add tests for remaining params

diff --git a/spec/type/iptables_type_spec.rb b/spec/type/iptables_type_spec.rb
index 665c87bdd2c7322653e9d1cebcceac9c4ea84aba..a76a358a20d6e49a68cc8d1fa51bef4a472a62d1 100644 (file)
--- a/spec/type/iptables_type_spec.rb
+++ b/spec/type/iptables_type_spec.rb
@@ -72,8 +72,8 @@ describe Puppet::Type.type(:firewall) do
     end
   end
 
-  describe ':source/:destination' do
-    [:source, :destination].each do |addr|
+  [:source, :destination].each do |addr|
+    describe addr do
       it "should accept a #{addr} as a string" do
         @resource[addr] = '127.0.0.1'
         @resource[addr].should == ['127.0.0.1']
@@ -86,8 +86,8 @@ describe Puppet::Type.type(:firewall) do
     end
   end
 
-  describe ':dport/:sport' do
-    [:dport, :sport].each do |port|
+  [:dport, :sport].each do |port|
+    describe port do
       it "should accept a #{port} as string" do
         @resource[port] = '22'
         @resource[port].should == [22]
@@ -97,6 +97,78 @@ describe Puppet::Type.type(:firewall) do
         @resource[port] = ['22','23']
         @resource[port].should == [22,23]
       end
+      
+      it "should fail if more that 15 #{port}s are specified" do
+        lambda { @resource[port] = ['1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '11', '12', '13', '14', '15', '16', '17'] }.should raise_error(Puppet::Error)
+      end
+    end
+  end
+
+  [:iniface, :outiface].each do |iface|
+    describe iface do
+      it "should accept #{iface} value as a string" do
+        @resource[iface] = 'eth1'
+        @resource[iface].should == 'eth1'
+      end
+    end
+  end
+
+  [:tosource, :todest].each do |addr|
+    describe addr do
+      it "should accept #{addr} value as a string" do
+        @resource[addr] = '127.0.0.1'
+      end
+    end
+  end
+
+  describe ':icmp' do
+    values = {
+      '0' => 'echo-reply',
+      '3' => 'destination-unreachable',
+      '4' => 'source-quench',
+      '6' => 'redirect',
+      '8' => 'echo-request',
+      '9' => 'router-advertisement',
+      '10' => 'router-solicitation',
+      '11' => 'time-exceeded',
+      '12' => 'parameter-problem',
+      '13' => 'timestamp-request',
+      '14' => 'timestamp-reply',
+      '17' => 'address-mask-request',
+      '18' => 'address-mask-reply'
+    }
+    values.each do |k,v|
+      it 'should convert icmp string to number' do
+        @resource[:icmp] = v
+        @resource[:icmp].should == k
+      end
+    end
+
+    it 'should fail if icmp type is not recognized' do
+      lambda { @resource[:icmp] = 'foo' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  describe ':state' do
+    it 'should accept value as a string' do
+      @resource[:state] = 'INVALID'
+      @resource[:state].should == ['INVALID']
+    end
+
+    it 'should accept value as an array' do
+      @resource[:state] = ['INVALID', 'NEW']
+      @resource[:state].should == ['INVALID', 'NEW']
+    end
+  end
+
+  describe ':burst' do
+    it 'should accept numeric values' do
+      @resource[:burst] = 12
+      @resource[:burst].should == 12
+    end
+
+    it 'should fail if value is not numeric' do
+      lambda { @resource[:burst] = 'foo' }.should raise_error(Puppet::Error)
     end
   end
 end

