aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKilian Engelhardt <kilian.engelhardt@godaddy.com>2018-03-16 17:18:06 +0100
committerKilian Engelhardt <kilian.engelhardt@godaddy.com>2018-03-17 19:10:11 +0100
commited76993b194fe13532250432db84690fa0b413ec (patch)
treeb42360aa382cd4ca47ad60901df7844d33c40562
parentb1deffa5ddf26c14bd8ef404237f79e4ed4f94d3 (diff)
downloadpuppet-ferm-ed76993b194fe13532250432db84690fa0b413ec.tar.gz
puppet-ferm-ed76993b194fe13532250432db84690fa0b413ec.tar.bz2
add test to verify chains do not use conntrack
-rw-r--r--spec/defines/chain_spec.rb29
1 files changed, 27 insertions, 2 deletions
diff --git a/spec/defines/chain_spec.rb b/spec/defines/chain_spec.rb
index 110f1d0..7c4e80b 100644
--- a/spec/defines/chain_spec.rb
+++ b/spec/defines/chain_spec.rb
@@ -7,14 +7,39 @@ describe 'ferm::chain', type: :define do
facts
end
let(:title) { 'INPUT' }
- let(:params) { { policy: 'DROP' } }
context 'default params creates INPUT chain' do
+ let :params do
+ {
+ policy: 'DROP',
+ disable_conntrack: false
+ }
+ end
+
it { is_expected.to compile.with_all_deps }
- it { is_expected.to contain_concat__fragment('INPUT-policy') }
+ it do
+ is_expected.to contain_concat__fragment('INPUT-policy'). \
+ with_content(%r{ESTABLISHED RELATED})
+ end
it { is_expected.to contain_concat('/etc/ferm.d/chains/INPUT.conf') }
it { is_expected.to contain_ferm__chain('INPUT') }
end
+
+ context 'without conntrack' do
+ let :params do
+ {
+ policy: 'DROP',
+ disable_conntrack: true
+ }
+ end
+
+ it { is_expected.to compile.with_all_deps }
+ it do
+ is_expected.to contain_concat__fragment('INPUT-policy')
+ is_expected.not_to contain_concat__fragment('INPUT-policy'). \
+ with_content(%r{ESTABLISHED RELATED})
+ end
+ end
end
end
end