/spec/classes/snat4_spec.rb - Annoter - puppet nftables - Koumbit's Redmine

Télécharger au format

root / spec / classes / snat4_spec.rb @ 9e42547b

Historique | Voir | Annoter | Télécharger (3,88 ko)

1	c82b960a	Steve Traylen	# frozen_string_literal: true
2
3	3d29a6eb	tr	require 'spec_helper'
4
5			describe 'nftables' do
6			let(:pre_condition) { 'Exec{path => "/bin"}' }
7
8			on_supported_os.each do \|os, os_facts\|
9			context "on #{os}" do
10			let(:facts) { os_facts }
11
12			context 'with snat4' do
13			let(:pre_condition) do
14	01d8a819	tr	'
15	3d29a6eb	tr	nftables::rules::snat4{
16	01d8a819	tr	\'static\':
17			order => \'60\',
18			snat => \'198.51.100.1\',
19			oif => \'eth0\';
20			\'1_1\':
21			order => \'61\',
22			saddr => \'192.0.2.2\',
23			snat => \'198.51.100.3\',
24			oif => \'eth0\';
25			\'1_1_smtp\':
26			saddr => \'192.0.2.2\',
27			snat => \'198.51.100.2\',
28			dport => \'25\';
29			\'1_1_wireguard\':
30			saddr => \'192.0.2.2\',
31			snat => \'198.51.100.2\',
32			proto => \'udp\',
33			dport => \'51820\';
34	3d29a6eb	tr	}
35	01d8a819	tr	'
36	3d29a6eb	tr	end
37
38			it { is_expected.to compile }
39
40	01d8a819	tr	it {
41	c82b960a	Steve Traylen	expect(subject).to contain_concat('nftables-ip-nat-chain-POSTROUTING').with(
42			path: '/etc/nftables/puppet-preflight/ip-nat-chain-POSTROUTING.nft',
43			owner: 'root',
44			group: 'root',
45			mode: '0640',
46	fa92e118	Romain Tartière	ensure_newline: true
47	01d8a819	tr	)
48			}
49	c82b960a	Steve Traylen
50	01d8a819	tr	it {
51	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-header').with(
52			target: 'nftables-ip-nat-chain-POSTROUTING',
53	01d8a819	tr	content: %r{^chain POSTROUTING \{$},
54	c82b960a	Steve Traylen	order: '00'
55	01d8a819	tr	)
56			}
57	c82b960a	Steve Traylen
58	01d8a819	tr	it {
59	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-type').with(
60			target: 'nftables-ip-nat-chain-POSTROUTING',
61	01d8a819	tr	content: %r{^ type nat hook postrouting priority 100$},
62	c82b960a	Steve Traylen	order: '01-nftables-ip-nat-chain-POSTROUTING-rule-type-b'
63	01d8a819	tr	)
64			}
65	c82b960a	Steve Traylen
66	01d8a819	tr	it {
67	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-policy').with(
68			target: 'nftables-ip-nat-chain-POSTROUTING',
69	01d8a819	tr	content: %r{^ policy accept$},
70	c82b960a	Steve Traylen	order: '02-nftables-ip-nat-chain-POSTROUTING-rule-policy-b'
71	01d8a819	tr	)
72			}
73	c82b960a	Steve Traylen
74	01d8a819	tr	it {
75	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-static').with(
76			target: 'nftables-ip-nat-chain-POSTROUTING',
77	01d8a819	tr	content: %r{^ oifname eth0 snat 198\.51\.100\.1$},
78	c82b960a	Steve Traylen	order: '60-nftables-ip-nat-chain-POSTROUTING-rule-static-b'
79	01d8a819	tr	)
80			}
81	c82b960a	Steve Traylen
82	01d8a819	tr	it {
83	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-1_1').with(
84			target: 'nftables-ip-nat-chain-POSTROUTING',
85	01d8a819	tr	content: %r{^ oifname eth0 ip saddr 192\.0\.2\.2 snat 198\.51\.100\.3$},
86	c82b960a	Steve Traylen	order: '61-nftables-ip-nat-chain-POSTROUTING-rule-1_1-b'
87	01d8a819	tr	)
88			}
89	c82b960a	Steve Traylen
90	01d8a819	tr	it {
91	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-1_1_smtp').with(
92			target: 'nftables-ip-nat-chain-POSTROUTING',
93	01d8a819	tr	content: %r{^ ip saddr 192\.0\.2\.2 tcp dport 25 snat 198\.51\.100\.2$},
94	c82b960a	Steve Traylen	order: '70-nftables-ip-nat-chain-POSTROUTING-rule-1_1_smtp-b'
95	01d8a819	tr	)
96			}
97	c82b960a	Steve Traylen
98	01d8a819	tr	it {
99	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-rule-1_1_wireguard').with(
100			target: 'nftables-ip-nat-chain-POSTROUTING',
101	01d8a819	tr	content: %r{^ ip saddr 192\.0\.2\.2 udp dport 51820 snat 198\.51\.100\.2$},
102	c82b960a	Steve Traylen	order: '70-nftables-ip-nat-chain-POSTROUTING-rule-1_1_wireguard-b'
103	01d8a819	tr	)
104			}
105	c82b960a	Steve Traylen
106	01d8a819	tr	it {
107	c82b960a	Steve Traylen	expect(subject).to contain_concat__fragment('nftables-ip-nat-chain-POSTROUTING-footer').with(
108			target: 'nftables-ip-nat-chain-POSTROUTING',
109	01d8a819	tr	content: %r{^\}$},
110	c82b960a	Steve Traylen	order: '99'
111	01d8a819	tr	)
112			}
113	3d29a6eb	tr	end
114			end
115			end
116			end

Projet

Général

Profil

puppet nftables

root / spec / classes / snat4_spec.rb @ 9e42547b