From b1ba4a0ef369008996363c3cca15877cf8eb9fe5 Mon Sep 17 00:00:00 2001 From: Kilian Engelhardt Date: Tue, 6 Aug 2019 11:22:47 +0200 Subject: add test for array support --- spec/defines/rule_spec.rb | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'spec') diff --git a/spec/defines/rule_spec.rb b/spec/defines/rule_spec.rb index bd4ed73..53a11a4 100644 --- a/spec/defines/rule_spec.rb +++ b/spec/defines/rule_spec.rb @@ -40,6 +40,24 @@ describe 'ferm::rule', type: :define do it { is_expected.to contain_concat__fragment('INPUT-eth0-aaa').with_content("interface eth0 {\n") } it { is_expected.to contain_concat__fragment('INPUT-eth0-zzz').with_content("}\n") } end + context 'with a specific interface using array for daddr' do + let(:title) { 'filter-ssh' } + let :params do + { + chain: 'INPUT', + policy: 'ACCEPT', + proto: 'tcp', + dport: '22', + daddr: ['127.0.0.1', '123.123.123.123', ['10.0.0.1', '10.0.0.2']], + interface: 'eth0' + } + end + + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('INPUT-eth0-filter-ssh').with_content(" mod comment comment 'filter-ssh' proto tcp dport 22 daddr @ipfilter(127.0.0.1 123.123.123.123 10.0.0.1 10.0.0.2) ACCEPT;\n") } + it { is_expected.to contain_concat__fragment('INPUT-eth0-aaa').with_content("interface eth0 {\n") } + it { is_expected.to contain_concat__fragment('INPUT-eth0-zzz').with_content("}\n") } + end end end end -- cgit v1.2.3 From 7798de651ac2e155680fca978027d0fc6495831a Mon Sep 17 00:00:00 2001 From: Kilian Engelhardt Date: Thu, 8 Aug 2019 16:44:54 +0200 Subject: add second pair of parenthesis Previously this second pair of parenthesis was part of Hiera values; e.g.: subnet01 = '( ip01/32 ip02/32 )' Now it needs to be added by ferm::rule. --- spec/defines/rule_spec.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'spec') diff --git a/spec/defines/rule_spec.rb b/spec/defines/rule_spec.rb index 53a11a4..3ee5576 100644 --- a/spec/defines/rule_spec.rb +++ b/spec/defines/rule_spec.rb @@ -20,7 +20,7 @@ describe 'ferm::rule', type: :define do end it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('INPUT-filter-ssh').with_content("mod comment comment 'filter-ssh' proto tcp dport 22 saddr @ipfilter(127.0.0.1) ACCEPT;\n") } + it { is_expected.to contain_concat__fragment('INPUT-filter-ssh').with_content("mod comment comment 'filter-ssh' proto tcp dport 22 saddr @ipfilter((127.0.0.1)) ACCEPT;\n") } end context 'with a specific interface' do let(:title) { 'filter-ssh' } @@ -36,7 +36,7 @@ describe 'ferm::rule', type: :define do end it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('INPUT-eth0-filter-ssh').with_content(" mod comment comment 'filter-ssh' proto tcp dport 22 saddr @ipfilter(127.0.0.1) ACCEPT;\n") } + it { is_expected.to contain_concat__fragment('INPUT-eth0-filter-ssh').with_content(" mod comment comment 'filter-ssh' proto tcp dport 22 saddr @ipfilter((127.0.0.1)) ACCEPT;\n") } it { is_expected.to contain_concat__fragment('INPUT-eth0-aaa').with_content("interface eth0 {\n") } it { is_expected.to contain_concat__fragment('INPUT-eth0-zzz').with_content("}\n") } end @@ -54,7 +54,7 @@ describe 'ferm::rule', type: :define do end it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('INPUT-eth0-filter-ssh').with_content(" mod comment comment 'filter-ssh' proto tcp dport 22 daddr @ipfilter(127.0.0.1 123.123.123.123 10.0.0.1 10.0.0.2) ACCEPT;\n") } + it { is_expected.to contain_concat__fragment('INPUT-eth0-filter-ssh').with_content(" mod comment comment 'filter-ssh' proto tcp dport 22 daddr @ipfilter((127.0.0.1 123.123.123.123 10.0.0.1 10.0.0.2)) ACCEPT;\n") } it { is_expected.to contain_concat__fragment('INPUT-eth0-aaa').with_content("interface eth0 {\n") } it { is_expected.to contain_concat__fragment('INPUT-eth0-zzz').with_content("}\n") } end -- cgit v1.2.3