(#20125) Add archlinux firewall class and unit test

diff --git a/manifests/linux.pp b/manifests/linux.pp
index ffa68d0debee48b0659bb0fff64ded4e3ae2e660..92a054158ca6f403ae435569f5e50e10752b36de 100644 (file)
--- a/manifests/linux.pp
+++ b/manifests/linux.pp
@@ -14,6 +14,11 @@ class firewall::linux {
         require => Package['iptables'],
       }
     }
+    'Archlinux': {
+      class { "${title}::archlinux":
+        require => Package['iptables'],
+      }
+    }
     default: {}
   }
 }

diff --git a/manifests/linux/archlinux.pp b/manifests/linux/archlinux.pp
new file mode 100644 (file)
index 0000000..9c04c2e
--- /dev/null
+++ b/manifests/linux/archlinux.pp
@@ -0,0 +1,21 @@
+class firewall::linux::archlinux {
+  service { 'iptables':
+    ensure => running,
+    enable => true,
+  }
+
+  service { 'ip6tables':
+    ensure => running,
+    enable => true,
+  }
+
+  file { '/etc/iptables/iptables.rules':
+    ensure => present,
+    before => Service['iptables'],
+  }
+
+  file { '/etc/iptables/ip6tables.rules':
+    ensure => present,
+    before => Service['ip6tables'],
+  }
+}

diff --git a/spec/unit/classes/firewall_linux_archlinux_spec.rb b/spec/unit/classes/firewall_linux_archlinux_spec.rb
new file mode 100644 (file)
index 0000000..30c0989
--- /dev/null
+++ b/spec/unit/classes/firewall_linux_archlinux_spec.rb
@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+describe 'firewall::linux::archlinux', :type => :class do
+  it { should contain_service('iptables').with(
+    :ensure   => 'running',
+    :enable   => 'true'
+  )}
+  it { should contain_service('ip6tables').with(
+    :ensure   => 'running',
+    :enable   => 'true'
+  )}
+end