require => Package['iptables'],
}
}
+ 'Gentoo': {
+ class { "${title}::gentoo":
+ ensure => $ensure,
+ enable => $enable,
+ package_name => $package_name,
+ service_name => $service_name,
+ require => Package['iptables'],
+ }
+ }
default: {}
}
}
--- /dev/null
+# = Class: firewall::linux::gentoo
+#
+# Manages `iptables` and `ip6tables` services, and creates files used for
+# persistence, on Arch Linux systems.
+#
+# == Parameters:
+#
+# [*ensure*]
+# Ensure parameter passed onto Service[] resources.
+# Default: running
+#
+# [*enable*]
+# Enable parameter passed onto Service[] resources.
+# Default: true
+#
+class firewall::linux::gentoo (
+ $ensure = 'running',
+ $enable = true,
+ $service_name = $::firewall::params::service_name,
+ $package_name = $::firewall::params::package_name,
+) inherits ::firewall::params {
+ if $package_name {
+ package { $package_name:
+ ensure => present,
+ }
+ }
+
+ service { $service_name:
+ ensure => $ensure,
+ enable => $enable,
+ hasstatus => true,
+ }
+
+ file { '/var/lib/iptables/rules-save':
+ ensure => present,
+ before => Service[$service_name],
+ }
+
+ file { '/var/lib/iptables/rules-save6':
+ ensure => present,
+ before => Service[$service_name],
+ }
+}
}
}
}
+ 'Gentoo': {
+ $service_name = ['iptables','ip6tables']
+ $package_name = 'net-firewall/iptables'
+ }
default: {
$package_name = undef
$service_name = 'iptables'
"name": "puppetlabs-firewall",
"version": "1.4.0",
"author": "Puppet Labs",
- "summary": "Manages Firewalls such as iptable",
+ "summary": "Manages Firewalls such as iptables",
"license": "Apache-2.0",
"source": "https://github.com/puppetlabs/puppetlabs-firewall",
"project_page": "http://github.com/puppetlabs/puppetlabs-firewall",
"12.04",
"14.04"
]
+ },
+ {
+ "operatingsystem": "Gentoo",
+ "operatingsystemrelease": [
+ "1.0"
+ ]
}
],
"requirements": [
}
],
"dependencies": [
-
+
]
}
--- /dev/null
+require 'spec_helper'
+
+describe 'firewall::linux::gentoo', :type => :class do
+ let(:facts) do
+ {
+ :osfamily => 'Gentoo',
+ :operatingsystem => 'Gentoo'
+ }
+ end
+ it { should contain_service('iptables').with(
+ :ensure => 'running',
+ :enable => 'true'
+ )}
+ it { should contain_service('ip6tables').with(
+ :ensure => 'running',
+ :enable => 'true'
+ )}
+ it { should contain_package('net-firewall/iptables').with(
+ :ensure => 'present'
+ )}
+
+ context 'ensure => stopped' do
+ let(:params) {{ :ensure => 'stopped' }}
+ it { should contain_service('iptables').with(
+ :ensure => 'stopped'
+ )}
+ it { should contain_service('ip6tables').with(
+ :ensure => 'stopped'
+ )}
+ end
+
+ context 'enable => false' do
+ let(:params) {{ :enable => 'false' }}
+ it { should contain_service('iptables').with(
+ :enable => 'false'
+ )}
+ it { should contain_service('ip6tables').with(
+ :enable => 'false'
+ )}
+ end
+end
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff