end
it 'should have :name be its namevar' do
- @class.key_attributes.should == [:name]
+ expect(@class.key_attributes).to eql [:name]
end
describe ':name' do
it 'should accept a name' do
@resource[:name] = '000-test-foo'
- @resource[:name].should == '000-test-foo'
+ expect(@resource[:name]).to eql '000-test-foo'
end
it 'should not accept a name with non-ASCII chars' do
- lambda { @resource[:name] = '%*#^(#$' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:name] = '%*#^(#$' }).to raise_error(Puppet::Error)
end
end
describe ':action' do
it "should have no default" do
res = @class.new(:name => "000 test")
- res.parameters[:action].should == nil
+ expect(res.parameters[:action]).to eql nil
end
[:accept, :drop, :reject].each do |action|
it "should accept value #{action}" do
@resource[:action] = action
- @resource[:action].should == action
+ expect(@resource[:action]).to eql action
end
end
it 'should fail when value is not recognized' do
- lambda { @resource[:action] = 'not valid' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:action] = 'not valid' }).to raise_error(Puppet::Error)
end
end
[:INPUT, :FORWARD, :OUTPUT, :PREROUTING, :POSTROUTING].each do |chain|
it "should accept chain value #{chain}" do
@resource[:chain] = chain
- @resource[:chain].should == chain
+ expect(@resource[:chain]).to eql chain
end
end
it 'should fail when the chain value is not recognized' do
- lambda { @resource[:chain] = 'not valid' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:chain] = 'not valid' }).to raise_error(Puppet::Error)
end
end
[:nat, :mangle, :filter, :raw].each do |table|
it "should accept table value #{table}" do
@resource[:table] = table
- @resource[:table].should == table
+ expect(@resource[:table]).to eql table
end
end
it "should fail when table value is not recognized" do
- lambda { @resource[:table] = 'not valid' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:table] = 'not valid' }).to raise_error(Puppet::Error)
end
end
[:ip, :tcp, :udp, :icmp, :esp, :ah, :vrrp, :igmp, :ipencap, :ipv4, :ipv6, :ospf, :gre, :pim, :all].each do |proto|
it "should accept proto value #{proto}" do
@resource[:proto] = proto
- @resource[:proto].should == proto
+ expect(@resource[:proto]).to eql proto
end
end
it "should fail when proto value is not recognized" do
- lambda { @resource[:proto] = 'foo' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:proto] = 'foo' }).to raise_error(Puppet::Error)
end
end
describe ':jump' do
it "should have no default" do
res = @class.new(:name => "000 test")
- res.parameters[:jump].should == nil
+ expect(res.parameters[:jump]).to eql nil
end
['QUEUE', 'RETURN', 'DNAT', 'SNAT', 'LOG', 'MASQUERADE', 'REDIRECT', 'MARK'].each do |jump|
it "should accept jump value #{jump}" do
@resource[:jump] = jump
- @resource[:jump].should == jump
+ expect(@resource[:jump]).to eql jump
end
end
['ACCEPT', 'DROP', 'REJECT'].each do |jump|
it "should now fail when value #{jump}" do
- lambda { @resource[:jump] = jump }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:jump] = jump }).to raise_error(Puppet::Error)
end
end
it "should fail when jump value is not recognized" do
- lambda { @resource[:jump] = '%^&*' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:jump] = '%^&*' }).to raise_error(Puppet::Error)
end
end
describe addr do
it "should accept a #{addr} as a string" do
@resource[addr] = '127.0.0.1'
- @resource[addr].should == '127.0.0.1/32'
+ expect(@resource[addr]).to eql '127.0.0.1/32'
end
['0.0.0.0/0', '::/0'].each do |prefix|
it "should be nil for zero prefix length address #{prefix}" do
@resource[addr] = prefix
- @resource[addr].should == nil
+ expect(@resource[addr]).to eql nil
end
end
it "should accept a negated #{addr} as a string" do
@resource[addr] = '! 127.0.0.1'
- @resource[addr].should == '! 127.0.0.1/32'
+ expect(@resource[addr]).to eql '! 127.0.0.1/32'
end
end
end
describe port do
it "should accept a #{port} as string" do
@resource[port] = '22'
- @resource[port].should == ['22']
