]> review.fuel-infra Code Review - puppet-modules/puppetlabs-firewall.git/commitdiff
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 89e8471)
Support --sport/--dport on ip6tables
authorGustavo Lopes <glopes@nebm.ist.utl.pt>
Fri, 26 Sep 2014 13:41:09 +0000 (15:41 +0200)
committerMorgan Haskel <morgan@puppetlabs.com>
Mon, 29 Dec 2014 19:37:31 +0000 (11:37 -0800)
lib/puppet/provider/firewall/ip6tables.rb patch | blob | history
spec/fixtures/ip6tables/conversion_hash.rb patch | blob | history

diff --git a/lib/puppet/provider/firewall/ip6tables.rb b/lib/puppet/provider/firewall/ip6tables.rb
index e517519d46dea4d7f4a20418b37998ad5000c7c0..d58b86d9442443a23c56dadbf5680159aa4d9e4b 100644 (file)
--- a/lib/puppet/provider/firewall/ip6tables.rb
+++ b/lib/puppet/provider/firewall/ip6tables.rb
@@ -54,7 +54,7 @@ Puppet::Type.type(:firewall).provide :ip6tables, :parent => :iptables, :source =
     :connmark         => "-m connmark --mark",
     :ctstate          => "-m conntrack --ctstate",
     :destination      => "-d",
-    :dport            => "-m multiport --dports",
+    :dport            => ["-m multiport --dports", "--dport"],
     :gid              => "-m owner --gid-owner",
     :hop_limit        => "-m hl --hl-eq",
     :icmp             => "-m icmp6 --icmpv6-type",
@@ -81,7 +81,7 @@ Puppet::Type.type(:firewall).provide :ip6tables, :parent => :iptables, :source =
     :rsource          => "--rsource",
     :rttl             => "--rttl",
     :source           => "-s",
-    :sport            => "-m multiport --sports",
+    :sport            => ["-m multiport --sports", "--sport"],
     :stat_every       => '--every',
     :stat_mode        => "-m statistic --mode",
     :stat_packet      => '--packet',
diff --git a/spec/fixtures/ip6tables/conversion_hash.rb b/spec/fixtures/ip6tables/conversion_hash.rb
index 7c507d78bdf1ce3e7b2306b097cec8f07dbb9865..d7523787f7577851e31da27bf7e65ff84cb496aa 100644 (file)
--- a/spec/fixtures/ip6tables/conversion_hash.rb
+++ b/spec/fixtures/ip6tables/conversion_hash.rb
@@ -24,6 +24,16 @@ ARGS_TO_HASH6 = {
       :destination => '2001:db8:4321::/48',
     },
   },
+  'udp_source_port_and_destination_port' => {
+    :line => '-A ufw6-before-input -s fe80::/10 -d fe80::/10 -p udp -m udp --sport 547 --dport 546 -j ACCEPT',
+    :table => 'filter',
+    :provider => 'ip6tables',
+    :params => {
+      :proto => 'udp',
+      :sport => ['547'],
+      :dport => ['546'],
+    },
+  }
 }
 
 # This hash is for testing converting a hash to an argument line.