diff --git a/~ b/~
new file mode 100644 (file)
index 0000000..cf0993e
--- /dev/null
+++ b/~
@@ -0,0 +1,163 @@
+require 'spec_helper'
+
+describe Puppet::Type.type(:firewall) do
+  before :each do
+    @resource = Puppet::Type.type(:firewall).new({
+      :name => 'new_resource',
+      :chain => 'INPUT',
+      :jump => 'ACCEPT'
+    })
+  end
+
+  describe ':name' do
+    it 'should accept a name' do
+      @resource[:name] = '000-test-foo'
+      @resource[:name].should == '000-test-foo'
+    end
+
+    it 'should not accept a name with non-ASCII chars' do
+      lambda { @resource[:name] = '%*#^(#$' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  describe ':chain' do
+    [:INPUT, :FORWARD, :OUTPUT, :PREROUTING, :POSTROUTING].each do |chain|
+      it "should accept chain value #{chain}" do
+        @resource[:chain] = chain
+        @resource[:chain].should == chain
+      end
+    end
+
+    it 'should fail when the chain value is not recognized' do
+      lambda { @resource[:chain] = 'foo' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  describe ':table' do
+    [:nat, :mangle, :filter, :raw].each do |table|
+      it "should accept table value #{table}" do
+        @resource[:table] = table
+        @resource[:table].should == table
+      end
+    end
+
+    it "should fail when table value is not recognized" do
+      lambda { @resource[:table] = 'foo' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  describe ':proto' do
+    [:tcp, :udp, :icmp, :esp, :ah, :vrrp, :igmp, :all].each do |proto|
+      it "should accept proto value #{proto}" do
+        @resource[:proto] = proto
+        @resource[:proto].should == proto
+      end
+    end
+
+    it "should fail when proto value is not recognized" do
+      lambda { @resource[:proto] = 'foo' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  describe ':jump' do
+    [:ACCEPT, :DROP, :QUEUE, :RETURN, :REJECT, :DNAT, :SNAT, :LOG, :MASQUERADE, :REDIRECT].each do |jump|
+      it "should accept jump value #{jump}" do
+        @resource[:jump] = jump
+        @resource[:jump].should == jump
+      end
+    end
+
+    it "should fail when jump value is not recognized" do
+      lambda { @resource[:proto] = 'jump' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  [:source, :destination].each do |addr|
+    describe addr do
+      it "should accept a #{addr} as a string" do
+        @resource[addr] = '127.0.0.1'
+        @resource[addr].should == ['127.0.0.1']
+      end
+
+      it "should accept a #{addr} as an array" do
+        @resource[addr] = ['127.0.0.1', '4.2.2.2']
+        @resource[addr].should == ['127.0.0.1', '4.2.2.2']
+      end
+    end
+  end
+
+  [:dport, :sport].each do |port|
+    describe port do
+      it "should accept a #{port} as string" do
+        @resource[port] = '22'
+        @resource[port].should == [22]
+      end
+
+      it "should accept a #{port} as an array" do
+        @resource[port] = ['22','23']
+        @resource[port].should == [22,23]
+      end
+      
+      it "should fail if more that 15 #{port}s are specified" do
+        lambda { @resource[port] = ['1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '11', '12', '13', '14', '15', '16', '17'] }.should raise_error(Puppet::Error)
+      end
+    end
+  end
+
+  [:iniface, :outiface].each do |iface|
+    describe iface do
+      it "should accept #{iface} value as a string" do
+        @resource[iface] = 'eth1'
+        @resource[iface].should == 'eth1'
+      end
+    end
+  end
+
+  [:tosource, :todest].each do |addr|
+    describe addr do
+      it "should accept #{addr} value as a string" do
+        @resource[addr] = '127.0.0.1'
+      end
+    end
+  end
+
+  describe ':icmp' do
+    values = {
+      '0' => 'echo-reply',
+      '3' => 'destination-unreachable',
+      '4' => 'source-quench',
+      '6' => 'redirect',
+      '8' => 'echo-request',
+      '9' => 'router-advertisement',
+      '10' => 'router-solicitation',
+      '11' => 'time-exceeded',
+      '12' => 'parameter-problem',
+      '13' => 'timestamp-request',
+      '14' => 'timestamp-reply',
+      '17' => 'address-mask-request',
+      '18' => 'address-mask-reply'
+    }
+    values.each do |k,v|
+      it 'should convert icmp string to number' do
+        @resource[:icmp] = v
+        @resource[:icmp].should == k
+      end
+    end
+
+    if 'should fail if icmp type is not recognized' do
+      lambda { @resource[:icmp] = 'foo' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  describe ':state' do
+    it 'should accept value as a string' do
+      @resource[:state] = 'INVALID'
+      @resource[:state].should == ['INVALID']
+    end
+
+    it 'should accept value as an array' do
+      @resource[:state] = ['INVALID', 'NEW']
+      @resource[:state].should == ['INVALID', 'NEW']
+    end
+  end
+end