+ expect(@resource[port]).to eql ['22']
end
it "should accept a #{port} as an array" do
@resource[port] = ['22','23']
- @resource[port].should == ['22','23']
+ expect(@resource[port]).to eql ['22','23']
end
it "should accept a #{port} as a number" do
@resource[port] = 22
- @resource[port].should == ['22']
+ expect(@resource[port]).to eql ['22']
end
it "should accept a #{port} as a hyphen separated range" do
@resource[port] = ['22-1000']
- @resource[port].should == ['22-1000']
+ expect(@resource[port]).to eql ['22-1000']
end
it "should accept a #{port} as a combination of arrays of single and " \
"hyphen separated ranges" do
@resource[port] = ['22-1000','33','3000-4000']
- @resource[port].should == ['22-1000','33','3000-4000']
+ expect(@resource[port]).to eql ['22-1000','33','3000-4000']
end
it "should convert a port name for #{port} to its number" do
@resource[port] = 'ssh'
- @resource[port].should == ['22']
+ expect(@resource[port]).to eql ['22']
end
it "should not accept something invalid for #{port}" do
describe addrtype do
it "should have no default" do
res = @class.new(:name => "000 test")
- res.parameters[addrtype].should == nil
+ expect(res.parameters[addrtype]).to eql nil
end
end
:UNREACHABLE, :PROHIBIT, :THROW, :NAT, :XRESOLVE].each do |type|
it "should accept #{addrtype} value #{type}" do
@resource[addrtype] = type
- @resource[addrtype].should == type
+ expect(@resource[addrtype]).to eql type
end
end
it "should fail when #{addrtype} value is not recognized" do
- lambda { @resource[addrtype] = 'foo' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[addrtype] = 'foo' }).to raise_error(Puppet::Error)
end
end
describe iface do
it "should accept #{iface} value as a string" do
@resource[iface] = 'eth1'
- @resource[iface].should == 'eth1'
+ expect(@resource[iface]).to eql 'eth1'
end
it "should accept a negated #{iface} value as a string" do
@resource[iface] = '! eth1'
- @resource[iface].should == '! eth1'
+ expect(@resource[iface]).to eql '! eth1'
end
it "should accept an interface alias for the #{iface} value as a string" do
@resource[iface] = 'eth1:2'
- @resource[iface].should == 'eth1:2'
+ expect(@resource[iface]).to eql 'eth1:2'
end
end
end
values.each do |k,v|
it {
@resource[:log_level] = k
- @resource[:log_level].should == v
+ expect(@resource[:log_level]).to eql v
}
it {
@resource[:log_level] = 3
- @resource[:log_level].should == 3
+ expect(@resource[:log_level]).to eql 3
}
- it { lambda { @resource[:log_level] = 'foo' }.should raise_error(Puppet::Error) }
+ it { expect(lambda { @resource[:log_level] = 'foo' }).to raise_error(Puppet::Error) }
end
end
values.each do |k,v|
it 'should convert icmp string to number' do
@resource[:provider] = provider
- @resource[:provider].should == provider
+ expect(@resource[:provider]).to eql provider
@resource[:icmp] = v
- @resource[:icmp].should == k
+ expect(@resource[:icmp]).to eql k
end
end
end
it 'should accept values as integers' do
@resource[:icmp] = 9
- @resource[:icmp].should == 9
+ expect(@resource[:icmp]).to eql 9
end
it 'should fail if icmp type is "any"' do
- lambda { @resource[:icmp] = 'any' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:icmp] = 'any' }).to raise_error(Puppet::Error)
end
it 'should fail if icmp type cannot be mapped to a numeric' do
- lambda { @resource[:icmp] = 'foo' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:icmp] = 'foo' }).to raise_error(Puppet::Error)
end
end
describe ':state' do
it 'should accept value as a string' do
@resource[:state] = :INVALID
- @resource[:state].should == [:INVALID]
+ expect(@resource[:state]).to eql [:INVALID]
end
it 'should accept value as an array' do
@resource[:state] = [:INVALID, :NEW]
- @resource[:state].should == [:INVALID, :NEW]
+ expect(@resource[:state]).to eql [:INVALID, :NEW]
end
it 'should sort values alphabetically' do
@resource[:state] = [:NEW, :ESTABLISHED]
- @resource[:state].should == [:ESTABLISHED, :NEW]
+ expect(@resource[:state]).to eql [:ESTABLISHED, :NEW]
