root / spec / classes / ip-nat_spec.rb @ 422b6851
Historique | Voir | Annoter | Télécharger (2,62 ko)
| 1 | 422b6851 | tr | require 'spec_helper'
|
|---|---|---|---|
| 2 | |||
| 3 | describe 'nftables' do |
||
| 4 | let(:pre_condition) { 'Exec{path => "/bin"}' } |
||
| 5 | |||
| 6 | on_supported_os.each do |os, os_facts|
|
||
| 7 | context "on #{os}" do |
||
| 8 | let(:facts) { os_facts }
|
||
| 9 | |||
| 10 | it { is_expected.to compile }
|
||
| 11 | |||
| 12 | it { is_expected.to contain_file('/etc/nftables/puppet/ip-nat.nft').with(
|
||
| 13 | :ensure => 'file', |
||
| 14 | :owner => 'root', |
||
| 15 | :group => 'root', |
||
| 16 | :mode => '0640', |
||
| 17 | )} |
||
| 18 | |||
| 19 | context 'chain prerouting' do |
||
| 20 | it { is_expected.to contain_concat('nftables-ip-nat-chain-PREROUTING').with(
|
||
| 21 | :path => '/etc/nftables/puppet/ip-nat-chain-PREROUTING.nft', |
||
| 22 | :owner => 'root', |
||
| 23 | :group => 'root', |
||
| 24 | :mode => '0640', |
||
| 25 | :ensure_newline => true, |
||
| 26 | )} |
||
| 27 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-header').with(
|
||
| 28 | :target => 'nftables-ip-nat-chain-PREROUTING', |
||
| 29 | :content => /^chain PREROUTING {$/, |
||
| 30 | :order => '00', |
||
| 31 | )} |
||
| 32 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-type').with(
|
||
| 33 | :target => 'nftables-ip-nat-chain-PREROUTING', |
||
| 34 | :content => /^ type filter hook prerouting priority -100$/, |
||
| 35 | :order => '01', |
||
| 36 | )} |
||
| 37 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-footer').with(
|
||
| 38 | :target => 'nftables-ip-nat-chain-PREROUTING', |
||
| 39 | :content => /^}$/, |
||
| 40 | :order => '99', |
||
| 41 | )} |
||
| 42 | end
|
||
| 43 | |||
| 44 | context 'chain output' do |
||
| 45 | it { is_expected.to contain_concat('nftables-ip-nat-chain-POSTROUTING').with(
|
||
| 46 | :path => '/etc/nftables/puppet/ip-nat-chain-POSTROUTING.nft', |
||
| 47 | :owner => 'root', |
||
| 48 | :group => 'root', |
||
| 49 | :mode => '0640', |
||
| 50 | :ensure_newline => true, |
||
| 51 | )} |
||
| 52 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-header').with(
|
||
| 53 | :target => 'nftables-ip-nat-chain-POSTROUTING', |
||
| 54 | :content => /^chain POSTROUTING {$/, |
||
| 55 | :order => '00', |
||
| 56 | )} |
||
| 57 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-type').with(
|
||
| 58 | :target => 'nftables-ip-nat-chain-POSTROUTING', |
||
| 59 | :content => /^ type filter hook postrouting priority 100$/, |
||
| 60 | :order => '01', |
||
| 61 | )} |
||
| 62 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-footer').with(
|
||
| 63 | :target => 'nftables-ip-nat-chain-POSTROUTING', |
||
| 64 | :content => /^}$/, |
||
| 65 | :order => '99', |
||
| 66 | )} |
||
| 67 | end
|
||
| 68 | end
|
||
| 69 | end
|
||
| 70 | end |