Révision fa92e118
Pet rubocop
| spec/classes/dnat4_spec.rb | ||
|---|---|---|
| 56 | 56 |
owner: 'root', |
| 57 | 57 |
group: 'root', |
| 58 | 58 |
mode: '0640', |
| 59 |
ensure_newline: true,
|
|
| 59 |
ensure_newline: true |
|
| 60 | 60 |
) |
| 61 | 61 |
} |
| 62 | 62 |
it {
|
| 63 | 63 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-default_fwd-header').with(
|
| 64 | 64 |
target: 'nftables-inet-filter-chain-default_fwd', |
| 65 | 65 |
content: %r{^chain default_fwd \{$},
|
| 66 |
order: '00',
|
|
| 66 |
order: '00' |
|
| 67 | 67 |
) |
| 68 | 68 |
} |
| 69 | 69 |
it {
|
| 70 | 70 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-default_fwd-rule-jump_ingoing').with(
|
| 71 | 71 |
target: 'nftables-inet-filter-chain-default_fwd', |
| 72 | 72 |
content: %r{^ iifname eth0 oifname eth1 jump ingoing$},
|
| 73 |
order: '20-nftables-inet-filter-chain-default_fwd-rule-jump_ingoing-b',
|
|
| 73 |
order: '20-nftables-inet-filter-chain-default_fwd-rule-jump_ingoing-b' |
|
| 74 | 74 |
) |
| 75 | 75 |
} |
| 76 | 76 |
it {
|
| 77 | 77 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-default_fwd-footer').with(
|
| 78 | 78 |
target: 'nftables-inet-filter-chain-default_fwd', |
| 79 | 79 |
content: %r{^\}$},
|
| 80 |
order: '99',
|
|
| 80 |
order: '99' |
|
| 81 | 81 |
) |
| 82 | 82 |
} |
| 83 | 83 |
|
| ... | ... | |
| 85 | 85 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-ingoing-header').with(
|
| 86 | 86 |
target: 'nftables-inet-filter-chain-ingoing', |
| 87 | 87 |
content: %r{^chain ingoing \{$},
|
| 88 |
order: '00',
|
|
| 88 |
order: '00' |
|
| 89 | 89 |
) |
| 90 | 90 |
} |
| 91 | 91 |
it {
|
| 92 | 92 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-ingoing-rule-http').with(
|
| 93 | 93 |
target: 'nftables-inet-filter-chain-ingoing', |
| 94 | 94 |
content: %r{^ ip daddr 192.0.2.2 tcp dport http accept$},
|
| 95 |
order: '10-nftables-inet-filter-chain-ingoing-rule-http-b',
|
|
| 95 |
order: '10-nftables-inet-filter-chain-ingoing-rule-http-b' |
|
| 96 | 96 |
) |
| 97 | 97 |
} |
| 98 | 98 |
it {
|
| 99 | 99 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-ingoing-rule-https').with(
|
| 100 | 100 |
target: 'nftables-inet-filter-chain-ingoing', |
| 101 | 101 |
content: %r{^ ip daddr 192.0.2.2 tcp dport https accept$},
|
| 102 |
order: '10-nftables-inet-filter-chain-ingoing-rule-https-b',
|
|
| 102 |
order: '10-nftables-inet-filter-chain-ingoing-rule-https-b' |
|
| 103 | 103 |
) |
| 104 | 104 |
} |
| 105 | 105 |
it {
|
| 106 | 106 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-ingoing-rule-http_alt').with(
|
| 107 | 107 |
target: 'nftables-inet-filter-chain-ingoing', |
| 108 | 108 |
content: %r{^ iifname eth0 ip daddr 192.0.2.2 tcp dport 8000 accept$},
|
| 109 |
order: '10-nftables-inet-filter-chain-ingoing-rule-http_alt-b',
|
|
| 109 |
order: '10-nftables-inet-filter-chain-ingoing-rule-http_alt-b' |
|
| 110 | 110 |
) |
| 111 | 111 |
} |
| 112 | 112 |
it {
|
| 113 | 113 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-ingoing-rule-wireguard').with(
|
| 114 | 114 |
target: 'nftables-inet-filter-chain-ingoing', |
| 115 | 115 |
content: %r{^ iifname eth0 ip daddr 192.0.2.3 udp dport 51820 accept$},
|
| 116 |
order: '10-nftables-inet-filter-chain-ingoing-rule-wireguard-b',
|
|
| 116 |
order: '10-nftables-inet-filter-chain-ingoing-rule-wireguard-b' |
|
| 117 | 117 |
) |
| 118 | 118 |
} |
| 119 | 119 |
it {
|
| 120 | 120 |
is_expected.to contain_concat__fragment('nftables-inet-filter-chain-ingoing-footer').with(
|
| 121 | 121 |
target: 'nftables-inet-filter-chain-ingoing', |