end
end
describe ':ctstate' do
it 'should accept value as a string' do
@resource[:ctstate] = :INVALID
- @resource[:ctstate].should == [:INVALID]
+ expect(@resource[:ctstate]).to eql [:INVALID]
end
it 'should accept value as an array' do
@resource[:ctstate] = [:INVALID, :NEW]
- @resource[:ctstate].should == [:INVALID, :NEW]
+ expect(@resource[:ctstate]).to eql [:INVALID, :NEW]
end
it 'should sort values alphabetically' do
@resource[:ctstate] = [:NEW, :ESTABLISHED]
- @resource[:ctstate].should == [:ESTABLISHED, :NEW]
+ expect(@resource[:ctstate]).to eql [:ESTABLISHED, :NEW]
end
end
describe ':burst' do
it 'should accept numeric values' do
@resource[:burst] = 12
- @resource[:burst].should == 12
+ expect(@resource[:burst]).to eql 12
end
it 'should fail if value is not numeric' do
- lambda { @resource[:burst] = 'foo' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:burst] = 'foo' }).to raise_error(Puppet::Error)
end
end
['set', 'update', 'rcheck', 'remove'].each do |recent|
it "should accept recent value #{recent}" do
@resource[:recent] = recent
- @resource[:recent].should == "--#{recent}"
+ expect(@resource[:recent]).to eql "--#{recent}"
end
end
end
describe ':gid and :uid' do
it 'should allow me to set uid' do
@resource[:uid] = 'root'
- @resource[:uid].should == 'root'
+ expect(@resource[:uid]).to eql 'root'
end
it 'should allow me to set uid as an array, and silently hide my error' do
@resource[:uid] = ['root', 'bobby']
- @resource[:uid].should == 'root'
+ expect(@resource[:uid]).to eql 'root'
end
it 'should allow me to set gid' do
@resource[:gid] = 'root'
- @resource[:gid].should == 'root'
+ expect(@resource[:gid]).to eql 'root'
end
it 'should allow me to set gid as an array, and silently hide my error' do
@resource[:gid] = ['root', 'bobby']
- @resource[:gid].should == 'root'
+ expect(@resource[:gid]).to eql 'root'
end
end
if iptables_version == '1.3.2'
it 'should allow me to set set-mark without mask' do
@resource[:set_mark] = '0x3e8'
- @resource[:set_mark].should == '0x3e8'
+ expect(@resource[:set_mark]).to eql '0x3e8'
end
it 'should convert int to hex without mask' do
@resource[:set_mark] = '1000'
- @resource[:set_mark].should == '0x3e8'
+ expect(@resource[:set_mark]).to eql '0x3e8'
end
it 'should fail if mask is present' do
- lambda { @resource[:set_mark] = '0x3e8/0xffffffff'}.should raise_error(
+ expect(lambda { @resource[:set_mark] = '0x3e8/0xffffffff'}).to raise_error(
Puppet::Error, /iptables version #{iptables_version} does not support masks on MARK rules$/
)
end
if iptables_version == '1.4.2'
it 'should allow me to set set-mark with mask' do
@resource[:set_mark] = '0x3e8/0xffffffff'
- @resource[:set_mark].should == '0x3e8/0xffffffff'
+ expect(@resource[:set_mark]).to eql '0x3e8/0xffffffff'
end
it 'should convert int to hex and add a 32 bit mask' do
@resource[:set_mark] = '1000'
- @resource[:set_mark].should == '0x3e8/0xffffffff'
+ expect(@resource[:set_mark]).to eql '0x3e8/0xffffffff'
end
it 'should add a 32 bit mask' do
@resource[:set_mark] = '0x32'
- @resource[:set_mark].should == '0x32/0xffffffff'
+ expect(@resource[:set_mark]).to eql '0x32/0xffffffff'
end
it 'should use the mask provided' do
@resource[:set_mark] = '0x32/0x4'
- @resource[:set_mark].should == '0x32/0x4'
+ expect(@resource[:set_mark]).to eql '0x32/0x4'
end
it 'should use the mask provided and convert int to hex' do
@resource[:set_mark] = '1000/0x4'
- @resource[:set_mark].should == '0x3e8/0x4'
+ expect(@resource[:set_mark]).to eql '0x3e8/0x4'
end
it 'should fail if mask value is more than 32 bits' do
- lambda { @resource[:set_mark] = '1/4294967296'}.should raise_error(
+ expect(lambda { @resource[:set_mark] = '1/4294967296'}).to raise_error(
Puppet::Error, /MARK mask must be integer or hex between 0 and 0xffffffff$/
)
end
it 'should fail if mask is malformed' do
- lambda { @resource[:set_mark] = '1000/0xq4'}.should raise_error(
+ expect(lambda { @resource[:set_mark] = '1000/0xq4'}).to raise_error(
