From: Hunter Haugen Date: Mon, 17 Aug 2015 22:22:04 +0000 (-0700) Subject: Deprecate port parameter X-Git-Tag: 1.7.1~1^2 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=4f2df97faab93e530ff5a4d99afa3d9d16a246cd;p=puppet-modules%2Fpuppetlabs-firewall.git Deprecate port parameter I couldn't find any valid use case for port, and if any valid case did exist then sport+dport could be used. --- diff --git a/README.markdown b/README.markdown index efba70b..f2b46a0 100644 --- a/README.markdown +++ b/README.markdown @@ -621,7 +621,7 @@ firewall { '999 this runs last': * `pkttype`: Sets the packet type to match. Valid values are: 'unicast', 'broadcast', and'multicast'. Requires the `pkttype` feature. -* `port`: The destination or source port to match for this filter (if the protocol supports ports). Will accept a single element or an array. For some firewall providers you can pass a range of ports in the format: 'start number-end number'. For example, '1-1024' would cover ports 1 to 1024. +* `port`: *DEPRECATED* The destination or source port to match for this filter (if the protocol supports ports). Will accept a single element or an array. For some firewall providers you can pass a range of ports in the format: 'start number-end number'. For example, '1-1024' would cover ports 1 to 1024. * `proto`: The specific protocol to match for this rule. This is 'tcp' by default. Valid values are: * 'tcp' diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb index 1ae9d39..2505655 100644 --- a/lib/puppet/type/firewall.rb +++ b/lib/puppet/type/firewall.rb @@ -272,6 +272,8 @@ Puppet::Type.newtype(:firewall) do newproperty(:port, :array_matching => :all) do desc <<-EOS + DEPRECATED + The destination or source port to match for this filter (if the protocol supports ports). Will accept a single element or an array. @@ -286,6 +288,10 @@ Puppet::Type.newtype(:firewall) do This would cover ports 1 to 1024. EOS + validate do |value| + Puppet.warning("port is deprecated and will be removed. Use dport and/or sport instead.") + end + munge do |value| @resource.string_to_port(value, :proto) end diff --git a/spec/fixtures/iptables/conversion_hash.rb b/spec/fixtures/iptables/conversion_hash.rb index d6db278..ac9ba9a 100644 --- a/spec/fixtures/iptables/conversion_hash.rb +++ b/spec/fixtures/iptables/conversion_hash.rb @@ -775,14 +775,6 @@ HASH_TO_ARGS = { }, :args => ['-t', :filter, '-p', :tcp, '-m', 'comment', '--comment', '000 allow symbols ( $+<=>^`|~ ) in ruby >= 1.9'], }, - 'port_property' => { - :params => { - :name => '001 port property', - :table => 'filter', - :port => '80', - }, - :args => ['-t', :filter, '-p', :tcp, '-m', 'multiport', '--ports', '80', '-m', 'comment', '--comment', '001 port property'], - }, 'log_level_debug' => { :params => { :name => '956 INPUT log-level', diff --git a/spec/unit/puppet/type/firewall_spec.rb b/spec/unit/puppet/type/firewall_spec.rb index 8107e1e..ce0b4a2 100755 --- a/spec/unit/puppet/type/firewall_spec.rb +++ b/spec/unit/puppet/type/firewall_spec.rb @@ -181,6 +181,13 @@ describe firewall do end end + describe 'port deprecated' do + it "raises a warning" do + expect(Puppet).to receive(:warning).with /port is deprecated/ + @resource[:port] = "22" + end + end + [:dst_type, :src_type].each do |addrtype| describe addrtype do it "should have no default" do