From 3d868fb81532d717fd625638781e4663a834260c Mon Sep 17 00:00:00 2001 From: Thore Bödecker Date: Wed, 11 Sep 2019 16:01:32 +0200 Subject: allow using an array for $proto This enables defining ferm::rule with multiple protocols at once, because using 'all' for $proto does not allow using $dport/$sport. --- spec/defines/rule_spec.rb | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'spec/defines/rule_spec.rb') diff --git a/spec/defines/rule_spec.rb b/spec/defines/rule_spec.rb index ef20e17..33ce169 100644 --- a/spec/defines/rule_spec.rb +++ b/spec/defines/rule_spec.rb @@ -114,6 +114,25 @@ describe 'ferm::rule', type: :define do it { is_expected.to contain_concat__fragment('INPUT-eth0-zzz').with_content("}\n") } end + context 'without a specific interface using array for proto' do + let(:title) { 'filter-consul' } + let :params do + { + chain: 'INPUT', + action: 'ACCEPT', + proto: %w[tcp udp], + dport: '(8301 8302)', + saddr: '127.0.0.1' + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('INPUT-filter-consul').with_content("mod comment comment 'filter-consul' proto (tcp udp) dport (8301 8302) saddr @ipfilter((127.0.0.1)) ACCEPT;\n") } + it { is_expected.to contain_concat__fragment('filter-INPUT-config-include') } + it { is_expected.to contain_concat__fragment('filter-FORWARD-config-include') } + it { is_expected.to contain_concat__fragment('filter-OUTPUT-config-include') } + end + context 'with jumping to custom chains' do # create custom chain let(:pre_condition) do -- cgit v1.2.3