From 89d9cdeb3a379436083b1bb0f1e09c04fdba1c74 Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Wed, 24 Jan 2024 15:51:13 -0500
Subject: [PATCH] IP range denylist logging, and fix logic error

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/api/server_server.rs   | 11 +++++++++--
 src/service/sending/mod.rs | 11 +++++++++--
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/src/api/server_server.rs b/src/api/server_server.rs
index 90c9e8be..3ab5709c 100644
--- a/src/api/server_server.rs
+++ b/src/api/server_server.rs
@@ -133,7 +133,10 @@ where
     }
 
     if destination.is_ip_literal() {
-        info!("Destination is an IP literal, checking against IP range denylist.");
+        info!(
+            "Destination {} is an IP literal, checking against IP range denylist.",
+            destination
+        );
         let ip = IPAddress::parse(destination.host()).map_err(|e| {
             warn!("Failed to parse IP literal from string: {}", e);
             Error::BadServerResponse("Invalid IP address")
@@ -146,13 +149,17 @@ where
             cidr_ranges.push(IPAddress::parse(cidr).expect("we checked this at startup"));
         }
 
+        debug!("List of pushed CIDR ranges: {:?}", cidr_ranges);
+
         for cidr in cidr_ranges {
-            if ip.includes(&cidr) {
+            if cidr.includes(&ip) {
                 return Err(Error::BadServerResponse(
                     "Not allowed to send requests to this IP",
                 ));
             }
         }
+
+        info!("IP literal {} is allowed.", destination);
     }
 
     debug!("Preparing to send request to {destination}");
diff --git a/src/service/sending/mod.rs b/src/service/sending/mod.rs
index 1cab41b2..b05bef2b 100644
--- a/src/service/sending/mod.rs
+++ b/src/service/sending/mod.rs
@@ -718,7 +718,10 @@ impl Service {
         T: Debug,
     {
         if destination.is_ip_literal() {
-            info!("Destination is an IP literal, checking against IP range denylist.");
+            info!(
+                "Destination {} is an IP literal, checking against IP range denylist.",
+                destination
+            );
             let ip = IPAddress::parse(destination.host()).map_err(|e| {
                 warn!("Failed to parse IP literal from string: {}", e);
                 Error::BadServerResponse("Invalid IP address")
@@ -731,13 +734,17 @@ impl Service {
                 cidr_ranges.push(IPAddress::parse(cidr).expect("we checked this at startup"));
             }
 
+            debug!("List of pushed CIDR ranges: {:?}", cidr_ranges);
+
             for cidr in cidr_ranges {
-                if ip.includes(&cidr) {
+                if cidr.includes(&ip) {
                     return Err(Error::BadServerResponse(
                         "Not allowed to send requests to this IP",
                     ));
                 }
             }
+
+            info!("IP literal {} is allowed.", destination);
         }
 
         debug!("Waiting for permit");