Merge pull request #58 from voxpupuli/multi-table-support

add ability to configure rules in tables other than the default "filter" table
author: Tim Meusel <tim@bastelfreak.de> 2019-09-11 13:29:12 +0200
committer: GitHub <noreply@github.com> 2019-09-11 13:29:12 +0200
commit: 6d96e030be0db4a916dd6a9bd0b25570d359e634 (patch)
tree: 523f7a96c5b2640dbf2dd45cd89d931e12ceff9d /spec/classes
parent: 81748ba786c6a55c4575a400c08de99716da8fbb (diff)
parent: 882a45498ddefdfc83ff5b19da723fd0be3acdec (diff)
download: puppet-ferm-6d96e030be0db4a916dd6a9bd0b25570d359e634.tar.gz
puppet-ferm-6d96e030be0db4a916dd6a9bd0b25570d359e634.tar.bz2
1 files changed, 58 insertions, 3 deletions
diff --git a/spec/classes/ferm_spec.rb b/spec/classes/ferm_spec.rb
index e5669b8..225577b 100644
--- a/spec/classes/ferm_spec.rb
+++ b/spec/classes/ferm_spec.rb
@@ -64,6 +64,17 @@ describe 'ferm' do
           is_expected.to contain_concat__fragment('ferm.conf'). \
             without_content(%r{@preserve;})
         end
+        it { is_expected.to contain_concat__fragment('raw-PREROUTING-config-include') }
+        it { is_expected.to contain_concat__fragment('raw-OUTPUT-config-include') }
+        it { is_expected.to contain_concat__fragment('nat-PREROUTING-config-include') }
+        it { is_expected.to contain_concat__fragment('nat-INPUT-config-include') }
+        it { is_expected.to contain_concat__fragment('nat-OUTPUT-config-include') }
+        it { is_expected.to contain_concat__fragment('nat-POSTROUTING-config-include') }
+        it { is_expected.to contain_concat__fragment('mangle-PREROUTING-config-include') }
+        it { is_expected.to contain_concat__fragment('mangle-INPUT-config-include') }
+        it { is_expected.to contain_concat__fragment('mangle-FORWARD-config-include') }
+        it { is_expected.to contain_concat__fragment('mangle-OUTPUT-config-include') }
+        it { is_expected.to contain_concat__fragment('mangle-POSTROUTING-config-include') }
       end
       context 'with managed initfile' do
         let :params do
@@ -77,18 +88,62 @@ describe 'ferm' do
         end
       end
       context 'it creates chains' do
-        it { is_expected.to contain_concat__fragment('FORWARD-policy') }
-        it { is_expected.to contain_concat__fragment('INPUT-policy') }
-        it { is_expected.to contain_concat__fragment('OUTPUT-policy') }
+        it { is_expected.to contain_concat__fragment('raw-PREROUTING-policy') }
+        it { is_expected.to contain_concat__fragment('raw-OUTPUT-policy') }
+        it { is_expected.to contain_concat__fragment('nat-PREROUTING-policy') }
+        it { is_expected.to contain_concat__fragment('nat-INPUT-policy') }
+        it { is_expected.to contain_concat__fragment('nat-OUTPUT-policy') }
+        it { is_expected.to contain_concat__fragment('nat-POSTROUTING-policy') }
+        it { is_expected.to contain_concat__fragment('mangle-PREROUTING-policy') }
+        it { is_expected.to contain_concat__fragment('mangle-INPUT-policy') }
+        it { is_expected.to contain_concat__fragment('mangle-FORWARD-policy') }
+        it { is_expected.to contain_concat__fragment('mangle-OUTPUT-policy') }
+        it { is_expected.to contain_concat__fragment('mangle-POSTROUTING-policy') }
+        it { is_expected.to contain_concat__fragment('filter-INPUT-policy') }
+        it { is_expected.to contain_concat__fragment('filter-FORWARD-policy') }
+        it { is_expected.to contain_concat__fragment('filter-OUTPUT-policy') }
         if facts[:os]['release']['major'].to_i == 10
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/raw-PREROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/raw-OUTPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/nat-PREROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/nat-INPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/nat-OUTPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/nat-POSTROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/mangle-PREROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/mangle-INPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/mangle-FORWARD.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/mangle-OUTPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/mangle-POSTROUTING.conf') }
           it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/FORWARD.conf') }
           it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/INPUT.conf') }
           it { is_expected.to contain_concat('/etc/ferm/ferm.d/chains/OUTPUT.conf') }
         else
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/raw-PREROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/raw-OUTPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/nat-PREROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/nat-INPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/nat-OUTPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/nat-POSTROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/mangle-PREROUTING.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/mangle-INPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/mangle-FORWARD.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/mangle-OUTPUT.conf') }
+          it { is_expected.to contain_concat('/etc/ferm.d/chains/mangle-POSTROUTING.conf') }
           it { is_expected.to contain_concat('/etc/ferm.d/chains/FORWARD.conf') }
           it { is_expected.to contain_concat('/etc/ferm.d/chains/INPUT.conf') }
           it { is_expected.to contain_concat('/etc/ferm.d/chains/OUTPUT.conf') }
         end
+        it { is_expected.to contain_ferm__chain('raw-PREROUTING') }
+        it { is_expected.to contain_ferm__chain('raw-OUTPUT') }
+        it { is_expected.to contain_ferm__chain('nat-PREROUTING') }
+        it { is_expected.to contain_ferm__chain('nat-INPUT') }
+        it { is_expected.to contain_ferm__chain('nat-OUTPUT') }
+        it { is_expected.to contain_ferm__chain('nat-POSTROUTING') }
+        it { is_expected.to contain_ferm__chain('mangle-PREROUTING') }
+        it { is_expected.to contain_ferm__chain('mangle-INPUT') }
+        it { is_expected.to contain_ferm__chain('mangle-FORWARD') }
+        it { is_expected.to contain_ferm__chain('mangle-OUTPUT') }
+        it { is_expected.to contain_ferm__chain('mangle-POSTROUTING') }
         it { is_expected.to contain_ferm__chain('FORWARD') }
         it { is_expected.to contain_ferm__chain('OUTPUT') }
         it { is_expected.to contain_ferm__chain('INPUT') }
author	Tim Meusel <tim@bastelfreak.de>	2019-09-11 13:29:12 +0200
committer	GitHub <noreply@github.com>	2019-09-11 13:29:12 +0200
commit	6d96e030be0db4a916dd6a9bd0b25570d359e634 (patch)
tree	523f7a96c5b2640dbf2dd45cd89d931e12ceff9d /spec/classes
parent	81748ba786c6a55c4575a400c08de99716da8fbb (diff)
parent	882a45498ddefdfc83ff5b19da723fd0be3acdec (diff)
download	puppet-ferm-6d96e030be0db4a916dd6a9bd0b25570d359e634.tar.gz puppet-ferm-6d96e030be0db4a916dd6a9bd0b25570d359e634.tar.bz2