root / spec / classes / rules / ftp_spec.rb @ 0f34454b
Historique | Voir | Annoter | Télécharger (1,31 ko)
| 1 | baad986e | Vadym Chepkov | # frozen_string_literal: true
|
|---|---|---|---|
| 2 | |||
| 3 | require 'spec_helper'
|
||
| 4 | |||
| 5 | describe 'nftables::rules::ftp' do |
||
| 6 | on_supported_os.each do |os, os_facts|
|
||
| 7 | context "on #{os}" do |
||
| 8 | let(:facts) { os_facts }
|
||
| 9 | # Required for nftables::helper (default_config_mode)
|
||
| 10 | let(:pre_condition) { 'include nftables' } |
||
| 11 | |||
| 12 | context 'default options' do |
||
| 13 | it { is_expected.to contain_nftables__helper('ftp-standard') }
|
||
| 14 | it { is_expected.to contain_nftables__chain('PRE') }
|
||
| 15 | it { is_expected.to contain_nftables__rule('PRE-type') }
|
||
| 16 | it { is_expected.to contain_nftables__rule('PRE-policy') }
|
||
| 17 | it { is_expected.to contain_nftables__rule('PRE-helper') }
|
||
| 18 | it { is_expected.to contain_nftables__rule('default_in-ftp') }
|
||
| 19 | it { is_expected.to contain_nftables__rule('INPUT-ftp').with_content('ct helper "ftp" tcp dport 10090-10100 accept') }
|
||
| 20 | end
|
||
| 21 | |||
| 22 | context 'with passive_ports set' do |
||
| 23 | let(:params) { { passive_ports: '12345-23456' } } |
||
| 24 | |||
| 25 | it { is_expected.to contain_nftables__rule('INPUT-ftp').with_content('ct helper "ftp" tcp dport 12345-23456 accept') }
|
||
| 26 | end
|
||
| 27 | |||
| 28 | context 'with passive mode disabled' do |
||
| 29 | let(:params) { { enable_passive: false } } |
||
| 30 | |||
| 31 | it { is_expected.to contain_nftables__rule('INPUT-ftp').with_content('ct helper "ftp" accept') }
|
||
| 32 | end
|
||
| 33 | end
|
||
| 34 | end
|
||
| 35 | end |