Puppet::Error, /MARK mask must be integer or hex between 0 and 0xffffffff$/
)
end
['/', '1000/', 'pwnie'].each do |bad_mark|
it "should fail with malformed mark '#{bad_mark}'" do
- lambda { @resource[:set_mark] = bad_mark}.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:set_mark] = bad_mark}).to raise_error(Puppet::Error)
end
end
it 'should fail if mark value is more than 32 bits' do
- lambda { @resource[:set_mark] = '4294967296'}.should raise_error(
+ expect(lambda { @resource[:set_mark] = '4294967296'}).to raise_error(
Puppet::Error, /MARK value must be integer or hex between 0 and 0xffffffff$/
)
end
describe param do
it 'should autorequire fwchain when table and provider are undefined' do
@resource[param] = 'FOO'
- @resource[:table].should == :filter
- @resource[:provider].should == :iptables
+ expect(@resource[:table]).to eql :filter
+ expect(@resource[:provider]).to eql :iptables
chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4')
catalog = Puppet::Resource::Catalog.new
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.source.ref.should == chain.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql chain.ref
+ expect(rel.target.ref).to eql @resource.ref
end
it 'should autorequire fwchain when table is undefined and provider is ip6tables' do
@resource[param] = 'FOO'
- @resource[:table].should == :filter
+ expect(@resource[:table]).to eql :filter
@resource[:provider] = :ip6tables
chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv6')
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.source.ref.should == chain.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql chain.ref
+ expect(rel.target.ref).to eql @resource.ref
end
it 'should autorequire fwchain when table is raw and provider is undefined' do
@resource[param] = 'FOO'
@resource[:table] = :raw
- @resource[:provider].should == :iptables
+ expect(@resource[:provider]).to eql :iptables
chain = Puppet::Type.type(:firewallchain).new(:name => 'FOO:raw:IPv4')
catalog = Puppet::Resource::Catalog.new
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.source.ref.should == chain.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql chain.ref
+ expect(rel.target.ref).to eql @resource.ref
end
it 'should autorequire fwchain when table is raw and provider is ip6tables' do
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.source.ref.should == chain.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql chain.ref
+ expect(rel.target.ref).to eql @resource.ref
end
# test where autorequire is still needed (table != filter)
it "should autorequire fwchain #{test_chain} when table is mangle and provider is undefined" do
@resource[param] = test_chain
@resource[:table] = :mangle
- @resource[:provider].should == :iptables
+ expect(@resource[:provider]).to eql :iptables
chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:mangle:IPv4")
catalog = Puppet::Resource::Catalog.new
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.source.ref.should == chain.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql chain.ref
+ expect(rel.target.ref).to eql @resource.ref
end
it "should autorequire fwchain #{test_chain} when table is mangle and provider is ip6tables" do
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.source.ref.should == chain.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql chain.ref
+ expect(rel.target.ref).to eql @resource.ref
end
end
it "should not autorequire fwchain #{test_chain} when table and provider are undefined" do
@resource[param] = test_chain
- @resource[:table].should == :filter
- @resource[:provider].should == :iptables
+ expect(@resource[:table]).to eql :filter
+ expect(@resource[:provider]).to eql :iptables
chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:filter:IPv4")
catalog = Puppet::Resource::Catalog.new
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.should == nil
+ expect(rel).to eql nil
end
it "should not autorequire fwchain #{test_chain} when table is undefined and provider is ip6tables" do
