end
end
- describe 'checksum_fill' do
- context 'virbr' do
- it 'applies' do
- pp = <<-EOS
- class { '::firewall': }
- firewall { '576 - test':
- proto => udp,
- table => 'mangle',
- outiface => 'virbr0',
- chain => 'POSTROUTING',
- dport => '68',
- jump => 'CHECKSUM',
- checksum_fill => true,
- provider => iptables,
- }
- EOS
+
+ if default['platform'] !~ /el-5/ and default['platform'] !~ /ubuntu-10\.04/ and default['platform'] !~ /debian-6/ and default['platform'] !~ /sles/
+ describe 'checksum_fill' do
+ context 'virbr' do
+ it 'applies' do
+ pp = <<-EOS
+ class { '::firewall': }
+ firewall { '576 - test':
+ proto => udp,
+ table => 'mangle',
+ outiface => 'virbr0',
+ chain => 'POSTROUTING',
+ dport => '68',
+ jump => 'CHECKSUM',
+ checksum_fill => true,
+ provider => iptables,
+ }
+ EOS
- apply_manifest(pp, :catch_failures => true)
- end
+ apply_manifest(pp, :catch_failures => true)
+ end
- it 'should contain the rule' do
- shell('iptables-save -t mangle') do |r|
- expect(r.stdout).to match(/-A POSTROUTING -o virbr0 -p udp -m multiport --dports 68 -m comment --comment "576 - test" -j CHECKSUM --checksum-fill/)
+ it 'should contain the rule' do
+ shell('iptables-save -t mangle') do |r|
+ expect(r.stdout).to match(/-A POSTROUTING -o virbr0 -p udp -m multiport --dports 68 -m comment --comment "576 - test" -j CHECKSUM --checksum-fill/)
+ end
end
end
end
- end
- describe 'checksum_fill6' do
- context 'virbr' do
- it 'applies' do
- pp = <<-EOS
- class { '::firewall': }
- firewall { '576 - test':
- proto => udp,
- table => 'mangle',
- outiface => 'virbr0',
- chain => 'POSTROUTING',
- dport => '68',
- jump => 'CHECKSUM',
- checksum_fill => true,
- provider => ip6tables,
- }
- EOS
+ describe 'checksum_fill6' do
+ context 'virbr' do
+ it 'applies' do
+ pp = <<-EOS
+ class { '::firewall': }
+ firewall { '576 - test':
+ proto => udp,
+ table => 'mangle',
+ outiface => 'virbr0',
+ chain => 'POSTROUTING',
+ dport => '68',
+ jump => 'CHECKSUM',
+ checksum_fill => true,
+ provider => ip6tables,
+ }
+ EOS
- apply_manifest(pp, :catch_failures => true)
- end
+ apply_manifest(pp, :catch_failures => true)
+ end
- it 'should contain the rule' do
- shell('ip6tables-save -t mangle') do |r|
- expect(r.stdout).to match(/-A POSTROUTING -o virbr0 -p udp -m multiport --dports 68 -m comment --comment "576 - test" -j CHECKSUM --checksum-fill/)
+ it 'should contain the rule' do
+ shell('ip6tables-save -t mangle') do |r|
+ expect(r.stdout).to match(/-A POSTROUTING -o virbr0 -p udp -m multiport --dports 68 -m comment --comment "576 - test" -j CHECKSUM --checksum-fill/)
+ end
end
end
end
+++ /dev/null
-require 'spec_helper_acceptance'
-
-describe 'firewall on RHEL7', :unless => (UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) || !is_rhel7( !is_rhel7( fact('osfamily'), fact('operatingsystem'), fact('operatingsystemrelease') ) ) do
- before :all do
- iptables_flush_all_tables
- end
-
- it 'should run successfully' do
- pp = "
- class { 'firewall':
- remove_firewalld => true,
- }
- ->
- resources { 'firewall':
- purge => true,
- }
- ->
- firewall { '555 - test':
- proto => tcp,
- port => '555',
- action => accept,
- }
- "
-
- # Run it twice and test for idempotency
- apply_manifest(pp, :catch_failures => true, :debug => true)
- expect(apply_manifest(pp, :catch_failures => true, :debug => true).exit_code).to be_zero
- end
-
-end
Code Review / puppet-modules / puppetlabs-firewall.git / commitdiff