| 122 | 122 |
content: %r{^\}$},
|
| 123 |
order: '99',
|
|
| 123 |
order: '99' |
|
| 124 | 124 |
) |
| 125 | 125 |
} |
| 126 | 126 |
|
| ... | ... | |
| 130 | 130 |
owner: 'root', |
| 131 | 131 |
group: 'root', |
| 132 | 132 |
mode: '0640', |
| 133 |
ensure_newline: true,
|
|
| 133 |
ensure_newline: true |
|
| 134 | 134 |
) |
| 135 | 135 |
} |
| 136 | 136 |
it {
|
| 137 | 137 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-header').with(
|
| 138 | 138 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 139 | 139 |
content: %r{^chain PREROUTING \{$},
|
| 140 |
order: '00',
|
|
| 140 |
order: '00' |
|
| 141 | 141 |
) |
| 142 | 142 |
} |
| 143 | 143 |
it {
|
| 144 | 144 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-type').with(
|
| 145 | 145 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 146 | 146 |
content: %r{^ type nat hook prerouting priority -100$},
|
| 147 |
order: '01-nftables-ip-nat-chain-PREROUTING-rule-type-b',
|
|
| 147 |
order: '01-nftables-ip-nat-chain-PREROUTING-rule-type-b' |
|
| 148 | 148 |
) |
| 149 | 149 |
} |
| 150 | 150 |
it {
|
| 151 | 151 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-policy').with(
|
| 152 | 152 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 153 | 153 |
content: %r{^ policy accept$},
|
| 154 |
order: '02-nftables-ip-nat-chain-PREROUTING-rule-policy-b',
|
|
| 154 |
order: '02-nftables-ip-nat-chain-PREROUTING-rule-policy-b' |
|
| 155 | 155 |
) |
| 156 | 156 |
} |
| 157 | 157 |
it {
|
| 158 | 158 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-http').with(
|
| 159 | 159 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 160 | 160 |
content: %r{^ tcp dport http dnat to 192.0.2.2$},
|
| 161 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-http-b',
|
|
| 161 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-http-b' |
|
| 162 | 162 |
) |
| 163 | 163 |
} |
| 164 | 164 |
it {
|
| 165 | 165 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-https').with(
|
| 166 | 166 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 167 | 167 |
content: %r{^ tcp dport https dnat to 192.0.2.2$},
|
| 168 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-https-b',
|
|
| 168 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-https-b' |
|
| 169 | 169 |
) |
| 170 | 170 |
} |
| 171 | 171 |
it {
|
| 172 | 172 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-http_alt').with(
|
| 173 | 173 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 174 | 174 |
content: %r{^ iifname eth0 tcp dport 8080 dnat to 192.0.2.2:8000$},
|
| 175 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-http_alt-b',
|
|
| 175 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-http_alt-b' |
|
| 176 | 176 |
) |
| 177 | 177 |
} |
| 178 | 178 |
it {
|
| 179 | 179 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-rule-wireguard').with(
|
| 180 | 180 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 181 | 181 |
content: %r{^ iifname eth0 udp dport 51820 dnat to 192.0.2.3$},
|
| 182 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-wireguard-b',
|
|
| 182 |
order: '10-nftables-ip-nat-chain-PREROUTING-rule-wireguard-b' |
|
| 183 | 183 |
) |
| 184 | 184 |
} |
| 185 | 185 |
it {
|
| 186 | 186 |
is_expected.to contain_concat__fragment('nftables-ip-nat-chain-PREROUTING-footer').with(
|
| 187 | 187 |
target: 'nftables-ip-nat-chain-PREROUTING', |
| 188 | 188 |
content: %r{^\}$},
|
| 189 |
order: '99',
|
|
| 189 |
order: '99' |
|
| 190 | 190 |
) |
| 191 | 191 |
} |
| 192 | 192 |
end |
Formats disponibles : Unified diff