root / spec / classes / ip_nat_spec.rb @ 8f5d09ec
Historique | Voir | Annoter | Télécharger (3,1 ko)
| 1 | 422b6851 | tr | require 'spec_helper'
|
|---|---|---|---|
| 2 | |||
| 3 | describe 'nftables' do |
||
| 4 | let(:pre_condition) { 'Exec{path => "/bin"}' } |
||
| 5 | |||
| 6 | on_supported_os.each do |os, os_facts|
|
||
| 7 | context "on #{os}" do |
||
| 8 | let(:facts) { os_facts }
|
||
| 9 | |||
| 10 | it { is_expected.to compile }
|
||
| 11 | |||
| 12 | it { is_expected.to contain_file('/etc/nftables/puppet/ip-nat.nft').with(
|
||
| 13 | :ensure => 'file', |
||
| 14 | :owner => 'root', |
||
| 15 | :group => 'root', |
||
| 16 | :mode => '0640', |
||
| 17 | )} |
||
| 18 | |||
| 19 | context 'chain prerouting' do |
||
| 20 | it { is_expected.to contain_concat('nftables-ip-nat-chain-PREROUTING').with(
|
||
| 21 | :path => '/etc/nftables/puppet/ip-nat-chain-PREROUTING.nft', |
||
| 22 | :owner => 'root', |
||
| 23 | :group => 'root', |
||
| 24 | :mode => '0640', |
||
| 25 | :ensure_newline => true, |
||
| 26 | )} |
||
| 27 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-header').with(
|
||
| 28 | :target => 'nftables-ip-nat-chain-PREROUTING', |
||
| 29 | :content => /^chain PREROUTING {$/, |
||
| 30 | :order => '00', |
||
| 31 | )} |
||
| 32 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-type').with(
|
||
| 33 | :target => 'nftables-ip-nat-chain-PREROUTING', |
||
| 34 | c8e93806 | tr | :content => /^ type nat hook prerouting priority -100$/, |
| 35 | 422b6851 | tr | :order => '01', |
| 36 | )} |
||
| 37 | 605d5fde | tr | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-policy').with(
|
| 38 | :target => 'nftables-ip-nat-chain-PREROUTING', |
||
| 39 | :content => /^ policy accept$/, |
||
| 40 | :order => '02', |
||
| 41 | )} |
||
| 42 | 422b6851 | tr | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-footer').with(
|
| 43 | :target => 'nftables-ip-nat-chain-PREROUTING', |
||
| 44 | :content => /^}$/, |
||
| 45 | :order => '99', |
||
| 46 | )} |
||
| 47 | end
|
||
| 48 | |||
| 49 | context 'chain output' do |
||
| 50 | it { is_expected.to contain_concat('nftables-ip-nat-chain-POSTROUTING').with(
|
||
| 51 | :path => '/etc/nftables/puppet/ip-nat-chain-POSTROUTING.nft', |
||
| 52 | :owner => 'root', |
||
| 53 | :group => 'root', |
||
| 54 | :mode => '0640', |
||
| 55 | :ensure_newline => true, |
||
| 56 | )} |
||
| 57 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-header').with(
|
||
| 58 | :target => 'nftables-ip-nat-chain-POSTROUTING', |
||
| 59 | :content => /^chain POSTROUTING {$/, |
||
| 60 | :order => '00', |
||
| 61 | )} |
||
| 62 | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-type').with(
|
||
| 63 | :target => 'nftables-ip-nat-chain-POSTROUTING', |
||
| 64 | c8e93806 | tr | :content => /^ type nat hook postrouting priority 100$/, |
| 65 | 422b6851 | tr | :order => '01', |
| 66 | )} |
||
| 67 | 605d5fde | tr | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-policy').with(
|
| 68 | :target => 'nftables-ip-nat-chain-POSTROUTING', |
||
| 69 | :content => /^ policy accept$/, |
||
| 70 | :order => '02', |
||
| 71 | )} |
||
| 72 | 422b6851 | tr | it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-footer').with(
|
| 73 | :target => 'nftables-ip-nat-chain-POSTROUTING', |
||
| 74 | :content => /^}$/, |
||
| 75 | :order => '99', |
||
| 76 | )} |
||
| 77 | end
|
||
| 78 | end
|
||
| 79 | end
|
||
| 80 | end |