add test to verify chains do not use conntrack

1 files changed, 27 insertions, 2 deletions

diff --git a/spec/defines/chain_spec.rb b/spec/defines/chain_spec.rb
index 110f1d0..7c4e80b 100644
--- a/spec/defines/chain_spec.rb
+++ b/spec/defines/chain_spec.rb
@@ -7,14 +7,39 @@ describe 'ferm::chain', type: :define do
         facts
       end
       let(:title) { 'INPUT' }
-      let(:params) { { policy: 'DROP' } }
 
       context 'default params creates INPUT chain' do
+        let :params do
+          {
+            policy: 'DROP',
+            disable_conntrack: false
+          }
+        end
+
         it { is_expected.to compile.with_all_deps }
-        it { is_expected.to contain_concat__fragment('INPUT-policy') }
+        it do
+          is_expected.to contain_concat__fragment('INPUT-policy'). \
+            with_content(%r{ESTABLISHED RELATED})
+        end
         it { is_expected.to contain_concat('/etc/ferm.d/chains/INPUT.conf') }
         it { is_expected.to contain_ferm__chain('INPUT') }
       end
+
+      context 'without conntrack' do
+        let :params do
+          {
+            policy: 'DROP',
+            disable_conntrack: true
+          }
+        end
+
+        it { is_expected.to compile.with_all_deps }
+        it do
+          is_expected.to contain_concat__fragment('INPUT-policy')
+          is_expected.not_to contain_concat__fragment('INPUT-policy'). \
+            with_content(%r{ESTABLISHED RELATED})
+        end
+      end
     end
   end
 end