Révision 8c00b818
Pull up rule regexp to type aliases
| REFERENCE.md | ||
|---|---|---|
| 74 | 74 |
* [`Nftables::Addr::Set`](#nftablesaddrset): Represents a set expression to be used within a rule. |
| 75 | 75 |
* [`Nftables::Port`](#nftablesport): Represents a port expression to be used within a rule. |
| 76 | 76 |
* [`Nftables::Port::Range`](#nftablesportrange): Represents a port range expression to be used within a rule. |
| 77 |
* [`Nftables::RuleName`](#nftablesrulename): Represents a rule name to be used in a raw rule created via nftables::rule. |
|
| 78 |
It's a dash separated string. The first component describes the chain to |
|
| 79 |
add the rule to, the second the rule name and the (optional) third a number. |
|
| 80 |
Ex: 'default_in-sshd', 'default_out-my_service-2'. |
|
| 81 |
* [`Nftables::SimpleRuleName`](#nftablessimplerulename): Represents a simple rule name to be used in a rule created via nftables::simplerule |
|
| 77 | 82 |
|
| 78 | 83 |
## Classes |
| 79 | 84 |
|
| ... | ... | |
| 847 | 852 |
|
| 848 | 853 |
##### `rulename` |
| 849 | 854 |
|
| 850 |
Data type: `Pattern[/^[a-zA-Z0-9_]+-[a-zA-Z0-9_]+(-\d+)?$/]`
|
|
| 855 |
Data type: `Nftables::RuleName`
|
|
| 851 | 856 |
|
| 852 | 857 |
|
| 853 | 858 |
|
| ... | ... | |
| 1286 | 1291 |
|
| 1287 | 1292 |
##### `rulename` |
| 1288 | 1293 |
|
| 1289 |
Data type: `Pattern[/^[a-zA-Z0-9_]+(-\d+)?$/]`
|
|
| 1294 |
Data type: `Nftables::SimpleRuleName`
|
|
| 1290 | 1295 |
|
| 1291 | 1296 |
The symbolic name for the rule to add. Defaults to the resource's title. |
| 1292 | 1297 |
|
| ... | ... | |
| 1415 | 1420 |
|
| 1416 | 1421 |
Alias of `Pattern[/^\d+-\d+$/]` |
| 1417 | 1422 |
|
| 1423 |
### `Nftables::RuleName` |
|
| 1424 |
|
|
| 1425 |
Represents a rule name to be used in a raw rule created via nftables::rule. |
|
| 1426 |
It's a dash separated string. The first component describes the chain to |
|
| 1427 |
add the rule to, the second the rule name and the (optional) third a number. |
|
| 1428 |
Ex: 'default_in-sshd', 'default_out-my_service-2'. |
|
| 1429 |
|
|
| 1430 |
Alias of `Pattern[/^[a-zA-Z0-9_]+-[a-zA-Z0-9_]+(-\d+)?$/]` |
|
| 1431 |
|
|
| 1432 |
### `Nftables::SimpleRuleName` |
|
| 1433 |
|
|
| 1434 |
Represents a simple rule name to be used in a rule created via nftables::simplerule |
|
| 1435 |
|
|
| 1436 |
Alias of `Pattern[/^[a-zA-Z0-9_]+(-\d+)?$/]` |
|
| 1437 |
|
|
| manifests/rule.pp | ||
|---|---|---|
| 3 | 3 |
# CHAIN_NAME-rulename |
| 4 | 4 |
define nftables::rule ( |
| 5 | 5 |
Enum['present','absent'] $ensure = 'present', |
| 6 |
Pattern[/^[a-zA-Z0-9_]+-[a-zA-Z0-9_]+(-\d+)?$/] $rulename = $title,
|
|
| 6 |
Nftables::RuleName $rulename = $title,
|
|
| 7 | 7 |
Pattern[/^\d\d$/] $order = '50', |
| 8 | 8 |
Optional[String] $table = 'inet-filter', |
| 9 | 9 |
Optional[String] $content = undef, |
| manifests/simplerule.pp | ||
|---|---|---|
| 54 | 54 |
# Enable traffic counters for the matched traffic. |
| 55 | 55 |
define nftables::simplerule ( |
