diff options
| author | Tim Meusel <tim@bastelfreak.de> | 2019-07-12 09:47:23 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-12 09:47:23 +0200 |
| commit | d856acb9f857c80c65285ec3e09a4f9f37475d41 (patch) | |
| tree | 29effc4945a9831ce53c18526265c69ee426344b /spec | |
| parent | 92bfbfed2e47ef3ff857623c5c5accda42dbf195 (diff) | |
| parent | 885c4b2ec6774d52cee6107dca61566283e3694f (diff) | |
| download | puppet-ferm-d856acb9f857c80c65285ec3e09a4f9f37475d41.tar.gz puppet-ferm-d856acb9f857c80c65285ec3e09a4f9f37475d41.tar.bz2 | |
Merge pull request #48 from bastelfreak/interface
add support for interface specific rules
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/defines/rule_spec.rb | 42 |
1 files changed, 30 insertions, 12 deletions
diff --git a/spec/defines/rule_spec.rb b/spec/defines/rule_spec.rb index 0926432..bd4ed73 100644 --- a/spec/defines/rule_spec.rb +++ b/spec/defines/rule_spec.rb @@ -6,21 +6,39 @@ describe 'ferm::rule', type: :define do let :facts do facts end - let(:title) { 'filter-ssh' } - let :params do - { - chain: 'INPUT', - policy: 'ACCEPT', - proto: 'tcp', - dport: '22', - saddr: '127.0.0.1' - } + + context 'without a specific interface' do + let(:title) { 'filter-ssh' } + let :params do + { + chain: 'INPUT', + policy: 'ACCEPT', + proto: 'tcp', + dport: '22', + saddr: '127.0.0.1' + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('INPUT-filter-ssh').with_content("mod comment comment 'filter-ssh' proto tcp dport 22 saddr @ipfilter(127.0.0.1) ACCEPT;\n") } end + context 'with a specific interface' do + let(:title) { 'filter-ssh' } + let :params do + { + chain: 'INPUT', + policy: 'ACCEPT', + proto: 'tcp', + dport: '22', + saddr: '127.0.0.1', + interface: 'eth0' + } + end - context 'default params create simple rule' do it { is_expected.to compile.with_all_deps } - # it { is_expected.to contain_concat__fragment('INPUT-filter-ssh').with_content("proto tcp dport ssh saddr @ipfilter(127.0.0.1) ACCEPT;") } - it { is_expected.to contain_concat__fragment('INPUT-filter-ssh') } + it { is_expected.to contain_concat__fragment('INPUT-eth0-filter-ssh').with_content(" mod comment comment 'filter-ssh' proto tcp dport 22 saddr @ipfilter(127.0.0.1) ACCEPT;\n") } + it { is_expected.to contain_concat__fragment('INPUT-eth0-aaa').with_content("interface eth0 {\n") } + it { is_expected.to contain_concat__fragment('INPUT-eth0-zzz').with_content("}\n") } end end end |