Projet

Général

Profil

Révision aaa37172

IDaaa3717227e47c22195f2cf7e95d96bc01179cd8
Parent d38aab5b
Enfant d43ced4d

Ajouté par Nacho Barrientos il y a plus de 4 ans

Implement nftables:;simplerule::daddr

Voir les différences:

spec/defines/simplerule_spec.rb
38 38 
            dport: 333,
39 39 
            proto: 'udp',
40 40 
            chain: 'default_out',
41 
            daddr: '2001:1458::/32',
41 42 
          }
42 43 
        end
43 44 

  		




  44
  45
  
    
        it { is_expected.to compile }


  		




  45
  46
  
    
        it {


  		




  46
  47
  
    
          is_expected.to contain_nftables__rule('default_out-my_big_rule').with(


  		




  47
  
  
    
            content: 'udp dport 333 comment "this is my rule" accept',


  		




  
  48
  
    
            content: 'udp dport 333 ip6 daddr 2001:1458::/32 accept comment "this is my rule"',


  		




  48
  49
  
    
            order: '50',


  		




  49
  50
  
    
          )


  		




  50
  51
  
    
        }


  		




  ......




  113
  114
  
    
          )


  		




  114
  115
  
    
        }


  		




  115
  116
  
    
      end


  		




  
  117
  
    

  		




  
  118
  
    
      describe 'with an IPv4 CIDR as daddr' do


  		




  
  119
  
    
        let(:params) do


  		




  
  120
  
    
          {


  		




  
  121
  
    
            daddr: '192.168.0.1/24',


  		




  
  122
  
    
            dport: 33,


  		




  
  123
  
    
            proto: 'tcp',


  		




  
  124
  
    
          }


  		




  
  125
  
    
        end


  		




  
  126
  
    

  		




  
  127
  
    
        it { is_expected.to compile }


  		




  
  128
  
    
        it {


  		




  
  129
  
    
          is_expected.to contain_nftables__rule('default_in-my_default_rule_name').with(


  		




  
  130
  
    
            content: 'tcp dport 33 ip daddr 192.168.0.1/24 accept',


  		




  
  131
  
    
          )


  		




  
  132
  
    
        }


  		




  
  133
  
    
      end


  		




  
  134
  
    

  		




  
  135
  
    
      describe 'with an IPv6 address as daddr' do


  		




  
  136
  
    
        let(:params) do


  		




  
  137
  
    
          {


  		




  
  138
  
    
            daddr: '2001:1458::1',


  		




  
  139
  
    
          }


  		




  
  140
  
    
        end


  		




  
  141
  
    

  		




  
  142
  
    
        it { is_expected.to compile }


  		




  
  143
  
    
        it {


  		




  
  144
  
    
          is_expected.to contain_nftables__rule('default_in-my_default_rule_name').with(


  		




  
  145
  
    
            content: 'ip6 daddr 2001:1458::1 accept',


  		




  
  146
  
    
          )


  		




  
  147
  
    
        }


  		




  
  148
  
    
      end


  		




  
  149
  
    

  		




  
  150
  
    
      describe 'with an IPv6 set as daddr, default set_type' do


  		




  
  151
  
    
        let(:params) do


  		




  
  152
  
    
          {


  		




  
  153
  
    
            daddr: '@my6_set',


  		




  
  154
  
    
          }


  		




  
  155
  
    
        end


  		




  
  156
  
    

  		




  
  157
  
    
        it { is_expected.to compile }


  		




  
  158
  
    
        it {


  		




  
  159
  
    
          is_expected.to contain_nftables__rule('default_in-my_default_rule_name').with(


  		




  
  160
  
    
            content: 'ip6 daddr @my6_set accept',


  		




  
  161
  
    
          )


  		




  
  162
  
    
        }


  		




  
  163
  
    
      end


  		




  
  164
  
    

  		




  
  165
  
    
      describe 'with a IPv4 set as daddr' do


  		




  
  166
  
    
        let(:params) do


  		




  
  167
  
    
          {


  		




  
  168
  
    
            daddr: '@my4_set',


  		




  
  169
  
    
            set_type: 'ip',


  		




  
  170
  
    
          }


  		




  
  171
  
    
        end


  		




  
  172
  
    

  		




  
  173
  
    
        it { is_expected.to compile }


  		




  
  174
  
    
        it {


  		




  
  175
  
    
          is_expected.to contain_nftables__rule('default_in-my_default_rule_name').with(


  		




  
  176
  
    
            content: 'ip daddr @my4_set accept',


  		




  
  177
  
    
          )


  		




  
  178
  
    
        }


  		




  
  179
  
    
      end


  		




  
  180
  
    

  		




  116
  181
  
    
    end


  		




  117
  182
  
    
  end


  		




  118
  183
  
    
end


  		












Formats disponibles :  Unified diff