Projet

Général

Profil

Révision 67cdcf15

ID67cdcf154986c82122098b9803b4db4d923e1926
Parent b5633532
Enfant 41c988a4

Ajouté par Steve Traylen il y a plus d'un an

Support input interface specification to dns server

Useful when you want to allow docker/podman containers
access to a hosts dns stub resolver.

```puppet
class{'nftables::rules::dns':
iifname => ['docker0'],
}
```

Voir les différences:

spec/classes/rules/dns_spec.rb
24 24 
        it { is_expected.to contain_nftables__rule('default_in-dns_tcp').with_content('tcp dport {55, 60} accept') }
25 25 
        it { is_expected.to contain_nftables__rule('default_in-dns_udp').with_content('udp dport {55, 60} accept') }
26 26 
      end
27 

  		




  
  28
  
    
      context 'with input interfaces set' do


  		




  
  29
  
    
        let(:params) do


  		




  
  30
  
    
          {


  		




  
  31
  
    
            iifname: %w[docker0 eth0],


  		




  
  32
  
    
          }


  		




  
  33
  
    
        end


  		




  
  34
  
    

  		




  
  35
  
    
        it { is_expected.to compile }


  		




  
  36
  
    
        it { is_expected.to contain_nftables__rule('default_in-dns_tcp').with_content('iifname {docker0, eth0} tcp dport {53} accept') }


  		




  
  37
  
    
        it { is_expected.to contain_nftables__rule('default_in-dns_udp').with_content('iifname {docker0, eth0} udp dport {53} accept') }


  		




  
  38
  
    
      end


  		




  27
  39
  
    
    end


  		




  28
  40
  
    
  end


  		




  29
  41
  
    
end


  		












Formats disponibles :  Unified diff