| 56 | 56 |
Enum['present','absent'] $ensure = 'present', |
| 57 |
Pattern[/^[a-zA-Z0-9_]+(-\d+)?$/] $rulename = $title,
|
|
| 57 |
Nftables::SimpleRuleName $rulename = $title,
|
|
| 58 | 58 |
Pattern[/^\d\d$/] $order = '50', |
| 59 | 59 |
String $chain = 'default_in', |
| 60 | 60 |
String $table = 'inet-filter', |
| spec/defines/simplerule_spec.rb | ||
|---|---|---|
| 272 | 272 |
) |
| 273 | 273 |
} |
| 274 | 274 |
end |
| 275 |
|
|
| 276 |
describe 'illegal rule name' do |
|
| 277 |
let(:title) { 'my_wrongrule-name' }
|
|
| 278 |
|
|
| 279 |
it { is_expected.to compile.and_raise_error(%r{Error while evaluating a Resource Statement, Nftables::Simplerule}) }
|
|
| 280 |
end |
|
| 281 | 275 |
end |
| 282 | 276 |
end |
| 283 | 277 |
end |
| spec/type_aliases/nftables_rulename_spec.rb | ||
|---|---|---|
| 1 |
require 'spec_helper' |
|
| 2 |
|
|
| 3 |
describe 'Nftables::RuleName' do |
|
| 4 |
it { is_expected.to allow_value('chain-rule') }
|
|
| 5 |
it { is_expected.to allow_value('Chain_name-Rule_name') }
|
|
| 6 |
it { is_expected.to allow_value('chain5_name0-rule_name-3') }
|
|
| 7 |
it { is_expected.to allow_value('chain_name-rule2_name-33') }
|
|
| 8 |
it { is_expected.to allow_value('chainname-3') }
|
|
| 9 |
it { is_expected.not_to allow_value('-rule_name-') }
|
|
| 10 |
it { is_expected.not_to allow_value('rule_name') }
|
|
| 11 |
it { is_expected.not_to allow_value('chain_name-rule_name-') }
|
|
| 12 |
it { is_expected.not_to allow_value('chain_name-rule_name-3b') }
|
|
| 13 |
it { is_expected.not_to allow_value('chain_name-rule_name-foo') }
|
|
| 14 |
end |
|
| spec/type_aliases/nftables_simplerulename_spec.rb | ||
|---|---|---|
| 1 |
require 'spec_helper' |
|
| 2 |
|
|
| 3 |
describe 'Nftables::SimpleRuleName' do |
|
| 4 |
it { is_expected.to allow_value('rule') }
|
|
| 5 |
it { is_expected.to allow_value('Rule_name') }
|
|
| 6 |
it { is_expected.to allow_value('rule_name-3') }
|
|
| 7 |
it { is_expected.to allow_value('rule_name-33') }
|
|
| 8 |
it { is_expected.to allow_value('3') }
|
|
| 9 |
it { is_expected.not_to allow_value('rule_name-') }
|
|
| 10 |
it { is_expected.not_to allow_value('rule_name-3b') }
|
|
| 11 |
it { is_expected.not_to allow_value('rule_name-foo') }
|
|
| 12 |
end |
|
| types/rulename.pp | ||
|---|---|---|
| 1 |
# @summary |
|
| 2 |
# Represents a rule name to be used in a raw rule created via nftables::rule. |
|
| 3 |
# It's a dash separated string. The first component describes the chain to |
|
| 4 |
# add the rule to, the second the rule name and the (optional) third a number. |
|
| 5 |
# Ex: 'default_in-sshd', 'default_out-my_service-2'. |
|
| 6 |
type Nftables::RuleName = Pattern[/^[a-zA-Z0-9_]+-[a-zA-Z0-9_]+(-\d+)?$/] |
|
| types/simplerulename.pp | ||
|---|---|---|
| 1 |
# @summary |
|
| 2 |
# Represents a simple rule name to be used in a rule created via nftables::simplerule |
|
| 3 |
type Nftables::SimpleRuleName = Pattern[/^[a-zA-Z0-9_]+(-\d+)?$/] |
|
Formats disponibles : Unified diff