@resource[param] = test_chain
- @resource[:table].should == :filter
+ expect(@resource[:table]).to eql :filter
@resource[:provider] = :ip6tables
chain = Puppet::Type.type(:firewallchain).new(:name => "#{test_chain}:filter:IPv6")
catalog.add_resource @resource
catalog.add_resource chain
rel = @resource.autorequire[0]
- rel.should == nil
+ expect(rel).to eql nil
end
end
end
it 'should autorequire independent fwchains' do
@resource[:chain] = 'FOO'
@resource[:jump] = 'BAR'
- @resource[:table].should == :filter
- @resource[:provider].should == :iptables
+ expect(@resource[:table]).to eql :filter
+ expect(@resource[:provider]).to eql :iptables
chain_foo = Puppet::Type.type(:firewallchain).new(:name => 'FOO:filter:IPv4')
chain_bar = Puppet::Type.type(:firewallchain).new(:name => 'BAR:filter:IPv4')
catalog.add_resource chain_foo
catalog.add_resource chain_bar
rel = @resource.autorequire
- rel[0].source.ref.should == chain_foo.ref
- rel[0].target.ref.should == @resource.ref
- rel[1].source.ref.should == chain_bar.ref
- rel[1].target.ref.should == @resource.ref
+ expect(rel[0].source.ref).to eql chain_foo.ref
+ expect(rel[0].target.ref).to eql @resource.ref
+ expect(rel[1].source.ref).to eql chain_bar.ref
+ expect(rel[1].target.ref).to eql @resource.ref
end
end
[:multicast, :broadcast, :unicast].each do |pkttype|
it "should accept pkttype value #{pkttype}" do
@resource[:pkttype] = pkttype
- @resource[:pkttype].should == pkttype
+ expect(@resource[:pkttype]).to eql pkttype
end
end
it 'should fail when the pkttype value is not recognized' do
- lambda { @resource[:pkttype] = 'not valid' }.should raise_error(Puppet::Error)
+ expect(lambda { @resource[:pkttype] = 'not valid' }).to raise_error(Puppet::Error)
end
end
[:iptables, :ip6tables].each do |provider|
it "provider #{provider} should autorequire package iptables" do
@resource[:provider] = provider
- @resource[:provider].should == provider
+ expect(@resource[:provider]).to eql provider
package = Puppet::Type.type(:package).new(:name => 'iptables')
catalog = Puppet::Resource::Catalog.new
catalog.add_resource @resource
catalog.add_resource package
rel = @resource.autorequire[0]
- rel.source.ref.should == package.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql package.ref
+ expect(rel.target.ref).to eql @resource.ref
end
it "provider #{provider} should autorequire packages iptables, iptables-persistent, and iptables-services" do
@resource[:provider] = provider
- @resource[:provider].should == provider
+ expect(@resource[:provider]).to eql provider
packages = [
Puppet::Type.type(:package).new(:name => 'iptables'),
Puppet::Type.type(:package).new(:name => 'iptables-persistent'),
catalog.add_resource package
end
packages.zip(@resource.autorequire) do |package, rel|
- rel.source.ref.should == package.ref
- rel.target.ref.should == @resource.ref
+ expect(rel.source.ref).to eql package.ref
+ expect(rel.target.ref).to eql @resource.ref
end
end
end
describe '#host_to_ip' do
subject { resource }
- specify {
+ it {
expect(Resolv).to receive(:getaddress).with('puppetlabs.com').and_return('96.126.112.51')
- subject.host_to_ip('puppetlabs.com').should == '96.126.112.51/32'
+ expect(subject.host_to_ip('puppetlabs.com')).to eql '96.126.112.51/32'
}
- specify { subject.host_to_ip('96.126.112.51').should == '96.126.112.51/32' }
- specify { subject.host_to_ip('96.126.112.51/32').should == '96.126.112.51/32' }
- specify { subject.host_to_ip('2001:db8:85a3:0:0:8a2e:370:7334').should == '2001:db8:85a3::8a2e:370:7334/128' }
- specify { subject.host_to_ip('2001:db8:1234::/48').should == '2001:db8:1234::/48' }
- specify { subject.host_to_ip('0.0.0.0/0').should == nil }
- specify { subject.host_to_ip('::/0').should == nil }
+ it { expect(subject.host_to_ip('96.126.112.51')).to eql '96.126.112.51/32' }
+ it { expect(subject.host_to_ip('96.126.112.51/32')).to eql '96.126.112.51/32' }
+ it { expect(subject.host_to_ip('2001:db8:85a3:0:0:8a2e:370:7334')).to eql '2001:db8:85a3::8a2e:370:7334/128' }
