Révision b3a7a6dd
Allow to inject custom rules
| spec/classes/nftables_spec.rb | ||
|---|---|---|
| 68 | 68 |
it { is_expected.to contain_nftables__rule('default_out-all').with_content('accept') }
|
| 69 | 69 |
it { is_expected.to contain_nftables__rule('default_out-all').with_order('90') }
|
| 70 | 70 |
end |
| 71 |
|
|
| 72 |
context 'with custom rules' do |
|
| 73 |
let(:params) do |
|
| 74 |
{
|
|
| 75 |
rules: {
|
|
| 76 |
'INPUT-web_accept' => {
|
|
| 77 |
order: '50', |
|
| 78 |
content: 'iifname eth0 tcp dport { 80, 443 } accept',
|
|
| 79 |
}, |
|
| 80 |
}, |
|
| 81 |
} |
|
| 82 |
end |
|
| 83 |
|
|
| 84 |
it {
|
|
| 85 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-INPUT-rule-web_accept').with(
|
|
| 86 |
target: 'nftables-inet-filter-chain-INPUT', |
|
| 87 |
content: %r{^ iifname eth0 tcp dport \{ 80, 443 \} accept$},
|
|
| 88 |
order: '50', |
|
| 89 |
) |
|
| 90 |
} |
|
| 91 |
end |
|
| 71 | 92 |
end |
| 72 | 93 |
end |
| 73 | 94 |
end |
Formats disponibles : Unified diff