root / spec / classes / rules / ftp_spec.rb @ 53aa1fa8
Historique | Voir | Annoter | Télécharger (1,31 ko)
| 1 |
# frozen_string_literal: true
|
|---|---|
| 2 |
|
| 3 |
require 'spec_helper'
|
| 4 |
|
| 5 |
describe 'nftables::rules::ftp' do |
| 6 |
on_supported_os.each do |os, os_facts|
|
| 7 |
context "on #{os}" do |
| 8 |
let(:facts) { os_facts }
|
| 9 |
# Required for nftables::helper (default_config_mode)
|
| 10 |
let(:pre_condition) { 'include nftables' } |
| 11 |
|
| 12 |
context 'default options' do |
| 13 |
it { is_expected.to contain_nftables__helper('ftp-standard') }
|
| 14 |
it { is_expected.to contain_nftables__chain('PRE') }
|
| 15 |
it { is_expected.to contain_nftables__rule('PRE-type') }
|
| 16 |
it { is_expected.to contain_nftables__rule('PRE-policy') }
|
| 17 |
it { is_expected.to contain_nftables__rule('PRE-helper') }
|
| 18 |
it { is_expected.to contain_nftables__rule('default_in-ftp') }
|
| 19 |
it { is_expected.to contain_nftables__rule('INPUT-ftp').with_content('ct helper "ftp" tcp dport 10090-10100 accept') }
|
| 20 |
end
|
| 21 |
|
| 22 |
context 'with passive_ports set' do |
| 23 |
let(:params) { { passive_ports: '12345-23456' } } |
| 24 |
|
| 25 |
it { is_expected.to contain_nftables__rule('INPUT-ftp').with_content('ct helper "ftp" tcp dport 12345-23456 accept') }
|
| 26 |
end
|
| 27 |
|
| 28 |
context 'with passive mode disabled' do |
| 29 |
let(:params) { { enable_passive: false } } |
| 30 |
|
| 31 |
it { is_expected.to contain_nftables__rule('INPUT-ftp').with_content('ct helper "ftp" accept') }
|
| 32 |
end
|
| 33 |
end
|
| 34 |
end
|
| 35 |
end
|