+ it { expect(subject.host_to_ip('2001:db8:1234::/48')).to eql '2001:db8:1234::/48' }
+ it { expect(subject.host_to_ip('0.0.0.0/0')).to eql nil }
+ it { expect(subject.host_to_ip('::/0')).to eql nil }
end
describe '#host_to_mask' do
subject { resource }
- specify {
+ it {
expect(Resolv).to receive(:getaddress).at_least(:once).with('puppetlabs.com').and_return('96.126.112.51')
- subject.host_to_mask('puppetlabs.com').should == '96.126.112.51/32'
- subject.host_to_mask('!puppetlabs.com').should == '! 96.126.112.51/32'
+ expect(subject.host_to_mask('puppetlabs.com')).to eql '96.126.112.51/32'
+ expect(subject.host_to_mask('!puppetlabs.com')).to eql '! 96.126.112.51/32'
}
- specify { subject.host_to_mask('96.126.112.51').should == '96.126.112.51/32' }
- specify { subject.host_to_mask('!96.126.112.51').should == '! 96.126.112.51/32' }
- specify { subject.host_to_mask('96.126.112.51/32').should == '96.126.112.51/32' }
- specify { subject.host_to_mask('! 96.126.112.51/32').should == '! 96.126.112.51/32' }
- specify { subject.host_to_mask('2001:db8:85a3:0:0:8a2e:370:7334').should == '2001:db8:85a3::8a2e:370:7334/128' }
- specify { subject.host_to_mask('!2001:db8:85a3:0:0:8a2e:370:7334').should == '! 2001:db8:85a3::8a2e:370:7334/128' }
- specify { subject.host_to_mask('2001:db8:1234::/48').should == '2001:db8:1234::/48' }
- specify { subject.host_to_mask('! 2001:db8:1234::/48').should == '! 2001:db8:1234::/48' }
- specify { subject.host_to_mask('0.0.0.0/0').should == nil }
- specify { subject.host_to_mask('!0.0.0.0/0').should == nil }
- specify { subject.host_to_mask('::/0').should == nil }
- specify { subject.host_to_mask('! ::/0').should == nil }
+ it { expect(subject.host_to_mask('96.126.112.51')).to eql '96.126.112.51/32' }
+ it { expect(subject.host_to_mask('!96.126.112.51')).to eql '! 96.126.112.51/32' }
+ it { expect(subject.host_to_mask('96.126.112.51/32')).to eql '96.126.112.51/32' }
+ it { expect(subject.host_to_mask('! 96.126.112.51/32')).to eql '! 96.126.112.51/32' }
+ it { expect(subject.host_to_mask('2001:db8:85a3:0:0:8a2e:370:7334')).to eql '2001:db8:85a3::8a2e:370:7334/128' }
+ it { expect(subject.host_to_mask('!2001:db8:85a3:0:0:8a2e:370:7334')).to eql '! 2001:db8:85a3::8a2e:370:7334/128' }
+ it { expect(subject.host_to_mask('2001:db8:1234::/48')).to eql '2001:db8:1234::/48' }
+ it { expect(subject.host_to_mask('! 2001:db8:1234::/48')).to eql '! 2001:db8:1234::/48' }
+ it { expect(subject.host_to_mask('0.0.0.0/0')).to eql nil }
+ it { expect(subject.host_to_mask('!0.0.0.0/0')).to eql nil }
+ it { expect(subject.host_to_mask('::/0')).to eql nil }
+ it { expect(subject.host_to_mask('! ::/0')).to eql nil }
end
describe '#icmp_name_to_number' do
describe 'proto IPv4' do
proto = 'inet'
subject { resource }
- specify { subject.icmp_name_to_number('echo-reply', proto).should == '0' }
- specify { subject.icmp_name_to_number('destination-unreachable', proto).should == '3' }
- specify { subject.icmp_name_to_number('source-quench', proto).should == '4' }
- specify { subject.icmp_name_to_number('redirect', proto).should == '6' }
- specify { subject.icmp_name_to_number('echo-request', proto).should == '8' }
- specify { subject.icmp_name_to_number('router-advertisement', proto).should == '9' }
- specify { subject.icmp_name_to_number('router-solicitation', proto).should == '10' }
- specify { subject.icmp_name_to_number('time-exceeded', proto).should == '11' }
- specify { subject.icmp_name_to_number('parameter-problem', proto).should == '12' }
- specify { subject.icmp_name_to_number('timestamp-request', proto).should == '13' }
- specify { subject.icmp_name_to_number('timestamp-reply', proto).should == '14' }
- specify { subject.icmp_name_to_number('address-mask-request', proto).should == '17' }
- specify { subject.icmp_name_to_number('address-mask-reply', proto).should == '18' }
+ it { expect(subject.icmp_name_to_number('echo-reply', proto)).to eql '0' }
