Projet

Général

Profil

Paste
Télécharger au format
Statistiques
| Branche: | Révision:

root / spec / classes / rules / icmp_spec.rb @ 7b9d6ffc

Historique | Voir | Annoter | Télécharger (2,72 ko)

1 79e9a23f Nacho Barrientos 
require 'spec_helper'
2 

      

      

        3
        
        
        
        
        
describe 'nftables::rules::icmp' do


      

      

        4
        
        
        
        
        
  on_supported_os.each do |os, os_facts|


      

      

        5
        
        
        
        
        
    context "on #{os}" do


      

      

        6
        
        
        
        
        
      let(:facts) { os_facts }


      

      

        7
        
        
        
        
        

      

      

        8
        
        
        
        
        
      context 'default options' do


      

      

        9
        
        
        
        
        
        it { is_expected.to compile }


      

      

        10
        
        
        
        
        
        it {


      

      

        11
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv4').with(


      

      

        12
        
        
        
        
        
            content: 'ip protocol icmp accept',


      

      

        13
        
        
        
        
        
            order: '10',


      

      

        14
        
        
        
        
        
          )


      

      

        15
        
        
        
        
        
        }


      

      

        16
        
        
        
        
        
        it {


      

      

        17
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv6').with(


      

      

        18
        
        
        
        
        
            content: 'ip6 nexthdr ipv6-icmp accept',


      

      

        19
        
        
        
        
        
            order: '10',


      

      

        20
        
        
        
        
        
          )


      

      

        21
        
        
        
        
        
        }


      

      

        22
        
        
        
        
        
      end


      

      

        23
        
        
        
        
        

      

      

        24
        
        
        
        
        
      context 'with custom ICMP types (v4 only)' do


      

      

        25
        
        
        
        
        
        let(:params) do


      

      

        26
        
        
        
        
        
          {


      

      

        27
        
        
        
        
        
            v4_types: ['echo-request limit rate 4/second', 'echo-reply'],


      

      

        28
        
        
        
        
        
          }


      

      

        29
        
        
        
        
        
        end


      

      

        30
        
        
        
        
        

      

      

        31
        
        
        
        
        
        it { is_expected.to compile }


      

      

        32
        
        
        
        
        
        it {


      

      

        33
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv4_echo_request').with(


      

      

        34
        
        
        
        
        
            content: 'ip protocol icmp icmp type echo-request limit rate 4/second accept',


      

      

        35
        
        
        
        
        
            order: '10',


      

      

        36
        
        
        
        
        
          )


      

      

        37
        
        
        
        
        
        }


      

      

        38
        
        
        
        
        
        it {


      

      

        39
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv4_echo_reply').with(


      

      

        40
        
        
        
        
        
            content: 'ip protocol icmp icmp type echo-reply accept',


      

      

        41
        
        
        
        
        
            order: '10',


      

      

        42
        
        
        
        
        
          )


      

      

        43
        
        
        
        
        
        }


      

      

        44
        
        
        
        
        
        it {


      

      

        45
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv6').with(


      

      

        46
        
        
        
        
        
            content: 'ip6 nexthdr ipv6-icmp accept',


      

      

        47
        
        
        
        
        
            order: '10',


      

      

        48
        
        
        
        
        
          )


      

      

        49
        
        
        
        
        
        }


      

      

        50
        
        
        
        
        
      end


      

      

        51
        
        
        
        
        

      

      

        52
        
        
        
        
        
      context 'with custom ICMP types (both v4 and v6)' do


      

      

        53
        
        
        
        
        
        let(:params) do


      

      

        54
        
        
        
        
        
          {


      

      

        55
        
        
        
        
        
            v4_types: ['echo-request limit rate 4/second', 'echo-reply'],


      

      

        56
        
        
        
        
        
            v6_types: ['echo-reply', 'nd-router-advert'],


      

      

        57
        
        
        
        
        
          }


      

      

        58
        
        
        
        
        
        end


      

      

        59
        
        
        
        
        

      

      

        60
        
        
        
        
        
        it { is_expected.to compile }


      

      

        61
        
        
        
        
        
        it {


      

      

        62
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv4_echo_request').with(


      

      

        63
        
        
        
        
        
            content: 'ip protocol icmp icmp type echo-request limit rate 4/second accept',


      

      

        64
        
        
        
        
        
            order: '10',


      

      

        65
        
        
        
        
        
          )


      

      

        66
        
        
        
        
        
        }


      

      

        67
        
        
        
        
        
        it {


      

      

        68
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv4_echo_reply').with(


      

      

        69
        
        
        
        
        
            content: 'ip protocol icmp icmp type echo-reply accept',


      

      

        70
        
        
        
        
        
            order: '10',


      

      

        71
        
        
        
        
        
          )


      

      

        72
        
        
        
        
        
        }


      

      

        73
        
        
        
        
        
        it {


      

      

        74
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv6_echo_reply').with(


      

      

        75
        
        
        
        
        
            content: 'ip6 nexthdr ipv6-icmp icmpv6 type echo-reply accept',


      

      

        76
        
        
        
        
        
            order: '10',


      

      

        77
        
        
        
        
        
          )


      

      

        78
        
        
        
        
        
        }


      

      

        79
        
        
        
        
        
        it {


      

      

        80
        
        
        
        
        
          is_expected.to contain_nftables__rule('default_in-accept_icmpv6_nd_router_advert').with(


      

      

        81
        
        
        
        
        
            content: 'ip6 nexthdr ipv6-icmp icmpv6 type nd-router-advert accept',


      

      

        82
        
        
        
        
        
            order: '10',


      

      

        83
        
        
        
        
        
          )


      

      

        84
        
        
        
        
        
        }


      

      

        85
        
        
        
        
        
      end


      

      

        86
        
        
        
        
        
    end


      

      

        87
        
        
        
        
        
  end


      

      

        88
        
        
        
        
        
end