
# Test Always SNAT and /32
15471547
$azureFirewallPolicy.PrivateRange = $privateRange3
15481548
Set-AzFirewallPolicy -InputObject $azureFirewallPolicy
15491549
$getAzureFirewallPolicy = Get-AzFirewallPolicy -Name $azureFirewallPolicyName -ResourceGroupName $rgname

src/Network/Network.Test/ScenarioTests/AzureFirewallTests.ps1

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1351,8 +1351,8 @@ function Test-AzureFirewallPrivateRangeCRUD {
13511351

13521352
$privateRange1 = @("IANAPrivateRanges", "0.0.0.0/0", "66.92.0.0/16")
13531353
$privateRange2 = @("3.3.0.0/24", "98.0.0.0/8","10.227.16.0/20","10.226.0.0/16")
1354-
$privateRange3 = @("255.255.255.255/32")
1355-
1354+
$privateRange3 = @("255.255.255.255/32", "0.0.0.0/32", "1.0.0.0/32", "0.0.0.1/32")
1355+
13561356
try {
13571357
# Create the resource group
13581358
$resourceGroup = New-AzResourceGroup -Name $rgname -Location $location
@@ -1377,7 +1377,7 @@ function Test-AzureFirewallPrivateRangeCRUD {
13771377
$getAzureFirewall = Get-AzFirewall -Name $azureFirewallName -ResourceGroupName $rgname
13781378
Assert-AreEqualArray $privateRange2 $getAzureFirewall.PrivateRange
13791379

1380-
# Test Always SNAT
1380+
# Test Always SNAT and /32
13811381
$azureFirewall.PrivateRange = $privateRange3
13821382
Set-AzFirewall -AzureFirewall $azureFirewall
13831383
$getAzureFirewall = Get-AzFirewall -Name $azureFirewallName -ResourceGroupName $rgname

0 commit comments

Comments
 (0)