+ it { expect(subject.icmp_name_to_number('destination-unreachable', proto)).to eql '3' }
+ it { expect(subject.icmp_name_to_number('source-quench', proto)).to eql '4' }
+ it { expect(subject.icmp_name_to_number('redirect', proto)).to eql '6' }
+ it { expect(subject.icmp_name_to_number('echo-request', proto)).to eql '8' }
+ it { expect(subject.icmp_name_to_number('router-advertisement', proto)).to eql '9' }
+ it { expect(subject.icmp_name_to_number('router-solicitation', proto)).to eql '10' }
+ it { expect(subject.icmp_name_to_number('time-exceeded', proto)).to eql '11' }
+ it { expect(subject.icmp_name_to_number('parameter-problem', proto)).to eql '12' }
+ it { expect(subject.icmp_name_to_number('timestamp-request', proto)).to eql '13' }
+ it { expect(subject.icmp_name_to_number('timestamp-reply', proto)).to eql '14' }
+ it { expect(subject.icmp_name_to_number('address-mask-request', proto)).to eql '17' }
+ it { expect(subject.icmp_name_to_number('address-mask-reply', proto)).to eql '18' }
end
describe 'proto IPv6' do
proto = 'inet6'
subject { resource }
- specify { subject.icmp_name_to_number('destination-unreachable', proto).should == '1' }
- specify { subject.icmp_name_to_number('time-exceeded', proto).should == '3' }
- specify { subject.icmp_name_to_number('parameter-problem', proto).should == '4' }
- specify { subject.icmp_name_to_number('echo-request', proto).should == '128' }
- specify { subject.icmp_name_to_number('echo-reply', proto).should == '129' }
- specify { subject.icmp_name_to_number('router-solicitation', proto).should == '133' }
- specify { subject.icmp_name_to_number('router-advertisement', proto).should == '134' }
- specify { subject.icmp_name_to_number('neighbour-solicitation', proto).should == '135' }
- specify { subject.icmp_name_to_number('neighbour-advertisement', proto).should == '136' }
- specify { subject.icmp_name_to_number('redirect', proto).should == '137' }
+ it { expect(subject.icmp_name_to_number('destination-unreachable', proto)).to eql '1' }
+ it { expect(subject.icmp_name_to_number('time-exceeded', proto)).to eql '3' }
+ it { expect(subject.icmp_name_to_number('parameter-problem', proto)).to eql '4' }
+ it { expect(subject.icmp_name_to_number('echo-request', proto)).to eql '128' }
+ it { expect(subject.icmp_name_to_number('echo-reply', proto)).to eql '129' }
+ it { expect(subject.icmp_name_to_number('router-solicitation', proto)).to eql '133' }
+ it { expect(subject.icmp_name_to_number('router-advertisement', proto)).to eql '134' }
+ it { expect(subject.icmp_name_to_number('neighbour-solicitation', proto)).to eql '135' }
+ it { expect(subject.icmp_name_to_number('neighbour-advertisement', proto)).to eql '136' }
+ it { expect(subject.icmp_name_to_number('redirect', proto)).to eql '137' }
end
end
describe '#string_to_port' do
subject { resource }
- specify { subject.string_to_port('80','tcp').should == '80' }
- specify { subject.string_to_port(80,'tcp').should == '80' }
- specify { subject.string_to_port('http','tcp').should == '80' }
- specify { subject.string_to_port('domain','udp').should == '53' }
+ it { expect(subject.string_to_port('80','tcp')).to eql '80' }
+ it { expect(subject.string_to_port(80,'tcp')).to eql '80' }
+ it { expect(subject.string_to_port('http','tcp')).to eql '80' }
+ it { expect(subject.string_to_port('domain','udp')).to eql '53' }
end
describe '#to_hex32' do
subject { resource }
- specify { subject.to_hex32('0').should == '0x0' }
- specify { subject.to_hex32('0x32').should == '0x32' }
- specify { subject.to_hex32('42').should == '0x2a' }
- specify { subject.to_hex32('4294967295').should == '0xffffffff' }
- specify { subject.to_hex32('4294967296').should == nil }
- specify { subject.to_hex32('-1').should == nil }
- specify { subject.to_hex32('bananas').should == nil }
+ it { expect(subject.to_hex32('0')).to eql '0x0' }
+ it { expect(subject.to_hex32('0x32')).to eql '0x32' }
+ it { expect(subject.to_hex32('42')).to eql '0x2a' }
+ it { expect(subject.to_hex32('4294967295')).to eql '0xffffffff' }
