Révision 9ae64df9
Add spec tests for a DNAT
| spec/classes/router_spec.rb | ||
|---|---|---|
| 18 | 18 |
'default_fwd-drop': |
| 19 | 19 |
order => '90', |
| 20 | 20 |
content => 'iifname eth0 drop'; |
| 21 |
'default_fwd-in_web': |
|
| 22 |
order => '30', |
|
| 23 |
content => 'iifname eth0 oifname eth1 ip daddr 192.0.2.2 tcp dport { http, https } accept';
|
|
| 24 |
'PREROUTING-in_web': |
|
| 25 |
table => 'ip-nat', |
|
| 26 |
order => '30', |
|
| 27 |
content => 'iifname eth0 tcp dport { http, https } dnat to 192.0.2.2';
|
|
| 21 | 28 |
'POSTROUTING-masquerade': |
| 22 | 29 |
table => 'ip-nat', |
| 23 | 30 |
order => '20', |
| ... | ... | |
| 45 | 52 |
:content => /^ iifname eth1 oifname eth0 accept$/, |
| 46 | 53 |
:order => '20', |
| 47 | 54 |
)} |
| 55 |
it { is_expected.to contain_concat__fragment('nftables-inet-filter-chain-default_fwd-rule-in_web').with(
|
|
| 56 |
:target => 'nftables-inet-filter-chain-default_fwd', |
|
| 57 |
:content => /^ iifname eth0 oifname eth1 ip daddr 192.0.2.2 tcp dport \{ http, https \} accept$/,
|
|
| 58 |
:order => '30', |
|
| 59 |
)} |
|
| 48 | 60 |
it { is_expected.to contain_concat__fragment('nftables-inet-filter-chain-default_fwd-rule-drop').with(
|
| 49 | 61 |
:target => 'nftables-inet-filter-chain-default_fwd', |
| 50 | 62 |
:content => /^ iifname eth0 drop$/, |
| ... | ... | |
| 78 | 90 |
:content => /^ policy accept$/, |
| 79 | 91 |
:order => '02', |
| 80 | 92 |
)} |
| 93 |
it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-in_web').with(
|
|
| 94 |
:target => 'nftables-ip-nat-chain-PREROUTING', |
|
| 95 |
:content => /^ iifname eth0 tcp dport \{ http, https \} dnat to 192.0.2.2$/,
|
|
| 96 |
:order => '30', |
|
| 97 |
)} |
|
| 81 | 98 |
it { is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-footer').with(
|
| 82 | 99 |
:target => 'nftables-ip-nat-chain-PREROUTING', |
| 83 | 100 |
:content => /^}$/, |
Formats disponibles : Unified diff