+ it { expect(subject.to_hex32('4294967296')).to eql nil }
+ it { expect(subject.to_hex32('-1')).to eql nil }
+ it { expect(subject.to_hex32('bananas')).to eql nil }
end
describe '#persist_iptables' do
describe 'when proto is IPv4' do
let(:proto) { 'IPv4' }
- it 'should exec /sbin/service if running RHEL 6 or earlier' do
+ it 'is expected to exec /sbin/service if running RHEL 6 or earlier' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat')
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('RedHat')
allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('6')
subject.persist_iptables(proto)
end
- it 'should exec for systemd if running RHEL 7 or greater' do
+ it 'is expected to exec for systemd if running RHEL 7 or greater' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat')
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('RedHat')
allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('7')
subject.persist_iptables(proto)
end
- it 'should exec for systemd if running Fedora 15 or greater' do
+ it 'is expected to exec for systemd if running Fedora 15 or greater' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat')
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Fedora')
allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('15')
subject.persist_iptables(proto)
end
- it 'should exec for CentOS 6 identified from operatingsystem and operatingsystemrelease' do
+ it 'is expected to exec for CentOS 6 identified from operatingsystem and operatingsystemrelease' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil)
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('CentOS')
allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('6.5')
subject.persist_iptables(proto)
end
- it 'should exec for CentOS 7 identified from operatingsystem and operatingsystemrelease' do
+ it 'is expected to exec for CentOS 7 identified from operatingsystem and operatingsystemrelease' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil)
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('CentOS')
allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('7.0.1406')
subject.persist_iptables(proto)
end
- it 'should exec for Archlinux identified from osfamily' do
+ it 'is expected to exec for Archlinux identified from osfamily' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return('Archlinux')
expect(subject).to receive(:execute).with(['/bin/sh', '-c', '/usr/sbin/iptables-save > /etc/iptables/iptables.rules'])
subject.persist_iptables(proto)
end
- it 'should raise a warning when exec fails' do
+ it 'is expected to raise a warning when exec fails' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return('RedHat')
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('RedHat')
allow(Facter.fact(:operatingsystemrelease)).to receive(:value).and_return('6')
describe 'when proto is IPv6' do
let(:proto) { 'IPv6' }
- it 'should exec for newer Ubuntu' do
+ it 'is expected to exec for newer Ubuntu' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil)
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Ubuntu')
allow(Facter.fact(:iptables_persistent_version)).to receive(:value).and_return('0.5.3ubuntu2')
subject.persist_iptables(proto)
end
- it 'should not exec for older Ubuntu which does not support IPv6' do
+ it 'is expected to not exec for older Ubuntu which does not support IPv6' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return(nil)
allow(Facter.fact(:operatingsystem)).to receive(:value).and_return('Ubuntu')
allow(Facter.fact(:iptables_persistent_version)).to receive(:value).and_return('0.0.20090701')
subject.persist_iptables(proto)
end
- it 'should not exec for Suse which is not supported' do
+ it 'is expected to not exec for Suse which is not supported' do
allow(Facter.fact(:osfamily)).to receive(:value).and_return('Suse')
expect(subject).to receive(:execute).never
subject.persist_iptables(proto)
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff